-
Notifications
You must be signed in to change notification settings - Fork 684
/
ensure_installed.rb
84 lines (68 loc) · 2.42 KB
/
ensure_installed.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
# frozen_string_literal: true
module ShopifyApp
module EnsureInstalled
extend ActiveSupport::Concern
include ShopifyApp::RedirectForEmbedded
included do
if defined?(ShopifyApp::LoginProtection) && ancestors.include?(ShopifyApp::LoginProtection)
message = <<~EOS
We detected the use of incompatible concerns (EnsureInstalled and LoginProtection) in #{name},
which leads to unpredictable behavior. You cannot include both concerns in the same controller.
EOS
raise message
end
before_action :check_shop_domain
if ShopifyApp.configuration.use_new_embedded_auth_strategy?
include ShopifyApp::TokenExchange
around_action :activate_shopify_session
else
before_action :check_shop_known
before_action :validate_non_embedded_session
end
end
def current_shopify_domain
if params[:shop].blank?
ShopifyApp::Logger.info("Could not identify installed store from current_shopify_domain")
return
end
@shopify_domain ||= ShopifyApp::Utils.sanitize_shop_domain(params[:shop])
ShopifyApp::Logger.info("Installed store: #{@shopify_domain} - deduced from Shopify Admin params")
@shopify_domain
end
def installed_shop_session
@installed_shop_session ||= SessionRepository.retrieve_shop_session_by_shopify_domain(current_shopify_domain)
end
private
def check_shop_domain
redirect_to(ShopifyApp.configuration.login_url) unless current_shopify_domain
end
def check_shop_known
@shop = installed_shop_session
unless @shop
if embedded_param?
redirect_for_embedded
else
redirect_to(shop_login)
end
end
end
def shop_login
url = URI(ShopifyApp.configuration.login_url)
url.query = URI.encode_www_form(
shop: params[:shop],
host: params[:host],
return_to: request.fullpath,
)
url.to_s
end
def validate_non_embedded_session
return if loaded_directly_from_admin?
client = ShopifyAPI::Clients::Rest::Admin.new(session: installed_shop_session)
client.get(path: "shop")
rescue ShopifyAPI::Errors::HttpResponseError => error
ShopifyApp::Logger.info("Shop offline session no longer valid. Redirecting to OAuth install")
redirect_to(shop_login) if error.code == 401
raise error if error.code != 401
end
end
end