We currently limit the OAuth process (to 60s) to not have hanging sessions, and the OAuth cookie / session expire after that limit, which currently leads to the server throwing an error rather than completing the process.
To reach that point, we must be in a valid callback request, so it was actually fired by Shopify. If, for whatever reason, the session does not exist at this point, the OAuth process went wrong and it should be retried. For the specific case where the merchant takes too long to approve the app, the retry will just go straight through since the app is already approved, which should make this error transparent.
WHY are these changes introduced?
Fixes https://github.com/Shopify/shopify-node-api/issues/202 Fixes https://github.com/Shopify/shopify-node-api/issues/130
We currently limit the OAuth process (to 60s) to not have hanging sessions, and the OAuth cookie / session expire after that limit, which currently leads to the server throwing an error rather than completing the process.
To reach that point, we must be in a valid callback request, so it was actually fired by Shopify. If, for whatever reason, the session does not exist at this point, the OAuth process went wrong and it should be retried. For the specific case where the merchant takes too long to approve the app, the retry will just go straight through since the app is already approved, which should make this error transparent.
WHAT is this pull request doing?
Essentially applying the very helpful idea from https://github.com/Shopify/shopify-node-api/issues/130#issuecomment-875706967 to the source, catching session / cookie errors and simply retrying OAuth on both rather than failing.
Type of change
Checklist