koa-shopify-auth

koa-shopify-auth copied to clipboard

Overview

It would be great to get access to session data on Koa middleware executed after verifyRequest, since that middleware already loads the session from the session storage.

A common pattern in Koa is to add a property to ctx.state, so that that property can be retrieved further down the middleware stack to reduce the number of 'expensive' operations. I think this pattern would be a good use case for session information, as those need to be retrieved from a storage (which is likely some sort of database in a production app -> introduces a remote call) plus JWT decoding, etc.

Type

• [x] Changes to existing features

Motivation

What inspired this feature request? What problems were you facing?

I am working on a Next.js app with a custom Koa server. The custom Koa server has an API which is called from the embedded Shopify frontend with Axios. To protect the API from misuse I use the verifyRequest middleware on each endpoint. After that middleware, my API controller middleware gets executed and that needs session data to process the request properly.

Checklist

• [x] Please delete the labels section before submitting your issue
• [x] I have described this feature request in a way that is actionable (if possible)

That's a very interesting suggestion @mayrsascha, thank you for this!

We'll see if we can add the session to the state if verifyRequest is successful.

This would be great addition. Currently doing following to get session information after verifyRequest

const session = await Shopify.Utils.loadCurrentSession(
  ctx.req,
  ctx.res,
  false
);

Has this been implemented yet?

Note that this repo is no longer maintained and this issue will not be reviewed. Prefer the official JavaScript API library. If you still want to use Koa, see simple-koa-shopify-auth for a potential community solution.