shopify_app 11.5.1 → 12.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (42) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +28 -0
  3. data/README.md +122 -115
  4. data/app/assets/javascripts/shopify_app/itp_helper.js +6 -6
  5. data/app/assets/javascripts/shopify_app/storage_access.js +35 -6
  6. data/app/controllers/concerns/shopify_app/authenticated.rb +1 -1
  7. data/app/controllers/shopify_app/callback_controller.rb +8 -2
  8. data/app/controllers/shopify_app/extension_verification_controller.rb +20 -0
  9. data/app/controllers/shopify_app/sessions_controller.rb +8 -6
  10. data/app/views/shopify_app/sessions/enable_cookies.html.erb +1 -1
  11. data/app/views/shopify_app/sessions/request_storage_access.html.erb +1 -1
  12. data/config/locales/pt-BR.yml +1 -1
  13. data/docs/Quickstart.md +44 -16
  14. data/docs/install-on-dev-shop.png +0 -0
  15. data/docs/test-your-app.png +0 -0
  16. data/lib/generators/shopify_app/add_marketing_activity_extension/templates/marketing_activities_controller.rb +2 -6
  17. data/lib/generators/shopify_app/home_controller/home_controller_generator.rb +0 -6
  18. data/lib/generators/shopify_app/install/templates/embedded_app.html.erb +2 -2
  19. data/lib/generators/shopify_app/install/templates/flash_messages.js +11 -2
  20. data/lib/generators/shopify_app/install/templates/shopify_app.js +9 -3
  21. data/lib/generators/shopify_app/install/templates/shopify_provider.rb +1 -0
  22. data/lib/generators/shopify_app/user_model/templates/db/migrate/create_users.erb +16 -0
  23. data/lib/generators/shopify_app/user_model/templates/user.rb +7 -0
  24. data/lib/generators/shopify_app/user_model/templates/users.yml +4 -0
  25. data/lib/generators/shopify_app/user_model/user_model_generator.rb +38 -0
  26. data/lib/shopify_app.rb +5 -3
  27. data/lib/shopify_app/configuration.rb +10 -0
  28. data/lib/shopify_app/controller_concerns/login_protection.rb +33 -6
  29. data/lib/shopify_app/engine.rb +4 -0
  30. data/lib/shopify_app/middleware/same_site_cookie_middleware.rb +60 -0
  31. data/lib/shopify_app/session/in_memory_session_store.rb +1 -1
  32. data/lib/shopify_app/session/session_repository.rb +2 -2
  33. data/lib/shopify_app/session/session_storage.rb +10 -22
  34. data/lib/shopify_app/session/storage_strategies/shop_storage_strategy.rb +23 -0
  35. data/lib/shopify_app/session/storage_strategies/user_storage_strategy.rb +24 -0
  36. data/lib/shopify_app/version.rb +1 -1
  37. data/package.json +1 -0
  38. data/service.yml +1 -1
  39. data/shopify_app.gemspec +5 -2
  40. metadata +56 -6
  41. data/lib/generators/shopify_app/home_controller/templates/shopify_app_ready_script.html.erb +0 -7
  42. data/lib/shopify_app/controllers/extension_verification_controller.rb +0 -18
data/lib/shopify_app/controllers/extension_verification_controller.rb DELETED
@@ -1,18 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- class ExtensionVerificationController < ActionController::Base
4
- protect_from_forgery with: :null_session
5
- before_action :verify_request
6
-
7
- private
8
-
9
- def verify_request
10
- hmac_header = request.headers['HTTP_X_SHOPIFY_HMAC_SHA256']
11
- request_body = request.body.read
12
- secret = ShopifyApp.configuration.secret
13
- digest = OpenSSL::Digest.new('sha256')
14
-
15
- expected_hmac = Base64.strict_encode64(OpenSSL::HMAC.digest(digest, secret, request_body))
16
- head(:unauthorized) unless ActiveSupport::SecurityUtils.secure_compare(expected_hmac, hmac_header)
17
- end
18
- end