Question

Global middleware invoked when accessing API endpoints

We’ve implemented authentication in a global middleware file named “init.js”. It’s quite simple: it first checks to see if a specific cookie has been created; if not, it sends the user to a SAML IdP server for authentication. Once authenticated, the IdP does an HTTP POST back to an endpoint on our application. The issue is that, for anything but localhost, invoking an API causes the middleware to fire and we get stuck in this loop between our app and the IdP. For example, if you call invoke our Nuxt app’s API from Postman on localhost, the middleware doesn’t fire but if you invoke it using the URL it does, which causes the issue.

Suggestions? Did we implement it incorrectly?


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer