[koa-shopify-auth] add the ability to specify the host of the redirect url instead of ctx.host

[hasanagh]

Overview

The developer should be able to define the host of the redirect URL to be https://{Host}/auth/callback instead of taking the host from context (ctx).

• When having separate backend and frontend applications and deploying to a server with a reverse proxy like on Heroku or AWS Beanstalk. The Host header will be changed because of the proxy and even if we used koa's proxy feature which uses the forwarded host instead of host header, X-Forwarded-Host is not always passed by default.

• This is why I think we should be able to pass an optional parameter to define the redirect URL host.

Type

• [ x] Changes to existing features

Motivation

What inspired this feature request? What problems were you facing,

• I am facing a problem were the redirect URL is having the backend host as its host because of the reverse proxy on my server and thus having to whitelist this URI and face cookies problem or having to edit the proxy behavior to add the X-Forwarded-Host.

[TheSecurityDev]

I think you need to create your Koa server like this: new Koa({ proxy: true })

I have also created a fork of this library that fixes this, and many other issues, that you can find at these links:

https://github.com/TheSecurityDev/simple-koa-shopify-auth
https://www.npmjs.com/package/simple-koa-shopify-auth

(Be sure to read the README, as it is not quite a drop-in replacement).

In this case, my package uses Shopify.Context.HOST_NAME as the redirect host instead of ctx.host, so it fixes this issue.

[github-actions]

Note that this repo is no longer maintained and this issue will not be reviewed.
Prefer the official JavaScript API library.
If you still want to use Koa, see
simple-koa-shopify-auth
for a potential community solution.