Skip to content
This repository has been archived by the owner on Jan 30, 2023. It is now read-only.

Add option to return redirect URL as a header in verifyRequest #78

Merged
merged 1 commit into from
Mar 23, 2021

Conversation

paulomarg
Copy link
Contributor

@paulomarg paulomarg commented Mar 22, 2021

WHY are these changes introduced?

Fixes Shopify/shopify-app-template-node#575

Currently, the verifyRequest middleware will always return the code to redirect the user back to /auth, even if the request is not for a page. In those cases, we still want to fail the request, but we need the frontend to be able to pick up on this and trigger the OAuth flow.

WHAT is this pull request doing?

This adds a returnHeader setting to verifyRequest, which will fail the request but return the necessary data for a redirect as a header, rather than the actual redirection code. That will allow the middleware to be used for both page loads and XHR requests.

Type of change

  • Patch: Bug (non-breaking change which fixes an issue)
  • Minor: New feature (non-breaking change which adds functionality)
  • Major: Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklist

  • I have added a changelog entry, prefixed by the type of change noted above
  • I have added/updated tests for this change

@paulomarg paulomarg force-pushed the return_header_on_verify_request branch from 2bf49ac to f4e55f9 Compare March 22, 2021 19:40
@paulomarg paulomarg requested a review from a team March 22, 2021 19:42
@mllemango
Copy link
Contributor

Will there be a readme update?

@paulomarg paulomarg merged commit 964efee into master Mar 23, 2021
@paulomarg paulomarg deleted the return_header_on_verify_request branch March 23, 2021 18:09
@paulomarg paulomarg temporarily deployed to production March 23, 2021 19:43 Inactive
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Example app do not cover expired sessions and multi user
3 participants