Pass cart_sid through login URL for cross-app cart adoption

When login_url() is called from a different app (e.g. cart), the anonymous cart_sid is in that app's session cookie. Pass it as a query parameter so the auth app can store it and use it for adoption. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-22 17:46:08 +00:00
parent 07aa2e2be9
commit 1c1ab3576f
1 changed files with 9 additions and 1 deletions
--- a/infrastructure/urls.py
+++ b/infrastructure/urls.py
@@ -67,8 +67,16 @@ def market_product_url(product_slug: str, suffix: str = "", market_place=None) -

 def login_url(next_url: str = "") -> str:
    # Auth lives in blog (coop) for now. Set AUTH_APP=federation to switch.
+    from quart import session as qsession
    auth_app = os.getenv("AUTH_APP", "coop")
    base = app_url(auth_app, "/auth/login/")
+    params: list[str] = []
    if next_url:
-        return f"{base}?next={quote(next_url, safe='')}"
+        params.append(f"next={quote(next_url, safe='')}")
+    # Pass anonymous cart session so the auth app can adopt it on login
+    cart_sid = qsession.get("cart_sid")
+    if cart_sid:
+        params.append(f"cart_sid={quote(cart_sid, safe='')}")
+    if params:
+        return f"{base}?{'&'.join(params)}"
    return base