fix(authorization): header workaround for IE11

use cookie instead so auth succeeds

closes #2051

Author: justcfx2u

Diff for: templates/app/server/auth(auth)/auth.service.js

@@ -24,6 +24,10 @@ export function isAuthenticated() {
       if (req.query && req.query.hasOwnProperty('access_token')) {
         req.headers.authorization = 'Bearer ' + req.query.access_token;
       }
+     // IE11 forgets to set Authorization header sometimes. Pull from cookie instead.
+     if (req.query && typeof req.headers.authorization === 'undefined') {
+       req.headers.authorization = 'Bearer ' + req.cookies.token;
+     }
       validateJwt(req, res, next);
     })
     // Attach user to request