Attempt to force Laravel to expire the session on close, so shops do …

…not get logged out early for isse #60
gnikyt · Aug 16, 2018 · cbee270 · cbee270
1 parent 582660d
commit cbee270
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 0 deletions.
diff --git a/src/ShopifyApp/Traits/AuthControllerTrait.php b/src/ShopifyApp/Traits/AuthControllerTrait.php
@@ -33,6 +33,7 @@ public function authenticate()
         }
 
         // Save shop domain to session
+        config(['session.expire_on_close' => true]);
         session(['shopify_domain' => ShopifyApp::sanitizeShopDomain($shopDomain)]);
 
         if (!request('code')) {

diff --git a/tests/Controllers/AuthControllerTest.php b/tests/Controllers/AuthControllerTest.php
@@ -57,13 +57,17 @@ public function testAuthRedirectsBackToLoginWhenNoShop()
 
     public function testAuthRedirectsUserToAuthScreenWhenNoCode()
     {
+        $this->assertEquals(false, config('session.expire_on_close')); // Default for Laravel
+
         $response = $this->post('/authenticate', ['shop' => 'example.myshopify.com']);
         $response->assertSessionHas('shopify_domain');
         $response->assertViewHas('shopDomain', 'example.myshopify.com');
         $response->assertViewHas(
             'authUrl',
             'https://example.myshopify.com/admin/oauth/authorize?client_id=&scope=read_products,write_products&redirect_uri=http://localhost/authenticate'
         );
+
+        $this->assertEquals(true, config('session.expire_on_close')); // Override in auth for a single request
     }
 
     public function testAuthAcceptsShopWithCodeAndUpdatesTokenForShop()