shopify_app 8.5.1 → 8.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/README.md +6 -4
- data/app/assets/javascripts/shopify_app/partition_cookies.js +3 -2
- data/app/assets/javascripts/shopify_app/storage_access.js +3 -0
- data/app/controllers/concerns/shopify_app/authenticated.rb +15 -0
- data/app/controllers/shopify_app/authenticated_controller.rb +1 -5
- data/app/controllers/shopify_app/sessions_controller.rb +11 -2
- data/app/views/shopify_app/sessions/enable_cookies.html.erb +14 -0
- data/config/locales/zh-CN.yml +2 -2
- data/lib/generators/shopify_app/authenticated_controller/authenticated_controller_generator.rb +15 -0
- data/lib/generators/shopify_app/authenticated_controller/templates/authenticated_controller.rb +5 -0
- data/lib/generators/shopify_app/home_controller/templates/home_controller.rb +3 -1
- data/lib/generators/shopify_app/install/install_generator.rb +4 -0
- data/lib/generators/shopify_app/install/templates/session_store.rb +4 -0
- data/lib/generators/shopify_app/shopify_app_generator.rb +1 -0
- data/lib/shopify_app/version.rb +1 -1
- metadata +6 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ccf30619a3a247b248063c35a3708ca551a36c8901ec5800219d7100b8088afa
|
|
4
|
+
data.tar.gz: 50ff0b3d5aec483eeb963863609bad5fb81c932a433a02caa60b8690f9b6b0f4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 97bc3975160f1a81492175c673ef0b8c136816c2152ac15ea3a706f4f91e763e8fe54d9c4775c16e1b89f8681b30e9aaa3bb10169a568f170feda7acdf5d2664
|
|
7
|
+
data.tar.gz: 9068a793e673209770f29185510695abb001b3aa0fcb1e1b4f519c9db348b8e36067b1e275e189fc169c614871f0080bea7e87b3d462f3ca89bf9907c0100818
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -31,7 +31,7 @@ Table of Contents
|
|
|
31
31
|
* [**ScripttagsManager**](#scripttagsmanager)
|
|
32
32
|
* [**AfterAuthenticate Job**](#afterauthenticate-job)
|
|
33
33
|
* [**ShopifyApp::SessionRepository**](#shopifyappsessionrepository)
|
|
34
|
-
* [**
|
|
34
|
+
* [**Authenticated**](#authenticated)
|
|
35
35
|
* [**AppProxyVerification**](#appproxyverification)
|
|
36
36
|
* [Recommended Usage](#recommended-usage)
|
|
37
37
|
* [**Troubleshooting**](#troubleshooting)
|
|
@@ -397,10 +397,12 @@ ShopifyApp::SessionRepository
|
|
|
397
397
|
|
|
398
398
|
If you only run the install generator then by default you will have an in memory store but it **won't work** on multi-server environments including Heroku. If you ran all the generators including the shop_model generator then the `Shop` model itself will be the `SessionRepository`. If you look at the implementation of the generated shop model you'll see that this gem provides a concern for the `SessionRepository`. You can use this concern on any model that responds to `shopify_domain` and `shopify_token`.
|
|
399
399
|
|
|
400
|
-
|
|
401
|
-
|
|
400
|
+
Authenticated
|
|
401
|
+
-------------
|
|
402
|
+
|
|
403
|
+
The engine provides a `ShopifyApp::Authenticated` concern which should be included in any controller that is intended to be behind Shopify OAuth. It adds `before_action`s to ensure that the user is authenticated and will redirect to the Shopify login page if not. It is best practice to include this concern in a base controller inheriting from your `ApplicationController`, from which all controllers that require Shopify authentication inherit.
|
|
402
404
|
|
|
403
|
-
|
|
405
|
+
For backwards compatibility, the engine still provides a controller called `ShopifyApp::AuthenticatedController` which includes the `ShopifyApp::Authenticated` concern. Note that it inherits directly from `ActionController::Base`, so you will not be able to share functionality between it and your application's `ApplicationController`.
|
|
404
406
|
|
|
405
407
|
AppProxyVerification
|
|
406
408
|
--------------------
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
(function() {
|
|
2
2
|
document.addEventListener("DOMContentLoaded", function() {
|
|
3
|
-
var
|
|
3
|
+
var redirectTargetElement = document.getElementById("redirection-target");
|
|
4
|
+
var targetInfo = JSON.parse(redirectTargetElement.dataset.target)
|
|
5
|
+
var storageAccessHelper = new StorageAccessHelper(targetInfo);
|
|
4
6
|
storageAccessHelper.execute();
|
|
5
7
|
});
|
|
6
8
|
})();
|
|
7
|
-
|
|
@@ -36,6 +36,9 @@
|
|
|
36
36
|
try {
|
|
37
37
|
sessionStorage.setItem('shopify.granted_storage_access', true);
|
|
38
38
|
document.cookie = 'shopify.granted_storage_access=true';
|
|
39
|
+
if (!document.cookie) {
|
|
40
|
+
throw 'Cannot set third-party cookie.'
