From cba02febf256d04f65834ac7324b459b79771255 Mon Sep 17 00:00:00 2001
From: Alexandre BODIN <alexandrebodin@users.noreply.github.com>
Date: Wed, 29 Jul 2020 17:41:02 +0200
Subject: [PATCH] Upgrade api token tuto to not break rbac feature (#7250)

Signed-off-by: Alexandre Bodin <bodin.alex@gmail.com>
---
 docs/v3.x/guides/api-token.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/docs/v3.x/guides/api-token.md b/docs/v3.x/guides/api-token.md
index a0ad14f467..c2785f5343 100644
--- a/docs/v3.x/guides/api-token.md
+++ b/docs/v3.x/guides/api-token.md
@@ -44,6 +44,11 @@ const _ = require('lodash');
 module.exports = async (ctx, next) => {
   let role;
 
+ if (ctx.state.user) {
+    // request is already authenticated in a different way
+    return next();
+  }
+
   // add the detection of `token` query parameter
   if (
     (ctx.request && ctx.request.header && ctx.request.header.authorization) ||