Problem implementing the login feature using a Rest web service and Basic Auth


I’ve a REST web service called “validateauth” that, if called using Basic Authentication, returns the uid and the role of a user.
I want to use this web service to authenticate the users during the login phase.
I’m calling the web service in this way:


    <form [formGroup]="login_form" (ngSubmit)="login()" padding>
          <ion-input formControlName="username" type="text" [(ngModel)]="username"></ion-input>


  login() {
      this.wsmanager.authenticate(this.username, this.password).subscribe(data => {
        let result = data['result'];
        let uid = data['data']['uid'];
        let role = data['data']['role'];
        if (result==RESULT_OK) {
          // LOGIN OK
          console.log("Login OK");
          this.wsmanager.loginSuccess(this.username, this.password, uid, role);
        } else {
          //   LOGIN KO
          console.log("Login KO");
          console.warn('Login failed.');
          let alert = this.alertCtrl.create({title: "Login errato", message: "Autenticazione fallita."});


public authenticate(username: string, password: string) {
    let tempToken = this.calculateToken(username, password);
    let baseUrl = this.getBaseUrl();
    let wsHeader = new HttpHeaders({
      'Content-Type': 'application/json',
      'Accept': 'application/json',
      'Access-Control-Allow-Origin': '*',
      'Access-Control-Allow-Methods': 'POST, GET, OPTIONS, PUT',
      'Authorization': 'Basic ' + tempToken,
    return this.http.get(baseUrl + '/validateauth',  {headers: wsHeader});

But something strange is happing.
When i click on the login button, both the the function login and authenticate are called 2 times (I can see this from Chrome launching the App with the command ionic serve -lcs).
On the web server I can see (logging some prints in the error.log file) that the the web service is called 4 times: the first 2 times with $_SERVER[‘PHP_AUTH_USER’] and $_SERVER[‘PHP_AUTH_PWD’] empty, the last 2 times with this parameters filled in the right way.

Is this the right way to call a REST authentication web service?

Thank you