From bc7898d015557182cc42cdffcd70bfcfc47e0785 Mon Sep 17 00:00:00 2001
From: Gautam Singh <5769869+gautamsi@users.noreply.github.com>
Date: Sat, 7 Aug 2021 21:12:35 +0530
Subject: [PATCH 1/3] enable bearer token in stateless session

---
 packages/keystone/src/session/index.ts | 9 +++++----
 tests/api-tests/auth-header.test.ts    | 2 +-
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/packages/keystone/src/session/index.ts b/packages/keystone/src/session/index.ts
index 3f16ecd60f2..9843ebe8c9b 100644
--- a/packages/keystone/src/session/index.ts
+++ b/packages/keystone/src/session/index.ts
@@ -87,11 +87,12 @@ export function statelessSessions<T>({
   }
   return {
     async get({ req }) {
-      if (!req.headers.cookie) return;
-      let cookies = cookie.parse(req.headers.cookie);
-      if (!cookies[TOKEN_NAME]) return;
+      const cookies = cookie.parse(req.headers.cookie || '');
+      const bearer = req.headers.authorization?.replace('Bearer ', '');
+      const token = bearer || cookies[TOKEN_NAME];
+      if (!token) return;
       try {
-        return await Iron.unseal(cookies[TOKEN_NAME], secret, ironOptions);
+        return await Iron.unseal(token, secret, ironOptions);
       } catch (err) {}
     },
     async end({ res }) {
diff --git a/tests/api-tests/auth-header.test.ts b/tests/api-tests/auth-header.test.ts
index c64eeda9a61..373311e51be 100644
--- a/tests/api-tests/auth-header.test.ts
+++ b/tests/api-tests/auth-header.test.ts
@@ -119,7 +119,7 @@ describe('Auth testing', () => {
 
   describe('logged in', () => {
     // eslint-disable-next-line jest/no-disabled-tests
-    test.skip(
+    test(
       'Allows access with bearer token',
       runner(async ({ context, graphQLRequest }) => {
         for (const [listKey, data] of Object.entries(initialData)) {

From 26c93b1292004084524c294d21e34bd6d17fda78 Mon Sep 17 00:00:00 2001
From: Gautam Singh <5769869+gautamsi@users.noreply.github.com>
Date: Sat, 7 Aug 2021 21:13:31 +0530
Subject: [PATCH 2/3] add changeset

---
 .changeset/four-turkeys-hide.md | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 .changeset/four-turkeys-hide.md

diff --git a/.changeset/four-turkeys-hide.md b/.changeset/four-turkeys-hide.md
new file mode 100644
index 00000000000..5dab9b7e327
--- /dev/null
+++ b/.changeset/four-turkeys-hide.md
@@ -0,0 +1,6 @@
+---
+'@keystone-next/keystone': minor
+'@keystone-next/api-tests-legacy': minor
+---
+
+Added option for `Bearer` token auth when using session.

From 65811aa1aaf8e24fad085b2b3ff15f5aaca5449a Mon Sep 17 00:00:00 2001
From: Tim Leslie <tim.leslie@gmail.com>
Date: Mon, 9 Aug 2021 10:58:52 +1000
Subject: [PATCH 3/3] Update tests/api-tests/auth-header.test.ts

---
 tests/api-tests/auth-header.test.ts | 1 -
 1 file changed, 1 deletion(-)

diff --git a/tests/api-tests/auth-header.test.ts b/tests/api-tests/auth-header.test.ts
index 373311e51be..13c4e9f1a6c 100644
--- a/tests/api-tests/auth-header.test.ts
+++ b/tests/api-tests/auth-header.test.ts
@@ -118,7 +118,6 @@ describe('Auth testing', () => {
   });
 
   describe('logged in', () => {
-    // eslint-disable-next-line jest/no-disabled-tests
     test(
       'Allows access with bearer token',
       runner(async ({ context, graphQLRequest }) => {