Is there customer session support via Magento's REST api?

magento.stackexchange https://magento.stackexchange.com/questions/7354

  •  16-10-2019
  •  | 
  •  

Pergunta

I'm working on extending wishlist functionality to Magento's REST api. It would be nice to access the customer's session. Does Magento have any support for accessing the customer's session via REST?

Foi útil?

Solução

As mentioned in my comments above, I would recommend to provide a user login with oAuth to gain access to the customerID. To anwer your question: No, it's not possible to access the customer session.

The flow can be as follows:

  1. User accesses a 3rd party website where you want to provide the wishlist functionality
  2. User request wishlist/wishlist functionality (by adding a new item to wishlist, showing his wishlist etc.)
  3. User logs in via oAuth in your magento shop
  4. Retrieve customer ID from oAuth
  5. Proceed with your wishlist functionality

For the user Authorization, I recommend you follow the sections "Getting an Unauthorized Request Token" and "User Authorization" on this page.

Outras dicas

No.

The customer session is tied against the frontend cookie the browsing customer has. If you are using file based sessions these would be stored under var/sessions/ - if you are using the database as session storage this would be stored in core_session.

In any case to be able to access it you would need to know the session_id from the customer which by design should only be between browser and server. *1)

A better approach, as suggested in the comments above, would be to figure out what information you do have available for the customer (customer_id, email address) and then access the wishlist via that.

One further thing to keep in mind is that the session you have established to communicate to the API is separate to the session a customer has.

Overall I feel you would get a more actionable answer if you posted what it is you are trying to achieve with the wishlist stating your current constraints.

*1) you might be able to read the currently used cookie session and save it to the database for further processing, but you will again need some other information to tie this back to the logic you are currently trying to implement, so I do not see any use for it here.

I think what you're looking for is a mix of the REST API and Magento's OAuth. With OAuth the frontend user can login onto the Magento environment giving your (3th party) application and access to his customer data like order history.

As far as I know this is as close as you can get to the customer session using the API.

Check out this Magento documentation on the subject and also this nice article by Inchoo

Licenciado em: CC-BY-SA com atribuição
Não afiliado a magento.stackexchange
scroll top