InternalServerError: OAuth Session could not be deleted. Please check your session storage functiona

Shopify Apps

Topic summary

A developer is encountering an “InternalServerError: OAuth Session could not be deleted” error in their Shopify app and seeking help to resolve it.

Technical Context:

  • The app uses Node.js with Koa framework and Shopify’s authentication libraries (@shopify/koa-shopify-auth and @shopify/shopify-api)
  • Custom session storage is implemented using three callback functions: storecallback, loadcallback, and deletecallback from a database module
  • The error suggests an issue with the deletecallback function in the session storage implementation

Code Structure:
The setup includes:

  • Shopify Context initialization with custom session storage
  • OAuth authentication flow using createShopifyAuth
  • Koa router handling various endpoints
  • Session management tied to database operations

Likely Issue:
The deletecallback function in the custom session storage is either failing to execute properly, returning an error, or not properly handling session deletion requests during the OAuth flow.

Status: The question remains unanswered with no solutions or troubleshooting steps provided yet.

Summarized with AI on November 21. AI used: claude-sonnet-4-5-20250929.
1

i want to solve this error how to do…

require(‘isomorphic-fetch’);
const dotenv = require(‘dotenv’);
const koa= require(‘koa’);
const next= require(‘next’);
const { default: createShopifyAuth} = require(‘@shopify/koa-shopify-auth’);
const { verifyRequest} = require(‘@shopify/koa-shopify-auth’);
const { default: shopify,ApiVersion} = require(‘@shopify/shopify-api’);
const Router = require(“koa-router”);

const {storecallback,loadcallback,deletecallback}=require(‘./server/database’);
dotenv.config();

shopify.Context.initialize({
API_KEY:process.env.SHOPIFY_API_KEY,
API_SECRET_KEY:process.env.SHOPIFY_API_SECRET,
SCOPES:process.env.SHOPIFY_API_SCOPES.split(“,”),
HOST_NAME:process.env.SHOPIFY_APP_URL.replace(/https:///, “”),
API_VERSION:ApiVersion.October20,
IS_EMBEDDED_APP:true,
SESSION_STORAGE:new shopify.Session.CustomSessionStorage(
storecallback,
loadcallback,
deletecallback
),

})

const port=parseInt(process.env.PORT,10)||3000;
const dev=process.env.NODE_ENV !==‘production’;
const app= next({dev});
const handle= app.getRequestHandler();

const ACTIVE_SHOPIFY_SHOPS={};

app.prepare().then(() => {
const server = new koa();
const router =new Router();
server.keys =[shopify.Context.API_SECRET_KEY];

server.use(
createShopifyAuth({
afterAuth(ctx){
const {shop,scope}=ctx.state.shopify;
ACTIVE_SHOPIFY_SHOPS[shop]=scope;
if(ACTIVE_SHOPIFY_SHOPS[shop]){
ctx.redirect(https://${shop}/admin/apps);
}else{
ctx.redirect(/?shop=${shop});
}

},
}),
);

const handleRequest= async(ctx) => {
await handle(ctx.req,ctx.res);
ctx.respond = false;
ctx.res.statuscode =200;

};

router.get(“/”,async(ctx)=>{
const shop=ctx.query.shop;
if(ACTIVE_SHOPIFY_SHOPS[shop]===undefined){
ctx.redirect(/auth?shop=${shop});

}else{
await handleRequest(ctx);
}
})
router.get(‘(.*)’,handleRequest);

router.get(“(/_next/static/.)”,handleRequest);
router.get(“/_next/webpack-hmr/”,handleRequest);
router.get(“(.*)”,verifyRequest(),handleRequest);

server.use(router.allowedMethods());
server.use(router.routes());

server.listen(port, () =>{
console.log(> Ready on [http://localhost](http://localhost):${port});
})

});