loopstak-shopify-sinatra-app 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 8b42b5ddb8de2cb8697c6a271c23e08d458241634be23ab6cd5149af43d66e28
+  data.tar.gz: ff46cfa7de389cadefc54644848fe7efea220ddec8b849ab75aab56ab1dc2bd3
+SHA512:
+  metadata.gz: d5dd5d69945f3f6926869d4282661f7b8cb9f348de05570dd6c2ed8624db85651d35e4bfdc64057568a72c0742030e779b35289ca08d01c91d3156bda41489ee
+  data.tar.gz: 84558667eae51f1834857ae62e54e379c31592e702df69382b503cd76080d93c714e4d1a6ef169e3c4d46dc145bed06a7342e98bc2e0a42f1d0eefafc9fe77a3

data/CHANGELOG

@@ -0,0 +1,52 @@
+0.8.0
+-----
+* Shopify updated the way sessions are created: https://github.com/Shopify/shopify_api/blob/master/README.md#-breaking-change-notice-for-version-700-, updating code to reflect these changes.
+
+0.7.0
+-----
+* make base_url private (users can add back in their app easily if needed)
+* store request params in the session so they can be retrieved after the omniauth flow. This fixes app actions from the admin if the user's session has expired
+* refactored some smaller methods to make the shopify_session method easier on the eyes.
+
+0.6.0
+-----
+* remove current_shop* methods in favor of yielding shop_name to the block methods
+
+0.5.0
+-----
+* replace webhook_session and webhook_job with shopify_webhook
+* remove redis and resque as dependencies
+
+0.4.0
+-----
+* update to sinatra 2.0.1
+* update to attr_encrypted 3.1.0
+* remove SHOPIFY_REDIRECT_URI param
+
+0.3.4
+-----
+* rename lib to src in the example/template
+
+0.3.3
+-----
+* fix a bug in the generator
+
+0.3.2
+-----
+* remove an extra `%` from the redirect view
+
+0.3.1
+-----
+* update authentication code for upcoming chrome changes.
+
+0.3.0
+-----
+* Remove sinatra-twitter-bootstrap dependency. Include css from cdn directly for example app.
+
+0.2.0
+-----
+* added a SHOPIFY_REDIRECT_URI env param for setting the redirect_uri (was breifly HOSTNAME)
+* add versions to gemfile
+* refactored the generator
+* Changed install method to after_shopify_auth. Implementations of this method must now be idempotent as this will be called anytime the app is auth'd which may be due to just a lost session and not necessarily an install.
+* Always redo the full auth rather than trying to keep track of first time install state vs re-auth

