This repository has been archived by the owner on Apr 11, 2024. It is now read-only.
Extend cookie OAuth session to allow initial app loads #70
+44
−11
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
WHY are these changes introduced?
While updating
shopify-app-node
to use this library, I ran into an issue where OAuth worked normally, but since we destroyed the cookie session right away, we were unable to run the initial request to the app in a logged in state, so that the frontend can build its App Bridge and get a JWT.These changes extend the OAuth cookie session by 30 seconds instead of deleting it right away, which allows the app to load itself to cover the above scenario.
WHAT is this pull request doing?
Extending the cookie session, and changing
loadCurrentSession
to fall back to the cookie version if JWT isn't available yet. Since the cookie session is only extended for a short period of time and there is no support for 3rd party cookies baked into the library, any requests made without a JWT from an embedded app would fail outright due to the OAuth session cookie not being available to the server.Type of change