Hello,
I'm running nopCommerce 1.9 on Discountasp.com hosting and have recently added SSL certificate.
I have the following issue:
1) I have enabled Anonymous Checkout in Configuration
2) I have set UseSSL to true in web.config
3) When I enter UNSECURE site as Anonymous and attempt to add an item to cart, I get the following
a) Shopping Cart opens as SECURE
b) Shopping cart is empty (Items did not get added)
4) If I'm logged in, this issue does not occur, and i'm able to add items to cart.
Please help me :)
Problems with Anonymous checkout and SSL
- 16
- 160
- 2011/4/9
- United States
I think I found the answer!
Apparently NopCommerce does saves Session to database even for anonymous users, but when shopping cart is being rendered a check that inspects a state of Shopping Cart only relies on the fact that session did not change.
I found the point of failure inside ShoppingCartServices.cs, method GetCurrentShoppingCart on line 217:
if(NopContext.Current.Session == null)
return new ShoppingCart();
This apparently doesn't work since you have switched the protocol (HTTP > HTTPS) and Session is reset.
So I added this one line before this check:
NopContext.Current.Session = NopContext.Current.Session ?? NopContext.Current.GetSession(true, null);
What this does is tries to get saved session from Database in case session has been reset. So this seem to work fine (unless there are some implications i'm not aware of yet).
So to summarize:
1) Sessions are reset between protocol changes (at least in most browsers)
2) Session state needs to be refreshed (just in case)
//Code changes ( Libraries/Nop.BusinessLogic/Orders/ShoppingCartServices.cs)
public ShoppingCart GetCurrentShoppingCart(ShoppingCartTypeEnum shoppingCartType)
{
NopContext.Current.Session = NopContext.Current.Session ?? NopContext.Current.GetSession(true, null);
if (NopContext.Current.Session == null)
return new ShoppingCart();
var customerSessionGuid = NopContext.Current.Session.CustomerSessionGuid;
return GetShoppingCartByCustomerSessionGuid(shoppingCartType, customerSessionGuid);
}
Apparently NopCommerce does saves Session to database even for anonymous users, but when shopping cart is being rendered a check that inspects a state of Shopping Cart only relies on the fact that session did not change.
I found the point of failure inside ShoppingCartServices.cs, method GetCurrentShoppingCart on line 217:
if(NopContext.Current.Session == null)
return new ShoppingCart();
This apparently doesn't work since you have switched the protocol (HTTP > HTTPS) and Session is reset.
So I added this one line before this check:
NopContext.Current.Session = NopContext.Current.Session ?? NopContext.Current.GetSession(true, null);
What this does is tries to get saved session from Database in case session has been reset. So this seem to work fine (unless there are some implications i'm not aware of yet).
So to summarize:
1) Sessions are reset between protocol changes (at least in most browsers)
2) Session state needs to be refreshed (just in case)
//Code changes ( Libraries/Nop.BusinessLogic/Orders/ShoppingCartServices.cs)
public ShoppingCart GetCurrentShoppingCart(ShoppingCartTypeEnum shoppingCartType)
{
NopContext.Current.Session = NopContext.Current.Session ?? NopContext.Current.GetSession(true, null);
if (NopContext.Current.Session == null)
return new ShoppingCart();
var customerSessionGuid = NopContext.Current.Session.CustomerSessionGuid;
return GetShoppingCartByCustomerSessionGuid(shoppingCartType, customerSessionGuid);
}