Another quick fix for apps to work again.

packages/server/src/middleware/authenticated.js

@@ -23,12 +23,10 @@ module.exports = async (ctx, next) => {
     appId = cookieAppId
   }
 
-  let token
+  let token = ctx.cookies.get(getCookieName(appId))
-  if (isClient(ctx)) {
+  let authType = AuthTypes.APP
-    ctx.auth.authenticated = AuthTypes.APP
+  if (!token && !isClient(ctx)) {
-    token = ctx.cookies.get(getCookieName(appId))
+    authType = AuthTypes.BUILDER
-  } else {
-    ctx.auth.authenticated = AuthTypes.BUILDER
     token = ctx.cookies.get(getCookieName())
   }
 
@@ -44,6 +42,7 @@ module.exports = async (ctx, next) => {
   }
 
   try {
+    ctx.auth.authenticated = authType
     const jwtPayload = jwt.verify(token, ctx.config.jwtSecret)
     ctx.appId = appId
     ctx.auth.apiKey = jwtPayload.apiKey