🐛 fix auth issue with invalid accesstoken

Shopify · Aug 13, 2019 · d57bc8c · d57bc8c
1 parent 23e4e4d
commit d57bc8c
Showing 1 changed file with 14 additions and 1 deletion.
diff --git a/packages/koa-shopify-auth/src/verify-request/verify-request.ts b/packages/koa-shopify-auth/src/verify-request/verify-request.ts
@@ -1,5 +1,4 @@
 import {Context} from 'koa';
-
 import {NextFunction} from '../types';
 import {TEST_COOKIE_NAME, TOP_LEVEL_OAUTH_COOKIE_NAME} from '../index';
 
@@ -23,6 +22,20 @@ export default function verifyRequest({
 
     if (session && session.accessToken) {
       ctx.cookies.set(TOP_LEVEL_OAUTH_COOKIE_NAME);
+      // we need to check if the accessToken is valid.
+      const response = await fetch(`https://${shop}/admin/metafields.json`, {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          'X-Shopify-Access-Token': session.accessToken,
+        },
+      });
+
+      if (response.status === 401) {
+        ctx.redirect(`${authRoute}?shop=${shop}`);
+        return;
+      }
+
       await next();
       return;
     }