fix(navbar): recognize authenticated users with active sessions#1113
Draft
Copilot wants to merge 1 commit into
Draft
fix(navbar): recognize authenticated users with active sessions#1113Copilot wants to merge 1 commit into
Copilot wants to merge 1 commit into
Conversation
…de in fetch Previously, the checkUserAuth function would bail out immediately when the provider_token cookie was not available on the docs subdomain. This meant users who were authenticated on cloud.layer5.io were not recognized on docs.layer5.io, particularly in browsers like Safari with strict cookie policies. The fix adds credentials: 'include' to the fetch request so the browser sends cloud.layer5.io's session cookies with the API call, and removes the early bailout when the local cookie is missing. Fixes #1112
Copilot created this pull request from a session on behalf of
fitzergerald
June 22, 2026 15:45
View session
Contributor
|
🚀 Preview deployment: https://docs.layer5.io/pr-preview/pr-1113/
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Authenticated users on
cloud.layer5.iowere not recognized ondocs.layer5.iobecausecheckUserAuthbailed out before making the API call when theprovider_tokencookie wasn't present on the docs subdomain. Safari and other browsers with strict cookie isolation are particularly affected.Changes:
throwwhenprovider_tokencookie is absent — the function now always attempts the API callcredentials: 'include'to the fetch so the browser sendscloud.layer5.iosession cookies cross-originNote: This requires the
cloud.layer5.ioAPI to respond with appropriateAccess-Control-Allow-Credentials: trueandAccess-Control-Allow-Originheaders fordocs.layer5.io. If CORS isn't already configured for credentialed requests, a corresponding server-side change will be needed.