Join 1M+ other developers and:
- Get help and share knowledge in Q&A
- Subscribe to topics of interest
- Get courses & tools that help you grow as a developer or small business owner
Global middleware invoked when accessing API endpoints
We’ve implemented authentication in a global middleware file named “init.js”. It’s quite simple: it first checks to see if a specific cookie has been created; if not, it sends the user to a SAML IdP server for authentication. Once authenticated, the IdP does an HTTP POST back to an endpoint on our application. The issue is that, for anything but localhost, invoking an API causes the middleware to fire and we get stuck in this loop between our app and the IdP. For example, if you call invoke our Nuxt app’s API from Postman on localhost, the middleware doesn’t fire but if you invoke it using the URL it does, which causes the issue.
Suggestions? Did we implement it incorrectly?