search

Shopify / shopify-app-template-node

MIT License
883 stars 399 forks source link

Auth flow break with session app installed register webhook not fire on server side #1157

Closed adventuretocode closed 1 year ago

adventuretocode commented 2 years ago

Issue summary

app break on app install flow

Write a short description of the issue here ↓ shopify not return the session after that app register web hook not fire

Expected behavior

app install flow work fine shopify package not return the session and after not create the app register/ uninstall hooked on server side

What do you think should happen?

Actual behavior

What actually happens?

Tip: include an error message (in a <details></details> tag) if your issue is related to an error

Steps to reproduce the problem

    1. 1.

Reduced test case

The best way to get your bug fixed is to provide a reduced test case.

Specifications

Issue summary

auth flow break on install the app app in node express js and react base in shopify boiler plate

Write a short description of the issue here ↓ when i try to

Expected behavior

What do you think should happen?

Actual behavior

What actually happens?

Tip: include an error message (in a <details></details> tag) if your issue is related to an error

Steps to reproduce the problem

1. 1. 1.

Reduced test case

The best way to get your bug fixed is to provide a reduced test case.

Checklist

when i try to install app it was goes to app permission screen then i get this Error

Screenshot from 2022-11-01 18-42-42

custom session storage code

import { Session } from "@shopify/shopify-api/dist/auth/session/session.js";
import Cryptr from "cryptr";
import SessionModel from "./models/SessionModel.js";
const cryption = new Cryptr(process.env.ENCRYPTION_STRING);

const storeCallback = async (session) => {
  const result = await SessionModel.findOne({ id: session.id });

  if (result === null || result == undefined) {
    await SessionModel.create({
      id: session.id,
      content: cryption.encrypt(JSON.stringify(session)),
      shop: session.shop,
    });
  } else {
    await SessionModel.findOneAndUpdate(
      { id: session.id },
      {
        content: cryption.encrypt(JSON.stringify(session)),
        shop: session.shop,
      }
    );
  }

  return true;
};

const loadCallback = async (id) => {
  const sessionResult = await SessionModel.findOne({ id });
  if (sessionResult === null) {
    return undefined;
  }
  if (sessionResult.content.length > 0) {
    const sessionObj = JSON.parse(cryption.decrypt(sessionResult.content));
    return Session.cloneSession(sessionObj, sessionObj.id);
  }
  return undefined;
};

const deleteCallback = async (id) => {
  await SessionModel.deleteMany({ id });
  return true;
};

const sessionStorage = new Shopify.Session.CustomSessionStorage(
  storeCallback,
  loadCallback,
  deleteCallback
);

export default sessionStorage;

express server index.js code

on server side app init 

import "dotenv/config";
import Express from "express";
import mongoose from "mongoose";
import { resolve } from "path";
import sessionStorage from "../sessionStorage.js";

// import middleware  and other dependency 
// mongodb connect 

Shopify.Context.initialize({
  API_KEY: process.env.SHOPIFY_API_KEY,
  API_SECRET_KEY: process.env.SHOPIFY_API_SECRET,
  SCOPES: process.env.SHOPIFY_API_SCOPES,
  HOST_NAME: process.env.SHOPIFY_APP_URL.replace(/https:\/\//, ""),
  HOST_SCHEME: "https",
  API_VERSION: process.env.SHOPIFY_API_VERSION,
  IS_EMBEDDED_APP: true,
  SESSION_STORAGE: sessionStorage,
});

app install on store but on my custom store i have write the session to the database it was not happen.

i debug the code on https://github.com/Shopify/shopify-app-template-node/blob/main/server/middleware/auth.js#L43

this auth call back 

    try {
      const session = await Shopify.Auth.validateAuthCallback(
        req,
        res,
        req.query
      );
console.log("session get from shopify", session);

const session = await Shopify.Auth.validateAuthCallback(
this code blocker code goes to catch (e) { block

mkevinosullivan commented 1 year ago

This issue description is incoherent and difficult to interpret. It is also using an older version of the API and template.

Please try again with the latest template/api, and if issue continues, open a new issue.