shopify_app 8.5.1 → 8.6.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 10bd3e8ad3e372f9c95cdb7b95d981855e3ead97e3b2f94f889a7d5107da5260
4
- data.tar.gz: e18e84e540c1d46545890603a1d11e8122bb2f35686bfa11b25d4a5147288686
3
+ metadata.gz: ccf30619a3a247b248063c35a3708ca551a36c8901ec5800219d7100b8088afa
4
+ data.tar.gz: 50ff0b3d5aec483eeb963863609bad5fb81c932a433a02caa60b8690f9b6b0f4
5
5
  SHA512:
6
- metadata.gz: 7a248d2992f0695e431dfcab931afa20e6bce0799404f6ec00eb9b33a76bc56003ae5a050f86f850a8bb040cfe281c285bc2744fb8dee7c67f1e87a80941dfed
7
- data.tar.gz: 950832e92bbac19934906f3321a3aad7d19e65855158c7eb26a66bfac9a27ce3c2cc920b6969bc8806fabd05c97f334a19df2e4dc5582ee876a4420396244da1
6
+ metadata.gz: 97bc3975160f1a81492175c673ef0b8c136816c2152ac15ea3a706f4f91e763e8fe54d9c4775c16e1b89f8681b30e9aaa3bb10169a568f170feda7acdf5d2664
7
+ data.tar.gz: 9068a793e673209770f29185510695abb001b3aa0fcb1e1b4f519c9db348b8e36067b1e275e189fc169c614871f0080bea7e87b3d462f3ca89bf9907c0100818
data/CHANGELOG.md CHANGED
@@ -1,3 +1,9 @@
1
+ 8.6.0
2
+ -----
3
+
4
+ * Added an `Authenticated` concern to allow gem users to inherit from a custom `AuthenticatedController` instead of
5
+ `ShopifyApp::AuthenticatedController`
6
+
1
7
  8.5.1
2
8
  -----
3
9
 
data/README.md CHANGED
@@ -31,7 +31,7 @@ Table of Contents
31
31
  * [**ScripttagsManager**](#scripttagsmanager)
32
32
  * [**AfterAuthenticate Job**](#afterauthenticate-job)
33
33
  * [**ShopifyApp::SessionRepository**](#shopifyappsessionrepository)
34
- * [**AuthenticatedController**](#authenticatedcontroller)
34
+ * [**Authenticated**](#authenticated)
35
35
  * [**AppProxyVerification**](#appproxyverification)
36
36
  * [Recommended Usage](#recommended-usage)
37
37
  * [**Troubleshooting**](#troubleshooting)
@@ -397,10 +397,12 @@ ShopifyApp::SessionRepository
397
397
 
398
398
  If you only run the install generator then by default you will have an in memory store but it **won't work** on multi-server environments including Heroku. If you ran all the generators including the shop_model generator then the `Shop` model itself will be the `SessionRepository`. If you look at the implementation of the generated shop model you'll see that this gem provides a concern for the `SessionRepository`. You can use this concern on any model that responds to `shopify_domain` and `shopify_token`.
399
399
 
400
- AuthenticatedController
401
- -----------------------
400
+ Authenticated
401
+ -------------
402
+
403
+ The engine provides a `ShopifyApp::Authenticated` concern which should be included in any controller that is intended to be behind Shopify OAuth. It adds `before_action`s to ensure that the user is authenticated and will redirect to the Shopify login page if not. It is best practice to include this concern in a base controller inheriting from your `ApplicationController`, from which all controllers that require Shopify authentication inherit.
402
404
 
403
- The engine includes a controller called `ShopifyApp::AuthenticatedController` which inherits from `ActionController::Base`. It adds some before_filters which ensure the user is authenticated and will redirect to the login page if not. It is best practice to have all controllers that belong to the Shopify part of your app inherit from this controller. The HomeController that is generated already inherits from AuthenticatedController.
405
+ For backwards compatibility, the engine still provides a controller called `ShopifyApp::AuthenticatedController` which includes the `ShopifyApp::Authenticated` concern. Note that it inherits directly from `ActionController::Base`, so you will not be able to share functionality between it and your application's `ApplicationController`.
404
406
 
