Why do i keep getting 401 Unauthorized error when trying to check if customer exist?

[ElGranTorino]

Hey! I was trying to get on with Store API and faced a problem with authentication system. When i'm trying to create a new customer and login, everything goes fine i get response with status 200 and my customer JSON. But when after that i'm trying to check if this customer is authenticated it gives me 401 error. The code is as simple as possible:

And in the same time i am able to access, for example, /store/customers/me/orders. endpoint I guess it means that i am authenticated isn't it?

So is that some kind of a bug or it's just because of my both left hands?

[pKorsholm]

Hi @The-Solomon

Thanks for reporting the issue 😄 it's a bug and not your configuration that's wrong

This was an issue caused by the wrong auth-middleware was used and the issue has been addressed in a recent pr. The fix will be released with the next update. Here's the PR for the fix: #2687

For now you should be able to use GET /store/customers/me for the same functionality.

[ElGranTorino]

Oh, i have no idea how i didn't notice that.

Thanks for reporting the issue

You're welcome 😂

[KareemAbbas1]

@pKorsholm
Is the bug fixed yet? I'm still getting the same error when I try to retrieve or update an authenticated user whether through the JavaScript client(client.customers.retrieve()) or through fetch API by sending requests to the endpoint "/store/customers/me". Both methods return a 401 unauthorized response despite the user being logged in and authenticated. During debugging, I checked the response headers returned with the 401 response and I found next to the "Set-Coolie" header an alert with the following:
This set-cookie header didn't specify a "SameSite" attribute and was defaulted to "SameSite=Lax" and was blocked because it came from a cross-site response which was not the response to a top-level navigation. The Set-Cookie had to have been set with "SameSite=None" to enable cross-site usage.
Could this be related by any means? If this is what's causing the issue, how do I set it the right way or where do I specify the "SameSite=None"?