shopify_app 21.6.0 → 21.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/CODEOWNERS +1 -0
- data/.github/workflows/build.yml +1 -1
- data/CHANGELOG.md +17 -0
- data/CONTRIBUTING.md +1 -1
- data/Gemfile.lock +3 -3
- data/README.md +1 -1
- data/app/assets/javascripts/shopify_app/app_bridge_3.7.8.js +10 -0
- data/app/assets/javascripts/shopify_app/app_bridge_redirect.js +2 -2
- data/app/assets/javascripts/shopify_app/redirect.js +1 -2
- data/app/controllers/shopify_app/callback_controller.rb +14 -3
- data/docs/shopify_app/authentication.md +62 -57
- data/docs/shopify_app/controller-concerns.md +35 -15
- data/docs/shopify_app/sessions.md +250 -0
- data/docs/shopify_app/webhooks.md +38 -4
- data/karma.conf.js +6 -1
- data/lib/generators/shopify_app/{add_gdpr_jobs/add_gdpr_jobs_generator.rb → add_privacy_jobs/add_privacy_jobs_generator.rb} +1 -1
- data/lib/generators/shopify_app/install/templates/shopify_app.rb.tt +2 -1
- data/lib/generators/shopify_app/shopify_app_generator.rb +1 -1
- data/lib/shopify_app/configuration.rb +3 -1
- data/lib/shopify_app/controller_concerns/ensure_billing.rb +3 -0
- data/lib/shopify_app/controller_concerns/localization.rb +11 -8
- data/lib/shopify_app/managers/webhooks_manager.rb +4 -2
- data/lib/shopify_app/session/in_memory_user_session_store.rb +1 -1
- data/lib/shopify_app/session/session_repository.rb +37 -3
- data/lib/shopify_app/version.rb +1 -1
- data/package.json +5 -6
- data/shopify_app.gemspec +1 -1
- data/yarn.lock +2087 -3882
- metadata +11 -13
- data/.github/workflows/stale.yml +0 -43
- data/app/assets/javascripts/shopify_app/app_bridge_3.1.1.js +0 -10
- data/app/assets/javascripts/shopify_app/app_bridge_utils_3.1.1.js +0 -1
- data/docs/shopify_app/session-repository.md +0 -79
- /data/lib/generators/shopify_app/{add_gdpr_jobs → add_privacy_jobs}/templates/customers_data_request_job.rb.tt +0 -0
- /data/lib/generators/shopify_app/{add_gdpr_jobs → add_privacy_jobs}/templates/customers_redact_job.rb.tt +0 -0
- /data/lib/generators/shopify_app/{add_gdpr_jobs → add_privacy_jobs}/templates/shop_redact_job.rb.tt +0 -0
@@ -1,79 +0,0 @@
|
|
1
|
-
# Session repository
|
2
|
-
|
3
|
-
#### Table of contents
|
4
|
-
|
5
|
-
[`ShopifyApp::SessionRepository`](#shopifyappsessionrepository)
|
6
|
-
* [Shop-based token storage](#shop-based-token-storage)
|
7
|
-
* [User-based token storage](#user-based-token-storage)
|
8
|
-
|
9
|
-
[Access scopes](#access-scopes)
|
10
|
-
* [`ShopifyApp::ShopSessionStorageWithScopes`](#shopifyappshopsessionstoragewithscopes)
|
11
|
-
* [``ShopifyApp::UserSessionStorageWithScopes``](#shopifyappusersessionstoragewithscopes)
|
12
|
-
|
13
|
-
[Migrating from shop-based to user-based token strategy](#migrating-from-shop-based-to-user-based-token-strategy)
|
14
|
-
|
15
|
-
## ShopifyApp::SessionRepository
|
16
|
-
|
17
|
-
`ShopifyApp::SessionRepository` allows you as a developer to define how your sessions are stored and retrieved for shops. The `SessionRepository` is configured in the `config/initializers/shopify_app.rb` file and can be set to any object that implements `self.store(auth_session, *args)` which stores the session and returns a unique identifier and `self.retrieve(id)` which returns a `ShopifyAPI::Session` for the passed id. These methods are already implemented as part of the `ShopifyApp::SessionStorage` concern but can be overridden for custom implementation.
