From 4420cc1056415e5cebb2fc7e172f97f97338313e Mon Sep 17 00:00:00 2001
From: Matheus-Aguilar <matheus.aguilar@vtex.com>
Date: Wed, 29 May 2024 13:57:21 -0300
Subject: [PATCH] fix: provide correct tokens to clients

---
 CHANGELOG.md          |  4 ++++
 node/clients/index.ts | 19 +++++++++++++------
 2 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5db040d..9b49772 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Fixed
+
+- Provide correct tokens to clients
+
 ## [2.5.2] - 2024-02-05
 
 ### Fixed
diff --git a/node/clients/index.ts b/node/clients/index.ts
index 1414160..2fc6d8a 100644
--- a/node/clients/index.ts
+++ b/node/clients/index.ts
@@ -13,16 +13,23 @@ import StorefrontPermissions from './storefrontPermissions'
 import VtexId from './vtexId'
 
 export const getTokenToHeader = (ctx: IOContext) => {
-  const token =
-    ctx.storeUserAuthToken ?? ctx.adminUserAuthToken ?? ctx.authToken
+  const adminToken = ctx.adminUserAuthToken ?? ctx.authToken
+  const userToken = ctx.storeUserAuthToken ?? null
+  const { sessionToken, account } = ctx
 
-  const { sessionToken } = ctx
+  let allCookies = `VtexIdclientAutCookie=${adminToken}`
+
+  if (userToken) {
+    allCookies += `; VtexIdclientAutCookie_${account}=${userToken}`
+  }
 
   return {
     'x-vtex-credential': ctx.authToken,
-    VtexIdclientAutCookie: token,
-    cookie: `VtexIdclientAutCookie=${token}`,
-    'x-vtex-session': sessionToken,
+    VtexIdclientAutCookie: adminToken,
+    cookie: allCookies,
+    ...(sessionToken && {
+      'x-vtex-session': sessionToken,
+    }),
   }
 }