shopify_app 8.2.4 → 8.2.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: e1662a396a08cd1ba5550280392d00fe2886e0ca
4
- data.tar.gz: 8b8744e2ae2ece532aa36973cc6057642cba49cd
3
+ metadata.gz: 7cb86cb83230251cb968831235d493374af72078
4
+ data.tar.gz: 9cc6298756b568b83a36bc223375687c9485e958
5
5
  SHA512:
6
- metadata.gz: 1cd6fd0df8ecddb2dfc28a5cd301dac2606cb729e62261d7363a06c7044568466eb9ee13fa2225f1a599b3c7c7bacdb53cbc7fe5f73597437abcd59b156e0128
7
- data.tar.gz: 0f1ef949777a3f65b857b69e2bb328db7b449450cd7ac3fc3eb3924106791e6fd91dc40a4f1bd2d25026685f5e33bc0e02449e10cc5c33bf03b7651615a753a0
6
+ metadata.gz: 9d6537b2fc344d439964c58e92f18460315161183e9f197dedb958f2997c225a0cca0a09d17afd7c274d441638a0c9730c0913325def0550edcdec7e726c1e0d
7
+ data.tar.gz: b98fd48e225d0b1d8a0f93b290c21c91bf7b796e2dcc47a426b9825a4e3b644062327d2c6fe9b483f37362972afe9e0546233046c5cc7af896edb330cd9782b8
data/CHANGELOG.md CHANGED
@@ -1,3 +1,6 @@
1
+ 8.2.5
2
+ * fix iframe headers on session controller
3
+
1
4
  8.2.4
2
5
  -----
3
6
  * Add CSRF protection through `protect_from_forgery with: :exception` on `ShopifyApp::AuthenticatedController`
data/README.md CHANGED
@@ -143,7 +143,7 @@ After running the `install` generator, you can start your app with `bundle exec
143
143
  $ rails generate shopify_app:shop_model
144
144
  ```
145
145
 
146
- The install generator doesn't create any database tables or models for you. If you are starting a new app its quite likely that you will want a shops table and model to store the tokens when your app is installed (most of our internally developed apps do!). This generator creates a shop model and a migration. This model includes the `ShopifyApp::Shop` concern which adds two methods to make it compatible as a `SessionRepository`. After running this generator you'll notice the `session_repository` in your `config/initializers/shopify_app.rb` will be set to the `Shop` model. This means that internally ShopifyApp will try and load tokens from this model.
146
+ The install generator doesn't create any database tables or models for you. If you are starting a new app its quite likely that you will want a shops table and model to store the tokens when your app is installed (most of our internally developed apps do!). This generator creates a shop model and a migration. This model includes the `ShopifyApp::SessionStorage` concern which adds two methods to make it compatible as a `SessionRepository`. After running this generator you'll notice the `session_repository` in your `config/initializers/shopify_app.rb` will be set to the `Shop` model. This means that internally ShopifyApp will try and load tokens from this model.
147
147
 
148
148
  *Note that you will need to run rake db:migrate after this generator*
149
149
 
@@ -360,7 +360,7 @@ bin/rails g shopify_app:add_after_authenticate_job
360
360
  ShopifyApp::SessionRepository
361
361
  -----------------------------
362
362
 
363
- `ShopifyApp::SessionRepository` allows you as a developer to define how your sessions are retrieved and stored for a shop. The `SessionRepository` is configured in the `config/initializers/shopify_app.rb` file and can be set to any object that implements `self.store(shopify_session)` which stores the session and returns a unique identifier and `self.retrieve(id)` which returns a `ShopifyAPI::Session` for the passed id. See either the `ShopifyApp::InMemorySessionStore` class or the `ShopifyApp::Shop` concern for examples.
363
+ `ShopifyApp::SessionRepository` allows you as a developer to define how your sessions are retrieved and stored for shops. The `SessionRepository` is configured in the `config/initializers/shopify_app.rb` file and can be set to any object that implements `self.store(shopify_session)` which stores the session and returns a unique identifier and `self.retrieve(id)` which returns a `ShopifyAPI::Session` for the passed id. See either the `ShopifyApp::InMemorySessionStore` class or the `ShopifyApp::SessionStorage` concern for examples.
