304 redirect to /auth following Shopify request to "redirect_url" specified in billing parameters

Highlighted
Excursionist
12 1 2

:)  1.  When a user accepts my billing terms, I send out a request to "/admin/recurring_application_charges.json"

:)  2.  My app sends a redirect to confirmation_url extracted from the response body.

:)  3.  The user is presented with my billing terms and clicks Accept

:(  4.  Shopify does its thing, and eventually sends a request to my App using my specified return_url, but the request status is redirected to /auth.

 

Im using verifyRequest from koa-shopify-auth, and kao-sessions for my sessions middleware.  I've got session configured to use a redisStore.

 

While monitoring my redis server during APP installation, I see the session id, shop, and accessToken being setex

However when the request is made to return_url, there's a different session id sent.  I see redis try to access a non existent session id.  Shop then is undefined and verifyRequest middleware fails.  I suspect his is what's causing the redirect to /auth.

 

Is this correct behavior to send a different session id in the return_url request than what was registered during app installation?  

If so, how should i verify requests coming in on return_url?

 

 

0 Likes
Excursionist
12 1 2

Meant to say 302 redirect instead of 304 redirect in Subject

0 Likes