Problem with auth using the session token

Solved
Yurii_Rybak
New Member
4 0 0

Hi there. We use node.js(express.js), ejs templating and turbolinks to create our app. We implemented session token-based authorization based on an algorithm that Shopify recommends https://shopify.dev/tutorials/authenticate-your-app-using-session-tokens (section "Use session tokens with Turbolinks"). Step 3 describes that we need to get a session token every 50 seconds (This ensures that your session tokens are always valid), but when we get a token after 50 seconds using the getSessionToken method (https://www.npmjs.com/package/@shopify/app-bridge-utils), we don't get a new token, but a previous one and the token lifetime expires in a couple of seconds. After the next 50 seconds, we get a new token but this token lifetime expires also in a couple of seconds.
We created code to retrieve a session token based on this tutorial https://github.com/Shopify/turbolinks-jwt-sample-app#fetching-and-storing-session-tokens: 

 

 

  async function retrieveToken(app) {
    const AppBridgeUtils = window['app-bridge-utils'];
    let token = await AppBridgeUtils.getSessionToken(app);
    window.sessionToken = token;
  }

  function keepRetrievingToken(app) {
    setInterval(() => {
      retrieveToken(app);
    }, 50000);
  }

 

 

Can anyone help me with how to get a new session token every 50 seconds? Open to discussions and can provide more details. I will be glad for any help, thanks.

0 Likes
NabeelAhsen
Shopify Staff
Shopify Staff
5 2 2

This is an accepted solution.

Hi Yurii, thank you for bringing this to our attention. The recommended retrieval interval of 50 seconds does not seem to be the best suggestion for the reasons you have mentioned. Our team is currently investigating this.

If you need an immediate solution to this, one workaround is to reduce the interval from 50 seconds to roughly 3-4 seconds (3000-4000).

0 Likes
Yurii_Rybak
New Member
4 0 0

Hi Nabeel

0 Likes