data/Gemfile

@@ -0,0 +1,2 @@
+source 'https://rubygems.org'
+gemspec

data/Gemfile.lock

@@ -0,0 +1,114 @@
+PATH
+  remote: .
+  specs:
+    loopstak-shopify-sinatra-app (1.0.0)
+      activesupport
+      attr_encrypted (~> 3.1.0)
+      omniauth-shopify-oauth2
+      rack-flash3 (~> 1.0.5)
+      shopify_api (>= 7.0.1, < 9.1.0)
+      sinatra (~> 2.0.2)
+      sinatra-activerecord (~> 2.0.9)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activemodel (6.0.2.1)
+      activesupport (= 6.0.2.1)
+    activemodel-serializers-xml (1.0.2)
+      activemodel (> 5.x)
+      activesupport (> 5.x)
+      builder (~> 3.1)
+    activerecord (6.0.2.1)
+      activemodel (= 6.0.2.1)
+      activesupport (= 6.0.2.1)
+    activeresource (5.1.0)
+      activemodel (>= 5.0, < 7)
+      activemodel-serializers-xml (~> 1.0)
+      activesupport (>= 5.0, < 7)
+    activesupport (6.0.2.1)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+      zeitwerk (~> 2.2)
+    attr_encrypted (3.1.0)
+      encryptor (~> 3.0.0)
+    builder (3.2.4)
+    concurrent-ruby (1.1.5)
+    encryptor (3.0.0)
+    fakeweb (1.3.0)
+    faraday (1.0.0)
+      multipart-post (>= 1.2, < 3)
+    graphql (1.10.1)
+    graphql-client (0.16.0)
+      activesupport (>= 3.0)
+      graphql (~> 1.8)
+    hashie (3.6.0)
+    i18n (1.8.2)
+      concurrent-ruby (~> 1.0)
+    jwt (2.2.1)
+    minitest (5.14.0)
+    mocha (1.11.2)
+    multi_json (1.14.1)
+    multi_xml (0.6.0)
+    multipart-post (2.1.1)
+    mustermann (1.1.1)
+      ruby2_keywords (~> 0.0.1)
+    oauth2 (1.4.3)
+      faraday (>= 0.8, < 2.0)
+      jwt (>= 1.0, < 3.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
+    omniauth (1.9.0)
+      hashie (>= 3.4.6, < 3.7.0)
+      rack (>= 1.6.2, < 3)
+    omniauth-oauth2 (1.5.0)
+      oauth2 (~> 1.1)
+      omniauth (~> 1.2)
+    omniauth-shopify-oauth2 (2.2.0)
+      activesupport
+      omniauth-oauth2 (~> 1.5.0)
+    rack (2.1.2)
+    rack-flash3 (1.0.5)
+      rack
+    rack-protection (2.0.8.1)
+      rack
+    rack-test (1.1.0)
+      rack (>= 1.0, < 3)
+    rake (13.0.1)
+    ruby2_keywords (0.0.2)
+    shopify_api (9.0.0)
+      activeresource (>= 4.1.0, < 6.0.0)
+      graphql-client
+      rack
+    sinatra (2.0.8.1)
+      mustermann (~> 1.0)
+      rack (~> 2.0)
+      rack-protection (= 2.0.8.1)
+      tilt (~> 2.0)
+    sinatra-activerecord (2.0.14)
+      activerecord (>= 3.2)
+      sinatra (>= 1.0)
+    sqlite3 (1.4.2)
+    thread_safe (0.3.6)
+    tilt (2.0.10)
+    tzinfo (1.2.6)
+      thread_safe (~> 0.1)
+    zeitwerk (2.2.2)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  fakeweb
+  loopstak-shopify-sinatra-app!
+  minitest
+  mocha
+  rack-test
+  rake
+  sqlite3
+
+BUNDLED WITH
+   2.1.4

