Fix attaching User/Groups headers for bypass strategy

server/src/lib/routes/verify/GetSessionCookie.ts

@@ -36,8 +36,6 @@ export default async function (req: Express.Request, res: Express.Response,
   const authorizationLevel = CheckAuthorizations(vars.authorizer, d.domain, d.path, username, groups, req.ip,
     authSession.authentication_level);
 
-  if (authorizationLevel > AuthorizationLevel.BYPASS) {
+  CheckInactivity(req, authSession, vars.config, vars.logger);
-    CheckInactivity(req, authSession, vars.config, vars.logger);
+  setUserAndGroupsHeaders(res, username, groups);
-    setUserAndGroupsHeaders(res, username, groups);
-  }
 }