shopify_app 8.0.0 → 8.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -1
- data/README.md +16 -0
- data/app/controllers/shopify_app/sessions_controller.rb +13 -3
- data/lib/generators/shopify_app/install/templates/shopify_provider.rb +13 -1
- data/lib/shopify_app/version.rb +1 -1
- data/shopify_app.gemspec +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4542a5b3f58a2e7a539c6de59632620df01c36f8
|
|
4
|
+
data.tar.gz: '022092d414e237445b38a68476b03331362753c5'
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c63e25613286a63914472aba0e791502e683fb2a4b32715f8f69426c4edf48e6b63efe07880d91a33437ea0ae3fec96acd3cff4e9b2ec113a3e064532280dee0
|
|
7
|
+
data.tar.gz: 9164dbf445acb30e6937cadea35bb2e4fa63a144cca5d97da8c4708e49b6122e5ccf850f400cd3963ed2c9aed0934b72fb68ba26aab841e17de65af0b8435458
|
data/CHANGELOG.md
CHANGED
|
@@ -1,8 +1,13 @@
|
|
|
1
|
+
8.1.0
|
|
2
|
+
-----
|
|
3
|
+
* Add support for per_user_authentication
|
|
4
|
+
* Pass the shop param in the session for authentication instead of a url param (prevents csrf)
|
|
5
|
+
|
|
1
6
|
8.0.0
|
|
2
7
|
-----
|
|
3
8
|
* Removed the `shopify_session_repository` initializer. The SessionRepository is now configured through the main ShopifyApp configuration object and the generated initializer
|
|
4
9
|
* Moved InMemorySessionStore into the ShopifyApp namespace
|
|
5
|
-
* Remove ShopifySession concern. This module made the code internal to this engine harder to follow and we want
|
|
10
|
+
* Remove ShopifySession concern. This module made the code internal to this engine harder to follow and we want to discourage over-writing the auth code now that we have generic hooks for all extra tasks during install.
|
|
6
11
|
* Changed engine controllers to subclass ActionController::Base to avoid any possible conflict with the parent application
|
|
7
12
|
* Removed the `ShopifyApp::Shop` concern and added its methods to `ShopifyApp::SessionStorage`. To update for this change just remove this concern anywhere it is being used in your application.
|
|
8
13
|
* Add `ShopifyApp::EmbeddedApp` controller concern which handles setting the required headers for the ESDK. Previously this was done by injecting configuration into applicaton.rb which affects the entire app.
|
data/README.md
CHANGED
|
@@ -207,6 +207,22 @@ provider :shopify,
|
|
|
207
207
|
callback_path: '/nested/auth/shopify/callback'
|
|
208
208
|
```
|
|
209
209
|
|
|
210
|
+
Per User Authentication
|
|
211
|
+
-----------------------
|
|
212
|
+
To enable per user authentication you need to update the `omniauth.rb` initializer:
|
|
213
|
+
|
|
214
|
+
```ruby
|
|
215
|
+
provider :shopify,
|
|
216
|
+
ShopifyApp.configuration.api_key,
|
|
217
|
+
ShopifyApp.configuration.secret,
|
|
218
|
+
scope: ShopifyApp.configuration.scope,
|
|
219
|
+
per_user_permissions: true
|
|
220
|
+
```
|
|
221
|
+
|
|
222
|
+
The current Shopify user will be stored in the rails session at `session[:shopify_user]`
|
|
223
|
+
|
|
224
|
+
This will change the type of token that Shopify returns and it will only be valid for a short time. Read more about `Online access` [here](https://help.shopify.com/api/getting-started/authentication/oauth). Note that this means you won't be able to use this token to respond to Webhooks.
|
|
225
|
+
|
|
210
226
|
Managing Api Keys
|
|
211
227
|
-----------------
|
|
212
228
|
|
|
@@ -26,8 +26,7 @@ module ShopifyApp
|
|
|
26
26
|
end
|
|
27
27
|
|
|
28
28
|
def destroy
|
|
29
|
-
|
|
30
|
-
session[:shopify_domain] = nil
|
|
29
|
+
reset_session
|
|
31
30
|
flash[:notice] = I18n.t('.logged_out')
|
|
32
31
|
redirect_to login_url
|
|
33
32
|
end
|
|
@@ -36,7 +35,8 @@ module ShopifyApp
|
|
|
36
35
|
|
|
37
36
|
def authenticate
|
|
38
37
|
if sanitized_shop_name.present?
