New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[frontend-api] avoid session starting in FE API #2497
base: master
Are you sure you want to change the base?
Conversation
305a1a8
to
25bce14
Compare
packages/framework/src/Component/FlashMessage/FlashBagProvider.php
Outdated
Show resolved
Hide resolved
- FlashBagProvider is not wired in contructor anymore because it had side effects (session was started when the container was built) - see symfony/symfony#36063
- the current cart migration implementation does not work in the FE API so it is useless and dangerous to even try it (the session is started in the process which is unwanted in the API)
3d27fa3
to
cf6a8ea
Compare
Kudos, SonarCloud Quality Gate passed! 0 Bugs No Coverage information |
Hi @pk16011990, on a project, we encountered a very weird behavior - there was added a session entry in the Redis after doing a request on the storefront. The checker did not reveal this error because, at the time of its execution, the session was not started yet. This makes me think we should ensure the checker is called later than it is called now. On the project, there was In this PR, the problem is resolved thanks to the usage of |
FlashBagInterface
Symfony service anywhere in the application -> the session is started during the build of the container (see symfony/symfony#36063); 2)CartMigrationFacade
is defined as an event listener that listens on thekernel.controller
event, therefore it is triggered even in the API requests. The facade was originally used in the Twig frontend only so it uses the session, but in the API requests, it does not work (and does not make any sense there). Besides the fact the session is useless in the API, it can be also dangerous as Redis can get overwhelmed by the huge number of pointless session entries.