From a5b171726f9a0e123bb05aad175e3b493aebba68 Mon Sep 17 00:00:00 2001 From: Diogo Castro Date: Thu, 23 Feb 2023 10:18:22 +0100 Subject: [PATCH] Only use access token if not public token So that we do not become the user in public links, which would generate wrong requests when a user is logged in. Reported in #8486 --- packages/web-pkg/src/composables/authContext/useRequest.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/web-pkg/src/composables/authContext/useRequest.ts b/packages/web-pkg/src/composables/authContext/useRequest.ts index 77c27318592..4a98685dd80 100644 --- a/packages/web-pkg/src/composables/authContext/useRequest.ts +++ b/packages/web-pkg/src/composables/authContext/useRequest.ts @@ -33,7 +33,7 @@ export function useRequest(options: RequestOptions = {}): RequestResult { config: AxiosRequestConfig = {} ): Promise => { let httpClient - if (unref(accessToken)) { + if (!unref(publicToken) && unref(accessToken)) { httpClient = clientService.httpAuthenticated(unref(accessToken)) } else { httpClient = clientService.httpUnAuthenticated