405
407
  AppProxyVerification
406
408
  --------------------
@@ -1,7 +1,8 @@
1
1
  (function() {
2
2
  document.addEventListener("DOMContentLoaded", function() {
3
- var storageAccessHelper = new StorageAccessHelper();
3
+ var redirectTargetElement = document.getElementById("redirection-target");
4
+ var targetInfo = JSON.parse(redirectTargetElement.dataset.target)
5
+ var storageAccessHelper = new StorageAccessHelper(targetInfo);
4
6
  storageAccessHelper.execute();
5
7
  });
6
8
  })();
7
-
@@ -36,6 +36,9 @@
36
36
  try {
37
37
  sessionStorage.setItem('shopify.granted_storage_access', true);
38
38
  document.cookie = 'shopify.granted_storage_access=true';
39
+ if (!document.cookie) {
40
+ throw 'Cannot set third-party cookie.'
41
+ }
39
42
  this.redirectToAppHome();
40
43
  } catch (error) {
41
44
  console.warn('Third party cookies may be blocked.', error);
@@ -0,0 +1,15 @@
1
+ # frozen_string_literal: true
2
+
3
+ module ShopifyApp
4
+ module Authenticated
5
+ extend ActiveSupport::Concern
6
+
7
+ included do
8
+ include ShopifyApp::Localization
9
+ include ShopifyApp::LoginProtection
10
+ include ShopifyApp::EmbeddedApp
11
+ before_action :login_again_if_different_shop
12
+ around_action :shopify_session
13
+ end
14
+ end
15
+ end
@@ -1,11 +1,7 @@
1
1
  module ShopifyApp
2
2
  class AuthenticatedController < ActionController::Base
3
- include ShopifyApp::Localization
4
- include ShopifyApp::LoginProtection
5
- include ShopifyApp::EmbeddedApp
3
+ include ShopifyApp::Authenticated
6
4
 
7
5
  protect_from_forgery with: :exception
8
- before_action :login_again_if_different_shop
9
- around_action :shopify_session
10
6
  end
11
7
  end
@@ -1,5 +1,5 @@
1
1
  module ShopifyApp
2
- class SessionsController < ActionController::Base
2
+ class SessionsController < ActionController::Base # rubocop:disable Metrics/ClassLength
3
3
  include ShopifyApp::LoginProtection
4
4
 
5
5
  layout false, only: :new
@@ -16,7 +16,16 @@ module ShopifyApp
16
16
  end
17
17
 
18
18
  def enable_cookies
19
- validate_shop
19
+ return unless validate_shop
20
+
21
+ render(:enable_cookies, layout: false, locals: {
22
+ does_not_have_storage_access_url: top_level_interaction_path(
23
+ shop: sanitized_shop_name
24
+ ),
25
+ has_storage_access_url: login_url(top_level: true),
26
+ app_home_url: granted_storage_access_path(shop: sanitized_shop_name),
27
+ current_shopify_domain: current_shopify_domain,
28
+ })
20
29
  end
21
30
 
22
31
  def top_level_interaction
@@ -21,6 +21,20 @@
21
21
  <%= javascript_include_tag('shopify_app/enable_cookies', crossorigin: 'anonymous', integrity: true) %>
22
22
  </head>
23
23
  <body>
24
+ <%=
25
+ content_tag(
26
+ :div, nil,
27
+ id: 'redirection-target',
28
+ data: {
29
+ target: {
30
+ myshopifyUrl: "https://#{current_shopify_domain}",
31
+ hasStorageAccessUrl: "#{has_storage_access_url}",
32
+ doesNotHaveStorageAccessUrl: "#{does_not_have_storage_access_url}",
33
+ appHomeUrl: "#{app_home_url}"
34
+ },
35
+ },
36
+ )
37
+ %>
24
38
  <main id="CookiePartitionPrompt">
25
39
  <div class="Polaris-Page">
26
40
  <div class="Polaris-Page__Content">
@@ -1,11 +1,11 @@
1
1
  ---
2
2
  zh-CN:
3
3
  logged_out: 已成功注销
4
- could_not_log_in: 无法登录到 Shopify 店铺
4
+ could_not_log_in: 无法登录到 Shopify 商店
5
5
  invalid_shop_url: 商店域无效
6
6
  enable_cookies_heading: 从 %{app} 启用 Cookie
7
7
  enable_cookies_body: 您必须在此浏览器中手动启用 Cookie 才能在 Shopify 中使用 %{app}。
8
- enable_cookies_footer: Cookie 使此应用能够通过暂时存储您的首选项和个人信息来验证您的身份。这些信息将在 30 天后过期。
8
+ enable_cookies_footer: Cookie 使此应用能够通过暂时存储您的偏好设置和个人信息来验证您的身份。这些信息将在 30 天后过期。
9
9
  enable_cookies_action: 启用 Cookie
10
10
  top_level_interaction_heading: 您的浏览器需要对 %{app} 进行验证
11
11
  top_level_interaction_body: 您的浏览器要求类似 %{app} 的第三方应用向您请求访问 Cookie,之后 Shopify 才能为您打开它。
@@ -0,0 +1,15 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'rails/generators/base'
4
+
5
+ module ShopifyApp
6
+ module Generators
7
+ class AuthenticatedControllerGenerator < Rails::Generators::Base
8
+ source_root File.expand_path('../templates', __FILE__)
9
+
10
+ def create_home_controller
11
+ template('authenticated_controller.rb', 'app/controllers/authenticated_controller.rb')
12
+ end
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,5 @@
1
+ # frozen_string_literal: true
2
+
3
+ class AuthenticatedController < ApplicationController
4
+ include ShopifyApp::Authenticated
5
+ end
@@ -1,4 +1,6 @@
1
- class HomeController < ShopifyApp::AuthenticatedController
1
+ # frozen_string_literal: true
2
+
3
+ class HomeController < AuthenticatedController
2
4
  def index
3
5
  @products = ShopifyAPI::Product.find(:all, params: { limit: 10 })
4
6
  @webhooks = ShopifyAPI::Webhook.find(:all)
@@ -23,6 +23,10 @@ module ShopifyApp
23
23
  template 'shopify_app.rb', 'config/initializers/shopify_app.rb'
24
24
  end
25
25
 
