Hi Dylan,
thanks for your answer.
> <
gerwin.brun...@bizzons.com>wrote:
>
> > I started to create a shopify proxy app to build a customer signup form
> > where we can collect the company name and also some additional values like
> > VAT number.
>
> > It works fine, for the validation of forms, which is great.
>
> > But everything that uses the session (like flash notices) does not work.
> > Would it be possible to pass the shopify session thru to the proxy. That
> > way we should be able to work around this topic.
>
> The api proxy is working as documented:
>
> From
api.shopify.com/app_proxy.html
>
> > Cookies are not supported for the application proxy, since the application
> > is accessed through the shop’s domain. Shopify will strip the Cookie header
> > from the request and Set-Cookie from the response.
>
> The problem is that the proxy application is running in the shop's domain.
> Without this protection your application would be reading and writing
> cookies that are used by Shopify itself, along with any other proxy
> applications installed in the application. So this was done for security
> and reliability.
That makes total sense to me.
Would it be possible to add the following parameters ti the forwarded
request:
- session_id : we could use that in an rails app to keep track who
the user is and if to display the flash message -- kind of workaround
for the cookie issue -- and I think this would not compromise security
on shopify side. right?
- user_id / or user_email : only sent if the customer is logged in..
with this information I would be able to know what data I need to look
up in external datasources for this customer, do some processing and
then displaying it.
This would not be possible to be done only in the liquid, cause then I
would have to put all the customer data into that response and then
decide in the liquid which customer I want to be displayed... This
would be to huge with a lot of customers