|
|
41
|
+
}
|
|
39
42
|
this.redirectToAppHome();
|
|
40
43
|
} catch (error) {
|
|
41
44
|
console.warn('Third party cookies may be blocked.', error);
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module ShopifyApp
|
|
4
|
+
module Authenticated
|
|
5
|
+
extend ActiveSupport::Concern
|
|
6
|
+
|
|
7
|
+
included do
|
|
8
|
+
include ShopifyApp::Localization
|
|
9
|
+
include ShopifyApp::LoginProtection
|
|
10
|
+
include ShopifyApp::EmbeddedApp
|
|
11
|
+
before_action :login_again_if_different_shop
|
|
12
|
+
around_action :shopify_session
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
@@ -1,11 +1,7 @@
|
|
|
1
1
|
module ShopifyApp
|
|
2
2
|
class AuthenticatedController < ActionController::Base
|
|
3
|
-
include ShopifyApp::
|
|
4
|
-
include ShopifyApp::LoginProtection
|
|
5
|
-
include ShopifyApp::EmbeddedApp
|
|
3
|
+
include ShopifyApp::Authenticated
|
|
6
4
|
|
|
7
5
|
protect_from_forgery with: :exception
|
|
8
|
-
before_action :login_again_if_different_shop
|
|
9
|
-
around_action :shopify_session
|
|
10
6
|
end
|
|
11
7
|
end
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
module ShopifyApp
|
|
2
|
-
class SessionsController < ActionController::Base
|
|
2
|
+
class SessionsController < ActionController::Base # rubocop:disable Metrics/ClassLength
|
|
3
3
|
include ShopifyApp::LoginProtection
|
|
4
4
|
|
|
5
5
|
layout false, only: :new
|
|
@@ -16,7 +16,16 @@ module ShopifyApp
|
|
|
16
16
|
end
|
|
17
17
|
|
|
18
18
|
def enable_cookies
|
|
19
|
-
validate_shop
|
|
19
|
+
return unless validate_shop
|
|
20
|
+
|
|
21
|
+
render(:enable_cookies, layout: false, locals: {
|
|
22
|
+
does_not_have_storage_access_url: top_level_interaction_path(
|
|
23
|
+
shop: sanitized_shop_name
|
|
24
|
+
),
|
|
25
|
+
has_storage_access_url: login_url(top_level: true),
|
|
26
|
+
app_home_url: granted_storage_access_path(shop: sanitized_shop_name),
|
|
27
|
+
current_shopify_domain: current_shopify_domain,
|
|
28
|
+
})
|
|
20
29
|
end
|
|
21
30
|
|
|
22
31
|
def top_level_interaction
|
|
@@ -21,6 +21,20 @@
|
|
|
21
21
|
<%= javascript_include_tag('shopify_app/enable_cookies', crossorigin: 'anonymous', integrity: true) %>
|
|
22
22
|
</head>
|
|
23
23
|
<body>
|
|
24
|
+
<%=
|
|
25
|
+
content_tag(
|
|
26
|
+
:div, nil,
|
|
27
|
+
id: 'redirection-target',
|
|
28
|
+
data: {
|
|
29
|
+
target: {
|
|
30
|
+
myshopifyUrl: "https://#{current_shopify_domain}",
|
|
31
|
+
hasStorageAccessUrl: "#{has_storage_access_url}",
|
|
32
|
+
doesNotHaveStorageAccessUrl: "#{does_not_have_storage_access_url}",
|
|
33
|
+
appHomeUrl: "#{app_home_url}"
|
|
34
|
+
},
|
|
35
|
+
},
|
|
36
|
+
)
|
|
37
|
+
%>
|
|
24
38
|
<main id="CookiePartitionPrompt">
|
|
25
39
|
<div class="Polaris-Page">
|
|
26
40
|
<div class="Polaris-Page__Content">
|
data/config/locales/zh-CN.yml
CHANGED
|
@@ -1,11 +1,11 @@
|
|
|
1
1
|
---
|
|
2
2
|
zh-CN:
|
|
3
3
|
logged_out: 已成功注销
|
|
4
|
-
could_not_log_in: 无法登录到 Shopify
|
|
4
|
+
could_not_log_in: 无法登录到 Shopify 商店
|
|
5
5
|
invalid_shop_url: 商店域无效
|
|
6
6
|
enable_cookies_heading: 从 %{app} 启用 Cookie
|
|
7
7
|
enable_cookies_body: 您必须在此浏览器中手动启用 Cookie 才能在 Shopify 中使用 %{app}。
|
|
8
|
-
enable_cookies_footer: Cookie
|
|
8
|
+
enable_cookies_footer: Cookie 使此应用能够通过暂时存储您的偏好设置和个人信息来验证您的身份。这些信息将在 30 天后过期。
|
|
9
9
|
enable_cookies_action: 启用 Cookie
|
|
10
10
|
top_level_interaction_heading: 您的浏览器需要对 %{app} 进行验证
|
|
11
11
|
