server/AyaNova/Startup.cs

@@ -388,7 +388,7 @@ namespace AyaNova
                     }
 
                     //Get the database context
-                    var ct = context.RequestServices.GetService<AyContext>();                   
+                    var ct = context.RequestServices.GetService<AyContext>();
 
                     //get the user record
                     var u = await ct.User.AsNoTracking().Where(a => a.Id == userId).Select(m => new { roles = m.Roles, name = m.Name, id = m.Id, translationId = m.UserOptions.TranslationId, currentAuthToken = m.CurrentAuthToken }).FirstAsync();
@@ -397,8 +397,12 @@ namespace AyaNova
                     context.Request.HttpContext.Items["AY_USER_ID"] = u.id;
                     context.Request.HttpContext.Items["AY_TRANSLATION_ID"] = u.translationId;
 
-                    //CHECK JWT
-                    if (!context.Request.Path.Value.EndsWith("/auth") && u.currentAuthToken != JWT)//except "/api/v8/auth" so user can login
+                    //CHECK JWT 
+                    if (
+                        !context.Request.Path.Value.EndsWith("/auth") &&
+                        !context.Request.Path.Value.EndsWith("notify/hello") &&
+                        u.currentAuthToken != JWT
+                    )//except "/api/v8/auth" and prelogin notify/hello routes so user can login
                     {
                         context.Response.StatusCode = 401;
                         context.Response.Headers.Add("X-AyaNova-Authorization-Error", "E2006 - Authorization token replaced by more recent login");