I am new to Shopify app development. I developed an app using php templates provided by shopify. It uses Laravel and React. This is https://github.com/Shopify/shopify-app-template-php/tree/cli_third
When I execute npm run dev, the app is running in the dev store.
I then deployed my application on an AWS server using a domain (for example: sub.mydomain.com).
Then I installed the app in the store.
The page is being rendered in the application. But I am getting 500 error while making any GET or POST request.
After debugging, I found this line of code
$session = Utils::loadCurrentSession($request->header(), $request->cookie(), $isOnline);
An exception is thrown, the error is:
ShopifyExceptionMissingArgumentException {#334
#message: "Missing Authorization key in headers array"
#code: 0
#file: "/var/www/html/shopify-project/web/vendor/shopify/shopify-api/src/Auth/OAuth.php"
But in the header of the request, there is an authorization code:
:authority: sub.mydomain.com :method: GET :path: /api/view-id :scheme: https accept: */* accept-encoding: gzip, deflate, br accept-language: en-US,en;q=0.9,ne;q=0.8 authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczpcL1wvcW9kZWFuYWx5dGljcy5teXNob3BpZnkuY29tXC9hZG1pbiIsImRlc3QiOiJodHRwczpcL1wvcW9kZWFuYWx5dGljcy5teXNob3BpZnkuY29tIiwiYXVkIjoiNDBhYWM4OWM0Yzc4YmJlMjE5ZDBmMWY3NWExZjJhZTciLCJzdWIiOiI4NDM4NjcwOTc2MSIsImV4cCI6MTY1NzgxOTUyOSwibmJmIjoxNjU3ODE5NDY5LCJpYXQiOjE2NTc4MTk0NjksImp0aSI6ImRhZTI1ZjViLWIxODgtNGZkOS05MjcwLWNkOWNlODQ3MDIyZCIsInNpZCI6IjJmNTJkOTcxNTgxMDc5YmYxYmI0NDNlZWY5MGM2YTI2OGEyMmRkY2ZlZmRhMDc2YzE4NTM5OGY3YzU4ZDJmYTgifQ.ASJOsmBb4kMZz-QiRzg60pzvwDaj4w5DbZRO8mcWt1U cache-control: no-cache pragma: no-cache referer: https://sub.mydomain.co/setup? hmac=633d1f9577273c7e7281dba9ca206037100dckjlkjb45ac7271674691acc6f7e6b3da&host=cW9kZWFuYWx5dGljcy5teXNob3BpZ54654nkuY29tL2FkbWlu&locale=en&session=78bbfd9e29b55c907762eba75a4a759f0691572c1f4661500f0d6d4ff6a54d86&shop=mystore.myshopify.com×tamp=1657819465 sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="99", "Google Chrome";v="99" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Linux" sec-fetch-dest: empty sec-fetch-mode: cors sec-fetch-site: same-origin user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.82 Safari/537.36 x-requested-with: XMLHttpRequest
I believe this is due to the request being sent by the iframe. Can anyone tell me what I should do to allow this request?
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
I found the solution! Actually, the Laravel template I use does not have a .htaccess file in the public folder. I have to add it manually.
When adding the .htaccess file, it only has the following code:
RewriteEngine on RewriteCond !^(index.php|resources|robots.txt) RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php/ [L,QSA]And the authorization code does not reach the Lararvel application.
I had to add this code in the .htaccess file:
RewriteCond %{HTTP:Authorization} . RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]The final code in the.htaccess file is:
RewriteEngine on RewriteCond !^(index.php|resources|robots.txt) RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php/ [L,QSA] RewriteCond %{HTTP:Authorization} . RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]Then all requests start working.