|
|
39
|
-
|
|
38
|
+
session['shopify.omniauth_params'] = { shop: sanitized_shop_name }
|
|
39
|
+
fullpage_redirect_to "#{main_app.root_path}auth/shopify"
|
|
40
40
|
else
|
|
41
41
|
redirect_to return_address
|
|
42
42
|
end
|
|
@@ -44,8 +44,13 @@ module ShopifyApp
|
|
|
44
44
|
|
|
45
45
|
def login_shop
|
|
46
46
|
sess = ShopifyAPI::Session.new(shop_name, token)
|
|
47
|
+
|
|
48
|
+
request.session_options[:renew] = true
|
|
49
|
+
session.delete(:_csrf_token)
|
|
50
|
+
|
|
47
51
|
session[:shopify] = ShopifyApp::SessionRepository.store(sess)
|
|
48
52
|
session[:shopify_domain] = shop_name
|
|
53
|
+
session[:shopify_user] = associated_user if associated_user.present?
|
|
49
54
|
end
|
|
50
55
|
|
|
51
56
|
def auth_hash
|
|
@@ -56,6 +61,11 @@ module ShopifyApp
|
|
|
56
61
|
auth_hash.uid
|
|
57
62
|
end
|
|
58
63
|
|
|
64
|
+
def associated_user
|
|
65
|
+
return unless auth_hash['extra'].present?
|
|
66
|
+
auth_hash['extra']['associated_user']
|
|
67
|
+
end
|
|
68
|
+
|
|
59
69
|
def token
|
|
60
70
|
auth_hash['credentials']['token']
|
|
61
71
|
end
|
|
@@ -1,4 +1,16 @@
|
|
|
1
1
|
provider :shopify,
|
|
2
2
|
ShopifyApp.configuration.api_key,
|
|
3
3
|
ShopifyApp.configuration.secret,
|
|
4
|
-
scope: ShopifyApp.configuration.scope
|
|
4
|
+
scope: ShopifyApp.configuration.scope,
|
|
5
|
+
setup: lambda { |env|
|
|
6
|
+
strategy = env['omniauth.strategy']
|
|
7
|
+
|
|
8
|
+
shopify_auth_params = strategy.session['shopify.omniauth_params']&.with_indifferent_access
|
|
9
|
+
shop = if shopify_auth_params.present?
|
|
10
|
+
"https://#{shopify_auth_params[:shop]}"
|
|
11
|
+
else
|
|
12
|
+
''
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
strategy.options[:client_options][:site] = shop
|
|
16
|
+
}
|
data/lib/shopify_app/version.rb
CHANGED
data/shopify_app.gemspec
CHANGED
|
@@ -11,7 +11,7 @@ Gem::Specification.new do |s|
|
|
|
11
11
|
s.required_ruby_version = ">= 2.2.2"
|
|
12
12
|
|
|
13
13
|
s.add_runtime_dependency('rails', '>= 5.0.0')
|
|
14
|
-
s.add_runtime_dependency('shopify_api', '>= 4.3.
|
|
14
|
+
s.add_runtime_dependency('shopify_api', '>= 4.3.5')
|
|
15
15
|
s.add_runtime_dependency('omniauth-shopify-oauth2', '~> 1.2.0')
|
|
16
16
|
|
|
17
17
|
s.add_development_dependency('rake')
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: shopify_app
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 8.
|
|
4
|
+
version: 8.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Shopify
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-08-
|
|
11
|
+
date: 2017-08-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -30,14 +30,14 @@ dependencies:
|
|
|
30
30
|
requirements:
|
|
31
31
|
- - ">="
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: 4.3.
|
|
33
|
+
version: 4.3.5
|
|
34
34
|
type: :runtime
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - ">="
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: 4.3.
|
|
40
|
+
version: 4.3.5
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: omniauth-shopify-oauth2
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|