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2014 Kevin Hughes
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,228 @@
+shopify-sinatra-app [![Build Status](https://travis-ci.org/kevinhughes27/shopify-tax-receipts.svg)](https://travis-ci.org/kevinhughes27/shopify-sinatra-app)
+===================
+
+"A classy shopify app"
+
+shopify-sinatra-app is lightweight extension for building Shopify apps using Sinatra. It comes with the Shopify API gem for interacting with the Shopify API and uses the Shopify omniauth gem to handle authentication via Oauth (other auth methods are not supported). The framework itself provides a handful of helper methods to make creating your app as easy as possible. The framework was designed with deployment to Heroku in mind and following the instructions below I've been able to create a new application from scratch, deploy it to Heroku and install on my live test shop in less than 5 minutes.
+
+
+Getting Started
+---------------
+
+Install the gem:
+
+```
+gem install shopify-sinatra-app
+```
+
+or build from source
+
+```
+gem build shopify-sinatra-app.gemspec
+gem install shopify-sinatra-app-X.X.X.gem
+```
+
+To create a new app use the generator:
+
+```
+shopify-sinatra-app-generator new <your new app name>
+```
+
+This will create a new skeleton shopify-sinatra-app. The generator will create several default files for you rather than having them bundled in the sinatra extension - its worthwhile to read this section to understand what each of these files is for.
+
+`config/database.yml` --> The database config for active record. Initially this is setup to use sqlite3 for development and testing which you may want to change to mimic your production database.
+
+`.gitignore` --> tells git which files to ignore, namely `.env` you may find more things you want to add to this file.
+
+`.env` --> a hidden file not tracked by source control for storing credentials etc. to be set as environment variables
+
+`config.ru` --> Rackup file - describes how to run a rack based app
+
+`Gemfile` --> manages the dependencies of the app
+
+`src/app.rb` --> This file is the skeleton app file. More details on how to use the methods provided by this extension are given in the following section. There are more comments inside this file explaining the skeleton app.
+
+`Procfile` --> Specific for deploying to Heroku, this file tells heroku how to run the app
+
+`public/icon.png` --> This icon file is used by the Shopify Embedded App SKD and is shown in the menu bar of your embedded app
+
+`Rakefile` --> includes some helper methods etc for running and managing the app. Standard for ruby based projects
+
+`views/layouts/appliction.erb` --> This is the layout file that all templates will use unless otherwise specified. It sets up some defaults for using the Shopify Embedded App SDK and Twitter Bootstrap for styling
+
+`views/_top_bar.erb` --> This is a partial view that describes the top bar inside a Shopify Embedded App. It also has some code to *forward* flash messages to the Embedded App SKD
+
+`views/*` --> The other views used by the app. You'll probably make a lot of changes to home.erb and install.erb to customize the experience for your app
+
+`test/*` --> Test files, fixtures and helpers for testing your app.
+
+### Setting the app to use your Shopify API credentials
+
+You'll need to create a Shopify Partner Account and a new application. You can make an account [here](http://www.shopify.ca/partners) and see this [tutorial](http://docs.shopify.com/api/the-basics/getting-started) for creating a new application. This app uses the default redirect_uri from omniauth `<your domain>/auth/shopify/callback` so set it accordingly when creating your app.
+
+Note - The shopify-sinatra-app creates an embedded app! You need change the embedded setting to `enabled` in the [Shopify Partner area](https://app.shopify.com/services/partners/api_clients) for your app. If you don't want your app to be embedded then remove the related code in `layout/application.erb` and delete the `layout/_top_bar.erb` file and the references to it in the other views.
+
+After creating your new application you need to edit the `.env` file and add the following lines:
+
+```
+SHOPIFY_API_KEY=<your api key>
+SHOPIFY_SHARED_SECRET=<your shared secret>
+SECRET=<generate a random string to encrypt credentials with>
+```
+
+If your app has any other secret credentials you should add them to this file.
+
+
+Shopify::Methods
+----------------
+
+**shopify_session** - The main method of the framework, most of your routes will use this method to acquire a valid shopify session and then perform api calls to Shopfiy. The method activates a Shopify API session for you and accepts a block inside of which you can use the ShopifyAPI. Here is an example endpoint that displays products:
+
+```ruby
+get '/products.json' do
+  shopify_session do |shop_name|
+    products = ShopifyAPI::Product.all(limit: 5)
+    products.to_json
+  end
+end
+```
+
+**shopify_webhook** - This method is for an endpoint that receives a webhook from Shopify. Webhooks are a great way to keep your app in sync with a shop's data without polling. You can read more about webhooks [here](http://docs.shopify.com/api/tutorials/using-webhooks). This method also takes a block and yields the `shop_name` and `webhook_body` as a hash (note only works for json webhooks, don't use xml). Here is an example that listens to an order creation webhook:
+
+```ruby
+post '/order.json' do
+  shopify_webhook do |shop_name, webhook_data|
+    # do something with the data
+  end
+end
+```
+
+Note this method does not active a Shopify session by default but the current_shop* methods still work. It is not advised but if you want to handle the webhook in a web request you will need to activate the ShopifyAPI session manually:
+
+```ruby
+shop = Shop.find_by(name: current_shop_name)
+api_session = ShopifyAPI::Session.new(shop.name, shop.token)
+ShopifyAPI::Base.activate_session(api_session)
+```
+
