Customer Cart getting wiped out

Vote:
 

Hello Opti folks,

I am trying to troubleshoot an issue related to commerce carts getting randomly wiped out.

We currently allow guest checkout. The users add items to the cart, we use CustomerContext Contact ID to load or create cart which then gets saved to the database. I know for anonymous users it uses the ".ASPXANONYMOUS" cookie to set the context which has a 60 day expiry. However, sometimes the cookie gets refreshed randomly and the user's cart gets wiped out (new cart returned). Has anyone else experienced this issue, and if yes what's the best practice? 

web.config:

<anonymousIdentification enabled="true" />

Code:

var cart = _orderRepository.LoadOrCreateCart<ICart>(CustomerContext.Current.CurrentContactId, OrderNames.Default);

#271528
Feb 11, 2022 0:29
Vote:
 

Do you have any clue if the problem is that the cookie is removed by the client or if the client is given a new cookie by the server?

Anyway, please verify that it's not a machine key issue as I wrote about in the other thread: https://world.optimizely.com/forum/developer-forum/Commerce/Thread-Container/2019/1/if-user-is-logged-in-via-azure-the-_customercontext-currentcontactid-changes-constantly-for-user--why-is-that/#276855

#276856
Mar 22, 2022 11:48
Vote:
 

A new cookie is given by the server. You maybe right about the machine key but we have seen instances where the user is active in a session and sometime during their active session their cart is emptied (due to new ASPXANONYMOUS cookie (though expiry date is 69 days). I know the cookie refreshes half way through the timeout period by default but I don't think that's the case.

#276860
Mar 22, 2022 13:23
Andreas J - Mar 22, 2022 13:42
I would regardless start off by verifying that a machine key is explicitely set in the web.config. I mean, if the server provides a new cookie to the client even though the cookie already exists - the server probably doesn't think it's valid.

If you have multiple web sites (load balanced environment), all sites needs to share the same machine key as well.
Aniket - Mar 22, 2022 16:31
This is on DXP so technically the machine key is set by Azure. I will verify.
Andreas J - Mar 22, 2022 18:18
Maybe in that case it's even more likely that the issue occur, because Azure can give you a new website instance because some other slot/instance is down or slow. It can be a good idea to add a comment in your root layout that simply prints Environment.MachineName, so that you know on what server responded to your request.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.