is there a race condition on the NONCE mechanism?
Opened this issue · 1 comments
wangwalton commented
if there are 2 hits to the /app_launched
endpoint, doesn't the second one overwrite the first hex? so on the next two /app_installed
calls, only one will succeed?
garettB commented
Hi, yes the use of globals will cause issues with multiple shops accessing this sample at the same time. If trying to migrate to a production app I'd suggest a more appropriate means of storing the nonces and authentication keys.
I'm afraid this sample has been fairly neglected; but if I get the chance to work on it again then perhaps I'll put in a dict as a stop-gap solution to avoid this issue and also add a note to the README.
Thanks for reporting!