364
364
 
365
365
  If you only run the install generator then by default you will have an in memory store but it **won't work** on multi-server environments including Heroku. If you ran all the generators including the shop_model generator then the `Shop` model itself will be the `SessionRepository`. If you look at the implementation of the generated shop model you'll see that this gem provides a concern for the `SessionRepository`. You can use this concern on any model that responds to `shopify_domain` and `shopify_token`.
366
366
 
@@ -2,6 +2,9 @@ module ShopifyApp
2
2
  class SessionsController < ActionController::Base
3
3
  include ShopifyApp::LoginProtection
4
4
  layout false, only: :new
5
+ after_action only: :new do |controller|
6
+ controller.response.headers.except!('X-Frame-Options')
7
+ end
5
8
 
6
9
  def new
7
10
  authenticate if sanitized_shop_name.present?
@@ -38,6 +41,7 @@ module ShopifyApp
38
41
  session['shopify.omniauth_params'] = { shop: sanitized_shop_name }
39
42
  fullpage_redirect_to "#{main_app.root_path}auth/shopify"
40
43
  else
44
+ flash[:error] = I18n.t('invalid_shop_url')
41
45
  redirect_to return_address
42
46
  end
43
47
  end
@@ -48,6 +48,12 @@
48
48
  line-height: 2em;
49
49
  }
50
50
 
51
+ .error {
52
+ line-height: 1em;
53
+ padding: 0.5em;
54
+ color: red;
55
+ }
56
+
51
57
  input.marketing-input {
52
58
  width: 100%;
53
59
  height: 52px;
@@ -104,7 +110,10 @@
104
110
  <label for="shop">Enter your shop domain to log in or install this app.</label>
105
111
  </p>
106
112
 
107
- <form method="GET" action="login">
113
+ <form method="POST" action="login">
114
+ <% if flash[:error] %>
115
+ <div class=error><%= flash[:error] %></div>
116
+ <% end %>
108
117
  <input id="shop" name="shop" type="text" autofocus="autofocus" placeholder="example.myshopify.com" class="marketing-input">
109
118
  <button type="submit" class="marketing-button">Install</button>
110
119
  </form>
@@ -1,3 +1,4 @@
1
1
  en:
2
2
  logged_out: 'Successfully logged out'
3
3
  could_not_log_in: 'Could not log in to Shopify store'
4
+ invalid_shop_url: 'Invalid shop domain'
@@ -1,3 +1,4 @@
1
1
  fr:
2
2
  logged_out: 'Vous êtes déconnecté(e)'
3
3
  could_not_log_in: 'Impossible de se connecter à la boutique Shopify'
4
+ invalid_shop_url: 'Url invalide'
@@ -1,3 +1,3 @@
1
1
  module ShopifyApp
2
- VERSION = '8.2.4'
2
+ VERSION = '8.2.5'
3
3
  end
data/shopify_app.gemspec CHANGED
@@ -8,7 +8,7 @@ Gem::Specification.new do |s|
8
8
  s.author = "Shopify"
9
9
  s.summary = %q{This gem is used to get quickly started with the Shopify API}
10
10
 
11
- s.required_ruby_version = ">= 2.2.2"
11
+ s.required_ruby_version = ">= 2.3.1"
12
12
 
13
13
  s.add_runtime_dependency('rails', '>= 5.0.0')
14
14
  s.add_runtime_dependency('shopify_api', '>= 4.3.5')
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: shopify_app
3
3
  version: !ruby/object:Gem::Version
4
- version: 8.2.4
4
+ version: 8.2.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Shopify
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-11-08 00:00:00.000000000 Z
11
+ date: 2017-12-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -207,7 +207,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
207
207
  requirements:
208
208
  - - ">="
209
209
  - !ruby/object:Gem::Version
210
- version: 2.2.2
210
+ version: 2.3.1
211
211
  required_rubygems_version: !ruby/object:Gem::Requirement
212
212
  requirements:
213
213
  - - ">="