top_level_interaction_body: 您的浏览器要求类似 %{app} 的第三方应用向您请求访问 Cookie,之后 Shopify 才能为您打开它。
|
data/lib/generators/shopify_app/authenticated_controller/authenticated_controller_generator.rb
ADDED
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'rails/generators/base'
|
|
4
|
+
|
|
5
|
+
module ShopifyApp
|
|
6
|
+
module Generators
|
|
7
|
+
class AuthenticatedControllerGenerator < Rails::Generators::Base
|
|
8
|
+
source_root File.expand_path('../templates', __FILE__)
|
|
9
|
+
|
|
10
|
+
def create_home_controller
|
|
11
|
+
template('authenticated_controller.rb', 'app/controllers/authenticated_controller.rb')
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
@@ -23,6 +23,10 @@ module ShopifyApp
|
|
|
23
23
|
template 'shopify_app.rb', 'config/initializers/shopify_app.rb'
|
|
24
24
|
end
|
|
25
25
|
|
|
26
|
+
def create_session_store_initializer
|
|
27
|
+
copy_file('session_store.rb', 'config/initializers/session_store.rb')
|
|
28
|
+
end
|
|
29
|
+
|
|
26
30
|
def create_and_inject_into_omniauth_initializer
|
|
27
31
|
unless File.exist? "config/initializers/omniauth.rb"
|
|
28
32
|
copy_file 'omniauth.rb', 'config/initializers/omniauth.rb'
|
data/lib/shopify_app/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: shopify_app
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 8.
|
|
4
|
+
version: 8.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Shopify
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-
|
|
11
|
+
date: 2019-03-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: browser_sniffer
|
|
@@ -166,6 +166,7 @@ files:
|
|
|
166
166
|
- app/assets/javascripts/shopify_app/storage_access_redirect.js
|
|
167
167
|
- app/assets/javascripts/shopify_app/top_level.js
|
|
168
168
|
- app/assets/javascripts/shopify_app/top_level_interaction.js
|
|
169
|
+
- app/controllers/concerns/shopify_app/authenticated.rb
|
|
169
170
|
- app/controllers/shopify_app/authenticated_controller.rb
|
|
170
171
|
- app/controllers/shopify_app/callback_controller.rb
|
|
171
172
|
- app/controllers/shopify_app/sessions_controller.rb
|
|
@@ -204,6 +205,8 @@ files:
|
|
|
204
205
|
- lib/generators/shopify_app/app_proxy_controller/templates/app_proxy_controller.rb
|
|
205
206
|
- lib/generators/shopify_app/app_proxy_controller/templates/app_proxy_route.rb
|
|
206
207
|
- lib/generators/shopify_app/app_proxy_controller/templates/index.html.erb
|
|
208
|
+
- lib/generators/shopify_app/authenticated_controller/authenticated_controller_generator.rb
|
|
209
|
+
- lib/generators/shopify_app/authenticated_controller/templates/authenticated_controller.rb
|
|
207
210
|
- lib/generators/shopify_app/controllers/controllers_generator.rb
|
|
208
211
|
- lib/generators/shopify_app/home_controller/home_controller_generator.rb
|
|
209
212
|
- lib/generators/shopify_app/home_controller/templates/home_controller.rb
|
|
@@ -213,6 +216,7 @@ files:
|
|
|
213
216
|
- lib/generators/shopify_app/install/templates/_flash_messages.html.erb
|
|
214
217
|
- lib/generators/shopify_app/install/templates/embedded_app.html.erb
|
|
215
218
|
- lib/generators/shopify_app/install/templates/omniauth.rb
|
|
219
|
+
- lib/generators/shopify_app/install/templates/session_store.rb
|
|
216
220
|
- lib/generators/shopify_app/install/templates/shopify_app.rb
|
|
217
221
|
- lib/generators/shopify_app/install/templates/shopify_provider.rb
|
|
218
222
|
- lib/generators/shopify_app/rotate_shopify_token_job/rotate_shopify_token_job_generator.rb
|