I followed the SPA React Quickstart and the subsequent API directions.
Here is what is working:
Authentication to ‘/’ is working. I can get to the protected ‘/profile’ route as well on the same login.
When I go to protected route ‘/users’, which makes a fetch to an API route on my express server, I have to re-authenticate. Once done, it successfully responds with appropriate data from my controller + dbase.
Would code be useful?