Omnipay - Session is cleared on order payment confirmation
Forum rules
Always add your Laravel, Aimeos and PHP version as well as your environment (Linux/Mac/Win)
Spam and unrelated posts will be removed immediately!
Always add your Laravel, Aimeos and PHP version as well as your environment (Linux/Mac/Win)
Spam and unrelated posts will be removed immediately!
Omnipay - Session is cleared on order payment confirmation
Laravel framework version: 9.52.4
Aimeos Laravel version: ~2022.10
PHP Version: 8.2.4
Environment: Linux
Hello,
I am working with Omipay to implement a new payment method.
When the payment is complete the payment processor redirects back to the Aimeos website with a POST request, which contains Form Data with the related information about the payment.
The problem is that the redirection itself clears my session, I get logged out and get greeted by a "419 PAGE EXPIRED" error and I can't continue.
What is the proper way to handle this issue and implement a secure solution so the session isn't lost?
Aimeos Laravel version: ~2022.10
PHP Version: 8.2.4
Environment: Linux
Hello,
I am working with Omipay to implement a new payment method.
When the payment is complete the payment processor redirects back to the Aimeos website with a POST request, which contains Form Data with the related information about the payment.
The problem is that the redirection itself clears my session, I get logged out and get greeted by a "419 PAGE EXPIRED" error and I can't continue.
What is the proper way to handle this issue and implement a secure solution so the session isn't lost?
Re: Omnipay - Session is cleared on order payment confirmation
Most likely, the browser doesn't send the session cookie to your site after redirecting from the payment gateway.
Try to set the Same-Site Cookie policy to "none" in config/session.php:
Try to set the Same-Site Cookie policy to "none" in config/session.php:
Code: Select all
'same_site' => "none",
Professional support and custom implementation are available at Aimeos.com
If you like Aimeos, give us a star
If you like Aimeos, give us a star
Re: Omnipay - Session is cleared on order payment confirmation
Is it secure to make this change in Aimeos?
I tried changing it to "none" and logging in does not work now.
I tried changing it to "none" and logging in does not work now.
Re: Omnipay - Session is cleared on order payment confirmation
Then, it most be something else. Neverthless, you should check if the Laravel session cookie is sent to your server after the redirect from the payment provider.
Professional support and custom implementation are available at Aimeos.com
If you like Aimeos, give us a star
If you like Aimeos, give us a star
Re: Omnipay - Session is cleared on order payment confirmation
The cookie is not being sent.
I have created a callback route where I have turned off CSRF verification, where I will verify the data manually via the payment processor's Omnipay gateway's, it includes verification of certificate and signing with that certificate coming from the payment processor.
After verifying the signature, order ID and status, it will change the order status, log the user back in and redirect to the completed order page.
I have created a callback route where I have turned off CSRF verification, where I will verify the data manually via the payment processor's Omnipay gateway's, it includes verification of certificate and signing with that certificate coming from the payment processor.
After verifying the signature, order ID and status, it will change the order status, log the user back in and redirect to the completed order page.