Questions and discussions about using the Shopify CLI and Shopify-built libraries.
Hello.
I have an existing Shopify app that uses Laravel 5. I am in the process of rebuilding the frontend using React and Shopify Polaris. Originally, I was going to just use JWTs to authenticate each request from the React frontend to the Laravel backend, but as I understand it, I can't (and should not) use cookies to store the JWT while in the Shopify app iframe. The original iteration of my app escaped the iframe, so this is a new problem for me.
Can someone point me in the right direction regarding how I can authenticate requests between the React frontend and Laravel 5 backend? Do I need to implement the App Bridge? Do I have to upgrade Laravel to a newer version?
Thanks in advance. I'll be happy to clarify if needed.
👋 @daveluke ,
I'm a developer at Shopify.
If the app is embedded, you should use session tokens to authenticate and App Bridge can help with that. Check out the getting started section here. I am not a php dev, so I'm not sure what the major changes are since Laravel v5, but I don't believe it matters what the backend is, as long as you can implement the necessary callback routes and decode the session token. We also have a php library that helps with just that.
Hopefully that helps!
Elana
To learn more visit the Shopify Help Center or the Community Blog.