26
+ def create_session_store_initializer
27
+ copy_file('session_store.rb', 'config/initializers/session_store.rb')
28
+ end
29
+
26
30
  def create_and_inject_into_omniauth_initializer
27
31
  unless File.exist? "config/initializers/omniauth.rb"
28
32
  copy_file 'omniauth.rb', 'config/initializers/omniauth.rb'
@@ -0,0 +1,4 @@
1
+ # frozen_string_literal: true
2
+ # Be sure to restart your server when you modify this file.
3
+
4
+ Rails.application.config.session_store(:cookie_store, key: '_example_session', expire_after: 14.days)
@@ -9,6 +9,7 @@ module ShopifyApp
9
9
  def run_all_generators
10
10
  generate "shopify_app:install #{@opts.join(' ')}"
11
11
  generate "shopify_app:shop_model"
12
+ generate("shopify_app:authenticated_controller")
12
13
  generate "shopify_app:home_controller"
13
14
  end
14
15
  end
@@ -1,3 +1,3 @@
1
1
  module ShopifyApp
2
- VERSION = '8.5.1'.freeze
2
+ VERSION = '8.6.0'.freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: shopify_app
3
3
  version: !ruby/object:Gem::Version
4
- version: 8.5.1
4
+ version: 8.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Shopify
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-02-27 00:00:00.000000000 Z
11
+ date: 2019-03-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: browser_sniffer
@@ -166,6 +166,7 @@ files:
166
166
  - app/assets/javascripts/shopify_app/storage_access_redirect.js
167
167
  - app/assets/javascripts/shopify_app/top_level.js
168
168
  - app/assets/javascripts/shopify_app/top_level_interaction.js
169
+ - app/controllers/concerns/shopify_app/authenticated.rb
169
170
  - app/controllers/shopify_app/authenticated_controller.rb
170
171
  - app/controllers/shopify_app/callback_controller.rb
171
172
  - app/controllers/shopify_app/sessions_controller.rb
@@ -204,6 +205,8 @@ files:
204
205
  - lib/generators/shopify_app/app_proxy_controller/templates/app_proxy_controller.rb
205
206
  - lib/generators/shopify_app/app_proxy_controller/templates/app_proxy_route.rb
206
207
  - lib/generators/shopify_app/app_proxy_controller/templates/index.html.erb
208
+ - lib/generators/shopify_app/authenticated_controller/authenticated_controller_generator.rb
209
+ - lib/generators/shopify_app/authenticated_controller/templates/authenticated_controller.rb
207
210
  - lib/generators/shopify_app/controllers/controllers_generator.rb
208
211
  - lib/generators/shopify_app/home_controller/home_controller_generator.rb
209
212
  - lib/generators/shopify_app/home_controller/templates/home_controller.rb
@@ -213,6 +216,7 @@ files:
213
216
  - lib/generators/shopify_app/install/templates/_flash_messages.html.erb
214
217
  - lib/generators/shopify_app/install/templates/embedded_app.html.erb
215
218
  - lib/generators/shopify_app/install/templates/omniauth.rb
219
+ - lib/generators/shopify_app/install/templates/session_store.rb
216
220
  - lib/generators/shopify_app/install/templates/shopify_app.rb
217
221
  - lib/generators/shopify_app/install/templates/shopify_provider.rb
218
222
  - lib/generators/shopify_app/rotate_shopify_token_job/rotate_shopify_token_job_generator.rb