From 7d4d3d977b7e32150fc4c00c60cd83d7f507f5fc Mon Sep 17 00:00:00 2001
From: Daniel Klabbers <daniel+git@klabbers.email>
Date: Tue, 13 Jul 2021 00:32:13 +0200
Subject: [PATCH] fixes internal clients use of session

With remember from cookie, in certain edge cases, the middleware would
try to load a session which hasn't been instantiated as this middleware
is excluded for the client. Excluding the remember from cookie
middleware will resolve this as authentication is done using the
RequestUtil and ActorReference regardlessly.
---
 src/Api/ApiServiceProvider.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/Api/ApiServiceProvider.php b/src/Api/ApiServiceProvider.php
index e95766cfb..15e4169c3 100644
--- a/src/Api/ApiServiceProvider.php
+++ b/src/Api/ApiServiceProvider.php
@@ -111,7 +111,8 @@ class ApiServiceProvider extends AbstractServiceProvider
                 HttpMiddleware\StartSession::class,
                 HttpMiddleware\AuthenticateWithSession::class,
                 HttpMiddleware\AuthenticateWithHeader::class,
-                HttpMiddleware\CheckCsrfToken::class
+                HttpMiddleware\CheckCsrfToken::class,
+                HttpMiddleware\RememberFromCookie::class,
             ];
         });