skip to Main Content

On Symfony 4, when catching a callback route from any external API service (in this case – Shopify API), my logged in user becomes anon.

  • (HTTP): Everything works when testing on localhost
  • (HTTPS): However, my logged in User becomes null / Anonymous when testing on my remote server (prod).

How do I fetch my logged in user after catching a callback route from any API service? I think it could be a problem with either HTTP vs HTTPS or some Symfony settings.


On Shopify API dashboard – Allowed redirection URL(s):

http://localhost:8000/shopify/callback
https://<myremoteip>.com/shopify/callback

Symfony Controller Route (for Shopify callback):

/**
* @Route("/shopify/callback", name="shopify_callback")
*/
public function shopify_auth_callback(Request $request)
{
    dd($this->getUser());
}

Callback Result (localhost):

AppEntityUser {#977 ▼
   -id: 103
   -email: "[email protected]"
}

Callback Result (remote):

null

2

Answers


  1. Chosen as BEST ANSWER

    The problem was that I was creating a new session before navigating to a remote URL.

    Advice for future readers - make sure you're always on the same session, which you can fetch from the Request.

    Avoid doing this:

    $session = new Session();
    

  2. I had the same issue but with the Google Oauth system.
    I just changed the cookie samesite policy in framework configuration from 'strict' to 'lax' and it solved my issue

    Now I can keep the user logged in after api redirection

    framework:
      session:
        enabled: true
        cookie_secure: 'auto'
        cookie_samesite: 'lax'
        cookie_lifetime: 86400
    
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search