+It's impossible to control the flow of webhooks to your app from Shopify especially if a larger store installs your app or if a shop has a flash sale. To prevent your app from getting overloaded with webhook requests it is best practise to process webhooks in a background queue and return a `200` to Shopify immediately. Ruby has several good background job frameworks that work with Sinatra including [Sidekiq](https://github.com/mperham/sidekiq) and [Resque](https://github.com/resque/resque).
+
+
+**after_shopify_auth** - This is a private method provided with the framework that gets called whenever the app is authorized. You should fill this method in with anything you need to initialize, for example webhooks and services on Shopify or any other database models you have created specific to a shop. Note that this method will be called anytime the auth flow is completed so this method should be idempotent (running it twice has the same effect as running it once).
+
+**logout** - This method clears the current session
+
+shopify-sinatra-app includes sinatra/activerecord for creating models that can be persisted in the database. You might want to read more about sinatra/activerecord and the methods it makes available to you: [https://github.com/janko-m/sinatra-activerecord](https://github.com/janko-m/sinatra-activerecord)
+
+shopify-sinatra-app also includes `rack-flash3` and the flash messages are forwarded to the Shopify Embedded App SDK (see the code in `views/layouts/application.erb`). Flash messages are useful for signalling to your users that a request was successful without changing the page. The following is an example of how to use a flash message in a route:
+
+```ruby
+post '/flash_message' do
+  flash[:notice] = "Flash Message!"
+  redirect '/'
+end
+```
+
+note - a flash must be followed by a redirect or it won't work!
+
+
+Developing
+----------
+The embedded app sdk won't load non https content so you'll need to use a forwarding service like [ngrok](https://ngrok.com/) or [forwardhq](https://forwardhq.com/). Set your application url in the [Shopify Partner area](https://app.shopify.com/services/partners/api_clients) to your forwarded url. However The redirect_uri should still be `http://localhost:4567/auth/shopify/callback` which will allow you to install your app on a live shop while running it locally.
+
+To run the app locally we use `foreman` which comes with the [Heroku Toolbelt](https://devcenter.heroku.com/articles/quickstart). Foreman handles running our application and setting our credentials as environment variables. To run the application type:
+
+```
+PORT=4567 foreman run web
+```
+
+Note - we use `foreman run ...` not `foreman start ...` because we only want to start the single process that is our app. This means if you add a debugger in your app it will trigger properly in the command line when the debugger is hit. If you don't have any debuggers feel free to use `foreman start -p 4567`.
+
+To debug your app simply add `require 'byebug'` at the top and then type `byebug` where you would like to drop into an interactive session. You may also want to try out [Pry](http://pryrepl.org/).
+
+If you are testing webhooks locally make sure they also go through the forwarded url and not `localhost`.
+
+
+Testing
+-------
+
+Some basic tests are included in the generated app. To run them simply run:
+
+```
+bundle exec rake test:prepare
+bundle exec rake test
+```
+
+`test:prepare` will initialize your testing database using the `seeds.rb` file. If you have added additional models you can add them here.
+
+Checkout the contents of the `app_test.rb` file and the `test_helper.rb` and modify them as you add functionality to your app. You can also check the tests of other apps using this framework to see more about how to write tests for your own app.
+
+
+Deploying
+---------
+
+This template was created with deploying to Heroku in mind. Heroku is a cloud based app hosting provider that makes it easy to get an application into a product environment.
+
+Before you can get started with Heroku you need to create a git repo for you application:
+
+```
+git init
+git add .
+git commit -m "initial commit"
+```
+
+Now you can create a new heroku application. Download the [Heroku Toolbelt](https://devcenter.heroku.com/articles/quickstart) and run the following command to create a new application:
+
+```
+heroku apps:create <your new app name>
+```
+
+You will also need to add the following (free) add-ons to your new Heroku app:
+
+```
+heroku addons:add heroku-postgresql
+```
+
+Now we can deploy the new application to Heroku. Deploying to Heroku is as simple as pushing the code using git:
+
+```
+git push heroku master
+```
+
+A `rake deploy2heroku` command is included in the generated Rakefile which does just this.
+
+Now that our application is deployed we need to run `rake db:migrate` to initialize our database on Heroku. To do this run:
+
+```
+heroku run rake db:migrate
+```
+
+We also need to set our environment variables on Heroku. The environment variables are stored in `.env` and are not tracked by git. This is to protect your credentials in the case of a source control breach. Heroku provides a command to set environment variables: `heroku config:set VAR=foo`. In the generated Rakefile there is a helper method that will properly set all the variables in your `.env` file:
+
+```
+rake creds2heroku
+```
+
+and make sure you have at least 1 dyno for web:
+
+```
+heroku scale web=1
+```
+
+Make sure you set your shopify apps url to your Heroku app url (and make sure to use the `https` version or else the Embedded App SDK won't work) in the Shopify Partner area https://app.shopify.com/services/partners/api_clients.
+
+
+Apps using this framework
+-------------------------
+
+* [shopify-fulfillment-integration](https://github.com/Shopify/shopify-fulfillment-integration)
+* [shopify-tax-receipts](https://github.com/pickle27/shopify-tax-receipts)
+* Add yours!
+
+
+Contributing
+------------
+
+PRs welcome!
+
+Note - this framework does have tests! They are the same tests that get generated for new apps by the generator. You can run them with `./test.sh`

