Permissions filter doesn't capture ajax requests #1049
Description
PHP Version
8.2.0
CodeIgniter4 Version
4.4.5
Shield Version
1.0.1
Which operating systems have you tested for this bug?
Windows
Which server did you use?
apache
Database
MariaDB 10.2
Did you customize Shield?
I customized the UserModel class to include a function to generate a full name of a user from their first and last name before insert and before update. I also customized the User entity class to include two functions to set the first and last name of a user after cleaning the string input and performing formatting on it like capitalization.
What happened?
I made an ajax request on a route protected by a permission expecting to get a 403 Forbidden response because the user I was testing the route on doesn't have the permission. The response should be JSON in nature but it sends the page a user is redirected to if they don't have the permission.
Steps to Reproduce
Edit the permission filter to capture ajax requests and instead of redirecting to the page specified in Auth config, it sends a JSON formatted 403 Forbidden response.
Expected Output
A JSON formatted 403 Forbidden response.
Anything else?
No response