I have an ember-cli application based on token authentication which works just fine until I hit the page refresh.
For example, logging in and going to the /products page shows me the list of products. I can logout and login again as the same or different persons and the /products page can be viewed as usual.
However, I refresh the page and all is lost.
On closer inspection of the logging, I can see that the authorization header bearer token is not being sent so I receive a 401 not authorized.
Also, the whole session init phase during which the token etc. is setup takes place after the route handling process, the reason it doesn’t know about sessions yet.
What am I doing wrong? What is the best practice for initializing the session-handling stuff before anything else happens?
As long as I remain well-behaved and stay within the ember handling state transitions all’s well, go outside and boom.
This goes against the whole idea of universal urls where sending someone a link should allow the person to view it.
Thanks alot in advance.