data/bin/shopify-sinatra-app-generator

@@ -0,0 +1,82 @@
+#!/usr/bin/env ruby
+require 'fileutils'
+
+class Generator
+  attr_reader :spec, :app_dir, :example_dir
+
+  def initialize(app_name)
+    @spec = Gem::Specification.find_by_name('shopify-sinatra-app')
+    gem_root = spec.gem_dir
+    @example_dir = gem_root + '/example'
+
+    working_dir = Dir.pwd
+    @app_dir = working_dir + '/' + app_name
+
+    log "Generating new app: #{app_name}"
+    log "fullpath: #{app_dir}"
+  end
+
+  def run
+    if Dir.exists? app_dir
+      log 'App directory alread exists, pick a new app name or delete the existing folder'
+      return
+    end
+
+    copy_example_app
+    create_dot_env
+    sub_latest_version
+    bundle_install
+    migrate_database
+  end
+
+  private
+
+  def copy_example_app
+    FileUtils.cp_r(example_dir, app_dir)
+  end
+
+  def create_dot_env
+    FileUtils.touch(app_dir + '/.env')
+    file = File.open(app_dir + '/.env', 'w')
+    file.write("SHOPIFY_API_KEY=your_api_key\n")
+    file.write("SHOPIFY_SHARED_SECRET=your_shared_secret\n")
+    file.write("SECRET=random_string_to_encrypt_credentials_with\n")
+    file.close
+  end
+
+  def sub_latest_version
+    file_name = "#{app_dir}/Gemfile"
+    text = File.read(file_name)
+    new_contents = text.gsub("gem 'shopify-sinatra-app', path: '../'", "gem 'shopify-sinatra-app', '~> #{spec.version}'")
+    File.open(file_name, "w") {|file| file.puts new_contents }
+  end
+
+  def bundle_install
+    Dir.chdir(app_dir)
+
+    pipe = IO.popen('bundle install')
+    while (line = pipe.gets)
+      print line
+    end
+  end
+
+  def migrate_database
+    Dir.chdir(app_dir)
+
+    pipe = IO.popen('bundle exec rake db:migrate')
+    while (line = pipe.gets)
+      print line
+    end
+  end
+
+  def log(msg)
+    puts msg
+  end
+end
+
+if ARGV.length < 2
+  puts "Usage:\nshopify-sinatra-app-generator new <app_name>"
+else
+  app_name = ARGV[1]
+  Generator.new(app_name).run
+end