Description:
When users aren't authenticated, API methods in EmbeddedChatApi.ts send the literal string "undefined" in auth headers instead of empty values. This happens because of unsafe destructuring: (await this.auth.getCurrentUser()) || {} returns an empty object when the user is null, causing userId and authToken to be undefined.
Steps to reproduce:
- Call any API method when user is not logged in
- Check the HTTP request headers
- See
X-Auth-Token: "undefined" and X-User-Id: "undefined" (literal strings)
Expected behavior:
Auth headers should contain empty strings "" when user is not authenticated, not the literal string "undefined".
Actual behavior:
37 API methods send "undefined" as header values due to the unsafe pattern || {}. Headers.set() converts JavaScript undefined to the string "undefined".
Description:
When users aren't authenticated, API methods in
EmbeddedChatApi.tssend the literal string"undefined"in auth headers instead of empty values. This happens because of unsafe destructuring:(await this.auth.getCurrentUser()) || {}returns an empty object when the user is null, causinguserIdandauthTokento beundefined.Steps to reproduce:
X-Auth-Token: "undefined"andX-User-Id: "undefined"(literal strings)Expected behavior:
Auth headers should contain empty strings
""when user is not authenticated, not the literal string"undefined".Actual behavior:
37 API methods send
"undefined"as header values due to the unsafe pattern|| {}. Headers.set() converts JavaScriptundefinedto the string"undefined".