The host is undefined about simple-koa-shopify-auth HOT 12 CLOSED

The app is unusable now. See screenshot Yes it was working before. In my opinion, it must not redirect out of frame, as the app should run inside the shopify ui (app bridge)

Can confirm with @TheSecurityDev as per Shopify's documentation, there needs to be a full redirect during the Oauth process:

This repo does take care of that, and indeed solved that problem that I was having concerning the redirect. So it must be a problem with your app. Were you able to fix it?

from simple-koa-shopify-auth.

You probably need to include the host parameter when redirecting after auth.

However, I don't do that because it starts getting confusing when you need it and when you don't, so I prefer to generate the host dynamically in your _app.js file like this:

WARNING! The method I describe here should probably not be used anymore, because I think Shopify is changing how the host parameter is generated.

const​ ​{​ shop ​}​ ​=​ ​ctx​.​query​;
const​ ​host​ ​=​ ​Buffer​.​from​(​shop​ ​+​ ​"/admin"​)​.​toString​(​"base64"​)​;​ ​// Generate the host from the shop, so we don't have to keep it in the query parameter

from simple-koa-shopify-auth.

Building the host like this seems working. But new issue, the app is not loaded in a iframe and it ends app with an error on the page saying

There’s no page at this address
Check the URL and try again, or use the search bar to find what you need.

The url in the url bar is first:
https://zzz.herokuapp.com/?hmac=61e34a4b337efa6fd2cd8bae1ffdf1d63a8abee884683d49a414ebacd08c5ec1&shop=xxx.myshopify.com&timestamp=1642615101
then it gets redirected to this:
https://xxx.myshopify.com/admin/apps/832a45e9574aa3ac8ebe8f3b15a5e330/?hmac=61e34a4b337efa6fd2cd8bae1ffdf1d63a8abee884683d49a414ebacd08c5ec1&shop=xxx.myshopify.com&timestamp=1642615101
because of the forceRedirect: true in the app-bridge Provider

In the console there are errors like

​ Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://xxx.myshopify.com') does not match the recipient window's origin ('https://zzz.herokuapp.com').

is simple-koa-shopify-auth redirecting to the app url instead of the shopify admin url?

from simple-koa-shopify-auth.

I have seen this error as well, but it works for me so I think you can safely ignore it. I would check to make sure you are handling the route you are trying to access.

Did this work before changing to this library?

And I believe it is normal to redirect out of myshopify.com to your herokuapp.com (the old koa-shopify-auth library did this, but maybe it was necessary because of cookies).

Anyway, all that happens for me as well, but it still works so I would assume the 404 is because you are not handling the "/" route on your server perhaps. Or perhaps you have not set your app URL in the app settings.

I'm wondering now if it's unnecessary for the library to redirect out of the frame like that now that cookies are no longer used, so I might take a look at that. I don't think it's related to your issue though.

from simple-koa-shopify-auth.

After looking into it I can confirm that it is supposed to redirect out of the frame.

from simple-koa-shopify-auth.

The app is unusable now. See screenshot
Yes it was working before.
In my opinion, it must not redirect out of frame, as the app should run inside the shopify ui (app bridge)

from simple-koa-shopify-auth.

I think it is supposed to redirect out of frame, and then back into frame once the session has been created. I don't think it's possible to avoid that for now.

When you load your app from the app list does it work then? What is the URL in that case? Does this error only show after redirecting through authentication?

Do you have the right URL set here:

from simple-koa-shopify-auth.

I think it is supposed to redirect out of frame, and then back into frame once the session has been created. I don't think it's possible to avoid that for now.

It is not redirecting back to the frame.
it is not working when loading the app from the app list. This is what I have been doing all the time. This error is happening all the time.
Yes I have url setup (i didn't touch them) see screenshot

from simple-koa-shopify-auth.

This seems more like an issue with your app. Check that you are handling the "/" route (and returning a status code). Otherwise, try removing the verifyRequest middleware temporarily (that's the only way this library could be affecting it).

And as silly as it sounds, make sure your server is running. You can also check to see if the requests are being logged or not.

from simple-koa-shopify-auth.

I gave up with these and went an other route. Too many bugs, old dependencies, etc, can not waste more time debugging.
I published a new app much simple to use that works out of the box.
Give it a try: https://github.com/redochka/nextjs-shopify-app-no-custom-server
Cheers

from simple-koa-shopify-auth.

@redochka Cool! Good luck. I get how you feel. That solution won't work for me personally because using Next.js as your server puts your routes on serverless functions and not persistent ones, which creates an issue with maintaining a consistent connection to a database. MongoDB in my case. I've read there are workarounds using caching, but by default any time you need to interact with the database it will create and destroy a connection to it which isn't recommended. It'll also prevent you from using web sockets in any way.

from simple-koa-shopify-auth.

You probably need to include the host parameter when redirecting after auth.

However, I don't do that because it starts getting confusing when you need it and when you don't, so I prefer to generate the host dynamically in your _app.js file like this:

WARNING! The method I describe here should probably not be used anymore, because I think Shopify is changing how the host parameter is generated.

const​ ​{​ shop ​}​ ​=​ ​ctx​.​query​;
const​ ​host​ ​=​ ​Buffer​.​from​(​shop​ ​+​ ​"/admin"​)​.​toString​(​"base64"​)​;​ ​// Generate the host from the shop, so we don't have to keep it in the query parameter

In the latest release (v2.1.4), I have fixed issues with the host query parameter not being passed when performing redirects. Since Shopify appears to be changing what this host parameter will be, the method described in the comment above may no longer work, so using it from the URL parameter is the recommended approach. You can see the updated readme to see how to add the host parameter to your requests.

Note: versions 2.1.0 - 2.1.3 are broken and should not be used.

from simple-koa-shopify-auth.