|
18
|
-
|
19
|
-
### Shop-based token storage
|
20
|
-
|
21
|
-
Storing tokens on the store model means that any user login associated with the store will have equal access levels to whatever the original user granted the app.
|
22
|
-
```sh
|
23
|
-
rails generate shopify_app:shop_model
|
24
|
-
```
|
25
|
-
This will generate a shop model which will be the storage for the tokens necessary for authentication.
|
26
|
-
|
27
|
-
### User-based token storage
|
28
|
-
|
29
|
-
A more granular control over the level of access per user on an app might be necessary, to which the shop-based token strategy is not sufficient. Shopify supports a user-based token storage strategy where a unique token to each user can be managed. Shop tokens must still be maintained if you are running background jobs so that you can make use of them when necessary.
|
30
|
-
```sh
|
31
|
-
rails generate shopify_app:shop_model
|
32
|
-
rails generate shopify_app:user_model
|
33
|
-
```
|
34
|
-
This will generate a shop model and user model, which will be the storage for the tokens necessary for authentication.
|
35
|
-
|
36
|
-
The current Shopify user will be stored in the rails session at `session[:shopify_user]`
|
37
|
-
|
38
|
-
Read more about Online vs. Offline access [here](https://shopify.dev/apps/auth/oauth/access-modes).
|
39
|
-
|
40
|
-
## Access scopes
|
41
|
-
|
42
|
-
If you want to customize how access scopes are stored for shops and users, you can implement the `access_scopes` getters and setters in the models that include `ShopifyApp::ShopSessionStorageWithScopes` and `ShopifyApp::UserSessionStorageWithScopes` as shown:
|
43
|
-
|
44
|
-
### `ShopifyApp::ShopSessionStorageWithScopes`
|
45
|
-
```ruby
|
46
|
-
class Shop < ActiveRecord::Base
|
47
|
-
include ShopifyApp::ShopSessionStorageWithScopes
|
48
|
-
|
49
|
-
def access_scopes=(scopes)
|
50
|
-
# Store access scopes
|
51
|
-
end
|
52
|
-
def access_scopes
|
53
|
-
# Find access scopes
|
54
|
-
end
|
55
|
-
end
|
56
|
-
```
|
57
|
-
|
58
|
-
### `ShopifyApp::UserSessionStorageWithScopes`
|
59
|
-
```ruby
|
60
|
-
class User < ActiveRecord::Base
|
61
|
-
include ShopifyApp::UserSessionStorageWithScopes
|
62
|
-
|
63
|
-
def access_scopes=(scopes)
|
64
|
-
# Store access scopes
|
65
|
-
end
|
66
|
-
def access_scopes
|
67
|
-
# Find access scopes
|
68
|
-
end
|
69
|
-
end
|
70
|
-
```
|
71
|
-
## Migrating from shop-based to user-based token strategy
|
72
|
-
|
73
|
-
1. Run the `user_model` generator as mentioned above.
|
74
|
-
2. Ensure that both your `Shop` model and `User` model includes the necessary concerns `ShopifyApp::ShopSessionStorage` and `ShopifyApp::UserSessionStorage`.
|
75
|
-
3. Make changes to the `shopify_app.rb` initializer file as shown below:
|
76
|
-
```ruby
|
77
|
-
config.shop_session_repository = {YOUR_SHOP_MODEL_CLASS}
|
78
|
-
config.user_session_repository = {YOUR_USER_MODEL_CLASS}
|
79
|
-
```
|
File without changes
|
File without changes
|
/data/lib/generators/shopify_app/{add_gdpr_jobs → add_privacy_jobs}/templates/shop_redact_job.rb.tt
RENAMED
File without changes
|