bug: OPTIONS Hitting Authentication #40
Description
The logs have all these "Bearer was not authenticated. Failure message: No token" messages. Some of these are a result of the HTTP OPTIONS being sent to the server for CORS. We really don't want CORS getting auth checked.
This usually happens because either:
- Two components in the DI are incompatible and one is trampling on another.
- The DI are in the wrong order (calling UseCors too early or too late)
Not sure its even solvable and it doesn't hurt anything, currently.