Non-seekable streams as request body are not handled correctly.

[anfly0]

1. If the body stream is not seekable, the handler called on successful authentication will not be able to access the content of the body.
2. If the body stream is not seekable, and this middleware gets invoked after some other entity reads the stream, not all data may be accessible when authenticating.