You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Oct 8, 2025. It is now read-only.
CartBlamer's purpose is to be called on each request by authenticated customer and in case current request is one of /carts/{token} requests, then attach current customer to the cart.
This never happens and therefore AssignCustomerToCart is not called until after checkout is completed.
Reason is that it listens to on_jwt_created (Which happens only on login itself, no cart token there obliviously) instead of on_jwt_authenticated. https://github.com/lexik/LexikJWTAuthenticationBundle/blob/master/Events.php (on_authentication_success doesn't seems to work regardless the name or more suited event class)
I think more proper solution would be to listen to kernel.request event and check if current user is authenticated, then it will decouple plugin from any specific authentication library.
Another problem is the the way carts route is detected - by trying to find cart under any route with {token} argument.
Maybe we can do some kind of shop-api firewall check or match /shop-api/carts route prefix.
CartBlamer's purpose is to be called on each request by authenticated customer and in case current request is one of
/carts/{token}requests, then attach current customer to the cart.This never happens and therefore
AssignCustomerToCartis not called until after checkout is completed.ShopApiPlugin/src/Resources/config/services.xml
Line 67 in 0cd451b
Reason is that it listens to
on_jwt_created(Which happens only on login itself, no cart token there obliviously) instead ofon_jwt_authenticated. https://github.com/lexik/LexikJWTAuthenticationBundle/blob/master/Events.php (on_authentication_successdoesn't seems to work regardless the name or more suited event class)I think more proper solution would be to listen to
kernel.requestevent and check if current user is authenticated, then it will decouple plugin from any specific authentication library.Another problem is the the way carts route is detected - by trying to find cart under any route with
{token}argument.Maybe we can do some kind of shop-api firewall check or match
/shop-api/cartsroute prefix.