Merge pull request #25 from bigcommerce/error-template-fix

Move error rendering to a blade template

app/Http/Controllers/MainController.php

@@ -53,7 +53,7 @@ public function install(Request $request)
     {
         // Make sure all required query params have been passed
         if (!$request->has('code') || !$request->has('scope') || !$request->has('context')) {
-            return redirect()->action('MainController@error')->with('error_message', 'Not enough information was passed to install this app.');
+            return redirect('error')->with('error_message', 'Not enough information was passed to install this app.');
         }
 
         try {
@@ -102,7 +102,7 @@ public function install(Request $request)
             if ($request->has('external_install')) {
                 return redirect('https://login.bigcommerce.com/app/' . $this->getAppClientId() . '/install/failed');
             } else {
-                return redirect()->action('MainController@error')->with('error_message', $errorMessage);
+                return redirect('error')->with('error_message', $errorMessage);
             }
         }
     }
@@ -119,26 +119,15 @@ public function load(Request $request)
                 $request->session()->put('owner_email', $verifiedSignedRequestData['owner']['email']);
                 $request->session()->put('store_hash', $verifiedSignedRequestData['context']);
             } else {
-                return redirect()->action('MainController@error')->with('error_message', 'The signed request from BigCommerce could not be validated.');
+                return redirect('error')->with('error_message', 'The signed request from BigCommerce could not be validated.');
             }
         } else {
-            return redirect()->action('MainController@error')->with('error_message', 'The signed request from BigCommerce was empty.');
+            return redirect('error')->with('error_message', 'The signed request from BigCommerce was empty.');
         }
 
         return redirect('/');
     }
 
-    public function error(Request $request)
-    {
-        $errorMessage = "Internal Application Error";
-
-        if ($request->session()->has('error_message')) {
-            $errorMessage = $request->session()->get('error_message');
-        }
-
-        echo '<h4>An issue has occurred:</h4> <p>' . $errorMessage . '</p> <a href="'.$this->baseURL.'">Go back to home</a>';
-    }
-
     private function verifySignedRequest($signedRequest, $appRequest)
     {
         list($encodedData, $encodedSignature) = explode('.', $signedRequest, 2);

config/session.php

@@ -140,7 +140,7 @@
     |
     */
 
-    'path' => '/',
+    'path' => '/;samesite=none',
 
     /*
     |--------------------------------------------------------------------------
@@ -194,6 +194,6 @@
     |
     */
 
-    'same_site' => 'none',
+    'same_site' => '',
 
 ];

resources/views/error.blade.php

@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html>
+<head>
+<title>Application Error</title>
+<meta name="csrf-token" content="{{csrf_token()}}" />
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<link rel="stylesheet" type="text/css" href="{{mix('/css/app.css')}}">
+</head>
+<body>
+  <div class="container mt-md-5">
+    <div class="jumbotron jumbotron-fluid shadow-sm p-5 mb-5 bg-white rounded">
+      <div class="container">
+        <h1 class="display-6">An issue has occurred:</h1>
+        <p class="lead">{{ session('error_message') }}</p>
+      </div>
+    </div>
+  </div>
+</body>
+</html>

routes/web.php

@@ -11,6 +11,10 @@
 |
 */
 
+Route::get('/error', function () {
+  return view('error');
+});
+
 Route::get('/{url?}', function () {
     return view('app');
 })->where('', 'list');