Session creation is not working about simple-koa-shopify-auth HOT 9 CLOSED

When going through the /auth it creates the session (I can see it in redis store) and then my axios requests (ajax) starts working (no more 401 error).
So now I catch this 401 error in axios and redirect to /auth

axiosInstance
  .post("/my-rest?shop=" + shop, data)
  .then(function (response) {
    console.log("rep: ", response);
  })
  .catch(function (error) {
    console.log("error: ", error);
    
    const redirect = Redirect.create(app);
    redirect.dispatch(Redirect.Action.APP, '/auth');
  })

So the problem is not simple-koa-shopify-auth. A coincidence I noticed the bug when I migrated to simple-koa-shopify-auth

Indeed the storeCallback is superflus (it was part of my experimenting).

Thanks for your support and thanks for the great simple-koa-shopify-auth

from simple-koa-shopify-auth.

Can you provide a bit more information?

1. When does this happen, during the authentication flow (receiving the token), or during verifyRequest?
2. Is storeSession called?
3. Does the authentication flow work properly?
4. Are you using createShopifyAuth and verifyRequest correctly? (It's a little different than the old library.)

Hopefully these questions can help us get closer to the cause of the issue.

from simple-koa-shopify-auth.

1. The context initialization is done in the app.prepare().then(...)
2. storeSession does not seem to be called
3. Authentication flow seems to be working but session not created
4. I don't know if I am using correctly. I doubt I am using it correctly

I updated the question accordingly.

from simple-koa-shopify-auth.

@redochka Thank you for the code example. Does "inside afterAuth" get logged?

from simple-koa-shopify-auth.

And is the session token set on ctx.state.shopify?

Also, I don't think you need to call storeSession yourself after auth.

Edit: Nevermind, I thought the storeCallback function that you have was storeSession. What does that function do anyway?

from simple-koa-shopify-auth.

No, the "inside afterAuth" is not logged.
The redisStoreAccessToken.storeCallback is storing the access token in a redis store.

from simple-koa-shopify-auth.

No, the "inside afterAuth" is not logged.
The redisStoreAccessToken.storeCallback is storing the access token in a redis store.

It seems strange that you have a storeCallback and storeSession function, since the session contains the access token and it appears to be the same thing.

Edit:
I'm confused with why you have two objects with a storeCallback method.

const redisStoreAccessToken = await RedisStoreAccessToken();
const sessionStorage = await RedisStoreSession();

And you call storeCallback on the first one in the afterAuthsection and when registering the Shopify context you use the second one. I don't think it's necessary to call storeCallback yourself, because the Shopify Node API does that itself.

But since the message is not logged (assuming you still have it in your code), that means the authentication flow isn't working correctly and it's not calling the afterAuth function. What happens when you go to the /auth route?

from simple-koa-shopify-auth.

Actually it is partly an issue with this library, because I just realized I had changed the status code for invalid sessions from 403 to 401 (I think 401 Unauthorized makes more sense than 403 Forbidden, for when the session is invalid).

I failed to mention this change in the documentation, so I'm glad you found it.

from simple-koa-shopify-auth.

I've updated the documentation to include the note that this library uses status code 401 instead of 403.

from simple-koa-shopify-auth.