Rest api call makes session global

  • Resolved karagiannidis

    (@karagiannidis)


    4 years, 9 months ago

    The following code makes sessions and cart act weird. There is only one session. If i open the website in a new tab (incognito or other browser) there will be no new session, the old one’s session_expiry gets refreshed. The cart is acting like its global between users, if i add a product on incognito tab, it will be also added on the normal one. Both tabs also share the same cart_hash.

    
$.ajax({
    url: API_BASE_URL+'/products/'+PROD_ID+'?consumer_key=MY_CONSUMER-KEY&consumer_secret=MY_COSUMER_SECRET',
    type: "GET",
    crossDomain: true,
    jsonpCallback: "myCallback",
    success: function(data){
            //handle data
    },
    error: function(XMLHttpRequest, textStatus, errorThrown) { 
        //handle error
    }   
})

    Commenting out this code and the issues stops. If searched many topics/sites for a solution but there seems to be none. WordPress and Woocommerce are updated to the latest versions.

    This the closest github issue i could find , its kinda old and it didnt work out for me.

    • This topic was modified 4 years, 9 months ago by karagiannidis.
Viewing 3 replies - 1 through 3 (of 3 total)
  • Phil

    (@fullysupportedphil)

    Automattic Happiness Engineer

    Where are you finding that code?

    Cart contents should never be shared in WooCommerce. If they are it means that either:

    – You are caching the cart page (either through a plugin or your host)
    or
    – Third-party code on your site is causing the error (theme or plugins)

    The Cart, Checkout, and My Account pages should never be cached in any way.

    Thread Starter karagiannidis

    (@karagiannidis)

    Hello Phil,

    The code is inside my js file, loaded on the child theme (storefront is parent)
    This part of the code is not the only ajax call im doing to the rest api, the others also seem to mess with the cart. Commenting every ajax call and the error goes away, enable 1 ajax call and the cart is messed up.
    I am not using any caching plugins. This happens both localhost (xampp) and online.
    Is this error maybe related to the fact that every session uses the same consumer_key & consumer_secret? (a read only key registered to the admin account) Do i need a different key for every session?

    Thread Starter karagiannidis

    (@karagiannidis)

    I’m posting the solution here, maybe someone faces the same prooblem in the future, although i didn’t get the slightest of help from the support team.

    I’ve altered my ajax calls to use admin-ajax.php instead of rest api. Apparently the WC rest api is not meant to be used on the frontend like that.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Rest api call makes session global’ is closed to new replies.