Created
April 13, 2012 17:56
-
-
Save travishaynes/2378812 to your computer and use it in GitHub Desktop.
Shopify OAuth2 Authentication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # config/application.rb | |
| class Application < Rails::Application | |
| config.shopify_api_key = ENV['SHOPIFY_API_KEY'] | |
| config.shopify_shared_secret = ENV['SHOPIFY_SHARED_SECRET'] | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| / views/layout/application.slim | |
| doctype html | |
| html | |
| head | |
| title Shopify OAuth2 | |
| = stylesheet_link_tag "application", :media => "all" | |
| = javascript_include_tag "application" | |
| = csrf_meta_tags | |
| body | |
| #header | |
| ul | |
| - if current_shop.nil? | |
| li = link_to "Sign in", new_shopify_session_path | |
| - else | |
| li = current_shop.domain | |
| li = link_to "Sign out", shopify_session_path, | |
| :confirm => "Are you sure?", | |
| :method => :delete | |
| #main | |
| = yield |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # app/controllers/application_controller.rb | |
| class ApplicationController < ActionController::Base | |
| protect_from_forgery | |
| helper_method :current_shop, :shopify_session | |
| private | |
| def current_shop | |
| @current_shop ||= Shop.find(session[:shop_id]) if session[:shop_id].present? | |
| end | |
| def shopify_session | |
| unless current_shop.nil? | |
| api_key = Rails.configuration.shopify_api_key | |
| token = current_shop.token | |
| domain = current_shop.domain | |
| ShopifyAPI::Base.site = "https://#{api_key}:#{token}@#{domain}/admin" | |
| end | |
| yield | |
| ensure ShopifyAPI::Base.site = nil | |
| end | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # rails g model shop provider:string domain:string token:string | |
| class CreateShops < ActiveRecord::Migration | |
| def change | |
| create_table :shops do |t| | |
| t.string :provider, :null => false, :default => "" | |
| t.string :domain, :null => false, :default => "" | |
| t.string :token, :null => false, :default => "" | |
| t.timestamps | |
| end | |
| end | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| gem 'shopify_api' | |
| gem 'omniauth-shopify-oauth2' | |
| gem 'slim-rails' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # app/views/shopify/new.slim | |
| = form_tag "/auth/shopify", method: 'get' do | |
| = label_tag :shop, "Your shop's .myshopify.com domain:" | |
| = text_field_tag :shop | |
| = submit_tag "Sign in" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # config/routes.rb | |
| root to: "home#index" | |
| match "/auth/:provider/callback" => "shopify/sessions#create", :as => :authenticate | |
| namespace :shopify do | |
| resource :session, :only => [:new, :create, :destroy] | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Shopify::SessionsController < ApplicationController | |
| def create | |
| # get the omniauth request | |
| auth = request.env["omniauth.auth"] | |
| # find or create the shop | |
| shop = Shop.find_or_create_by_provider_and_token( | |
| auth["provider"], | |
| auth["credentials"].token | |
| ) | |
| # ensure the shop's domain is stored in the local database | |
| shop.update_attributes(:domain => params[:shop]) if shop.domain.empty? | |
| # store the shop's identifier in the session | |
| session[:shop_id] = shop.to_param | |
| # redirect to the root path | |
| redirect_to root_path, :notice => "Signed in." | |
| end | |
| def destroy | |
| # reset the session - safer than just deleting | |
| # :shop_id, as it also prevents session hijacking | |
| reset_session | |
| # redirect to the root path | |
| redirect_to root_path, :notice => "Signed out." | |
| end | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Shop < ActiveRecord::Base | |
| attr_accessible :provider, :domain, :token | |
| validates_uniqueness_of :token, :on => :create | |
| validates_presence_of :provider, :token | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment