Missing authorization header with @hoodie/client dependency

[sdvg]

I found this mysterious issue: When I have both hoodie and @hoodie/client in my package.json, all PouchDB API requests lack the authorization header and fail with a 401 Unauthorized response.

I built a simple test case for that. Steps to reproduce:

git clone https://github.com/sdvg/hoodie-authhe-bug.git
cd hoodie-authhe-bug/
npm install
npm start -- --in-memory

Then open a browser tab with http://localhost:8080/ and open the console. You should see something like:

Signed up!
Signed in!
GET http://localhost:8080/hoodie/store/api/user%2F1aaxotp/ 401 (Unauthorized)
GET http://localhost:8080/hoodie/store/api/user%2F1aaxotp/ 401 (Unauthorized)
GET http://localhost:8080/hoodie/store/api/user%2F1aaxotp/ 401 (Unauthorized)
[...]

When you inspect one of the failing requests you should see that there is no "authorization" request header.

[gr2m]

I was able to reproduce the error, looking into it

[gr2m]

Notes to self:

• looks like the new ajax.headers getter is not executed, which was recently introduced here:
  hoodiehq/hoodie-client@6c7b931#diff-e4208702c8e33245e2fe39ecc5e37004R32
• latest hoodie depends on @hoodie/client@^7.0.0, not @^8.0.0:

  hoodie/package.json

  Line 16 in 83c4dc3

  "@hoodie/client": "^7.0.0",

  . When changing the version to ^7.0.0 in the package.json then things work as expected

[gr2m]

Unrelated to this issue, I found another bug: hoodiehq/hoodie-server#524 :)

[gr2m]

okay seems like this is the problem: pouchdb/pouchdb#6053. I’ll fix it in @hoodie/store-client

[gr2m]

@sdvg should be fixed via https://github.com/hoodiehq/hoodie-client/releases/tag/v8.0.1 and https://github.com/hoodiehq/hoodie-store-client/releases/tag/v6.0.2. rm -rf node_modules && npm install should fix it for your case

[sdvg]

Yes, that fixed it 🎉
Thank you!