Add support for round-tripping the user through Unified Ecommerce on login #2515
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…login This will ensure they get signed into UE when they log into MITx Online, so they can then get to the cart/etc. This is feature flagged - ensure "enable_unified_ecommerce" is configured in PostHog to test this. Because this is checked before login, you won't be able to limit this to specific usernames. (You can still limit it somewhat, like to IP address.) Until MITx Online is set up to use Keycloak for authentication, this will necessarily require you to log into Keycloak too once you've logged into MITx Online. There's no requirement that you log in using the _same_ account. MITx Online will have no idea what your session in UE is.
cp-at-mit
approved these changes
Jan 24, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What are the relevant tickets?
mitodl/hq#6520
Description (What does it do?)
After login, this throws the user to the Unified Ecommerce session start endpoint, which will start up a session for the user there and then send them back to MITx Online. This ensures the user can interact with the cart while in MITx Online (to get cart status, add items, etc.).
How can this be tested?
The code for this is feature flagged out. Ensure
enable_unified_ecommerceis configured in PostHog to test this. It needs to be Enabled. (Additionally, you should have your MITx Online setup configured to use PostHog, and ideally a project that you control rather than one of the regular OL ones.)You'll need a Unified Ecommerce instance set up. Specifically, it will need to be set up and tracking jkachel/6520-add-updates-to-establish-session so you have the other side of the equation (unless mitodl/unified-ecommerce#200 is merged when you test). The instructions for setting up Unified Ecommerce are in the README and README-keycloak files.
In the
.envfile, optionally setUNIFIED_ECOMMERCE_URLto the URL you have set up for the UE API. The default is `http://ue.odl.local:9080/' - if you've set the hostnames up differently, then you should set this appropriately. Do not set this to the port for the frontend (8072 usually).In Unified Ecommerce, you should have an Integrated System set up with a slug named "mitxonline". The homepage URL should be set to the root URL for your MITx Online instance.
Ensure you have a Web Inspector pulled up into the Network tab, and enable Preserve Log. Then, log into the system. Once you've entered your password, you should see that you're being thrown to Unified Ecommerce. You'll likely have to log into Keycloak, and then you should be thrown back to MITx Online.
If you start somewhere that redirects you into login (like, from clicking Enroll on a course while logged out), you should be sent back to the proper page.
Note that if you have a Keycloak session already - in other words, you logged into Unified Ecommerce before MITx Online - you won't be prompted to log in again. We don't expose a logout from the UI, but you can log out of Unified Ecommerce by going to
http://ue.odl.local:9080/logout. This will destroy your UE session and your Keycloak session, so you'll have a blank slate.Additional Context
The learner needs a UE session so that they can interact with the API (i.e. get cart status, add things to cart, etc.). Doing this by throwing the user to UE once they've logged into MITx Online seemed like a reasonable way to do this.
Once MITx Online auths through Keycloak, UE will pick up the existing Keycloak session and start its own session up using that. Since these will share the same underlying Keycloak instance, the sessions should all be the same.
The feature flag check happens before the learner logs in, so we will be limited in our ability to conditionally enable the flag. We can limit the flag via the client's IP address, but we should be careful to check/clear these as we're testing because IP addresses often change on consumer-grade Internet connections.