Skip to content
This repository has been archived by the owner on Apr 11, 2024. It is now read-only.

Store state instead of session id in cookie #438

Merged
merged 3 commits into from
Aug 18, 2022
Merged

Store state instead of session id in cookie #438

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
970dc56
Store state instead of session id in cookie
mkevinosullivan Jul 29, 2022
991b937
Refactored after review
mkevinosullivan Aug 17, 2022
3fd3ca5
Do not set OAuth cookie for embedded app
mkevinosullivan Aug 18, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ and adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).

- Add support for billing to the library [#449](https://github.com/Shopify/shopify-api-node/pull/449)
- Allow dynamically typing the body of REST and GraphQL request responses, so callers don't need to cast it [#447](https://github.com/Shopify/shopify-api-node/pull/447)
- Rather than create a temporary session in order to store a session id in a cookie for the OAuth transaction, we can store the `state` in the cookie instead, that can then be compared against the `state` provided by Shopify in the callback. [#438](https://github.com/Shopify/shopify-api-node/pull/438)

## [5.0.1] - 2022-08-03

Expand Down
Loading