Koa app cookie infinite loop on Chrome


I have been using the official Koa authentication package from https://github.com/Shopify/quilt/tree/master/packages/koa-shopify-auth for my embedded Shopify application The issue is that I get the infinitely redirected to the enable_cookies page during the authentication process and back to the admin page. And this happens only on Chrome.

Funny enough, the same issue happens on the demo Koa project that I directly cloned. My understanding is that this happens due to the inability for cookies to communicate between third party contexts (that is now the default restriction in Chrome). I did read https://shopify.dev/tutorials/migrate-your-app-to-support-samesite-cookies and am going kind of insane. Please let me know if I am doing something very wrong.


Shopify Staff
Shopify Staff
1097 147 206

Hey @zarma 

How'd you get on with this one? Were you cloning from https://github.com/Shopify/shopify-app-node?


Hi SBD_ ,

I eventually gave up on this. My app is a Single Page Application. I stored the access token in my database and routed all my client's authenticated requests through the backend instead of using session cookie altogether. Of course, I took a lot of ideas from https://shopify.dev/tutorials/authenticate-with-oauth

It took me way too much time to figure out that I am not obliged to use session cookies at all.