Skip to content

Store additional session metadata #2333

New issue
New issue
Open
Open
Store additional session metadata#2333
@zirkelc

Description

@zirkelc
zirkelc
opened on Apr 13, 2025

Overview

Every app needs to store some additional metadata about the merchant, e.g. external IDs like user oder tenant IDs, subscription data, etc. I usually store this data in a separate database table or even an external system, but some information would make sense to store in the session itself, since the session storage is natively integrated into the Shopify API library. That means the app has to make at least database access any way and it would give us a cheap and fast way to store data.

Status Quo

The SessionParams types seems to allow additional properties, even though I'm not sure it was actually meant for this use case:

shopify-app-js/packages/apps/shopify-api/lib/session/types.ts

Lines 37 to 41 in 52134b2

/**
* Additional properties of the session allowing for extension
*/
[key: string]: any;
}

Also the Session, if instantiated from the constructor, keeps the additional properties:

shopify-app-js/packages/apps/shopify-api/lib/session/session.ts

Lines 170 to 172 in 52134b2

constructor(params: SessionParams) {
Object.assign(this, params);
}

However, the toObject method doesn't consider any additional properties:

shopify-app-js/packages/apps/shopify-api/lib/session/session.ts

Lines 225 to 246 in 52134b2

public toObject(): SessionParams {
const object: SessionParams = {
id: this.id,
shop: this.shop,
state: this.state,
isOnline: this.isOnline,
};
if (this.scope) {
object.scope = this.scope;
}
if (this.expires) {
object.expires = this.expires;
}
if (this.accessToken) {
object.accessToken = this.accessToken;
}
if (this.onlineAccessInfo) {
object.onlineAccessInfo = this.onlineAccessInfo;
}
return object;
}

Suggestion

I think we could use TypeScripts module augmentation to extend the SessionParams interface with additional properties which exist only in type-space. However, since we are mostly interacting with the Session class return from the SessionStorage, the Session would need ti implement the SessionParams interface. That should be a problem, since properties already exist in the class:

shopify-app-js/packages/apps/shopify-api/lib/session/session.ts

Lines 137 to 168 in 52134b2

/**
* The unique identifier for the session.
*/
readonly id: string;
/**
* The Shopify shop domain, such as `example.myshopify.com`.
*/
public shop: string;
/**
* The state of the session. Used for the OAuth authentication code flow.
*/
public state: string;
/**
* Whether the access token in the session is online or offline.
*/
public isOnline: boolean;
/**
* The desired scopes for the access token, at the time the session was created.
*/
public scope?: string;
/**
* The date the access token expires.
*/
public expires?: Date;
/**
* The access token for the session.
*/
public accessToken?: string;
/**
* Information on the user for the session. Only present for online sessions.
*/
public onlineAccessInfo?: OnlineAccessInfo;

The main problem is that toObject removes any additional properties. We would need to keep track of the additional properties when creating a session from the constructor or the static fromPropertyArray method.

Please let me know your thoughts and if you are willing to open the session for this use case.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions