Skip to content
/ ah-shopify-auth-plugin Public

plugin that provides middleware and routes for shopify oauth authenication

0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ryangall7/ah-shopify-auth-plugin

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

64 Commits
locales
locales
 
 
src
src
 
 
.gitignore
.gitignore
 
 
.npmignore
.npmignore
 
 
README.md
README.md
 
 
boot.js
boot.js
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
tsconfig.json
tsconfig.json
 
 

Repository files navigation

Plugin to add Shopify authentication to Actionhero

Still early stages, would love any input!

Configuration

To configure your Actionhero server to authenicate with shopify oAuth:

  1. Add this plugin to your actionhero project npm install ah-shopify-auth-plugin. Also, if you want to store your creditnails in a file rather than your server's ENVIRONMENT, you can npm install dotenv.
  2. Include this plugin in your config/plugins.ts.
import { join } from "path";

export const DEFAULT = {
  plugins: () => {
    return {
      "ah-shopify-auth-plugin": {
        path: join(__dirname, "..", "node_modules", "ah-shopify-auth-plugin")
      }
    };
  }
};
  1. Set the required enviornment variables, either in your ENV or .env. This plugin requites SHOPIFY_API_KEY and SHOPIFY_API_SECRET.
SHOPIFY_API_KEY=[YOUR_SHOPIFY_API_KEY]
SHOPIFY_API_SECRET=[YOUR_SHOPIFY_API_SECRET]
  1. Add a shopifyAuth.ts to your config directory with the following:
const path = require("path");

export const DEFAULT = {
  shopifyAuth: config => {

    return {
        apiKey: process.env.SHOPIFY_API_KEY,
        apiSecret: process.env.SHOPIFY_API_SECRET,
        scopes: 'read_products',
        ignoredDirectories: ["static"] //array of ignored directories (top level only)
    };
  }
};
  1. In most cases change your default route in config/servers/web.ts to be "api" rather than "file" (this plugin only authenticates api calls)

SameSite cookies

Shopify and chrome now require cookies to be SameSite=none. To do this you need to add these attributes to your sessionID cookie in config/servers/web.ts:

...
// Settings for determining the id of an http(s) request (browser-fingerprint)
fingerprintOptions: {
  cookieKey: "sessionID",
  toSetCookie: true,
  onlyStaticElements: false,
  settings: {
    path: "/",
    expires: 3600000,
    sameSite: "None",
    secure: true
  }
},
...

Processing Auth Token

Auth Token and scopes are saved on the session object. Like this:

{
  shopifySession: {
    access_token: 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
    scope: 'read_products',
    shop: 'some-store.myshopify.com'
  }
}

If you need to do something with the Shopify authToken once a user authenticates you can overwrite the function:

api.shopifyAuth.afterAuth = async (data, shopifySession) => {
    // Overwrite this function process the shopify access token after its been recieved
    log("Shopify Authorization Complete!");
    return;
}

the data object is the same data object passed to Actionhero actions, and the shopifySession is structured as above.

About

plugin that provides middleware and routes for shopify oauth authenication

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages