Installation - tech-shiv/osiset-laravel-shopify-app GitHub Wiki
composer create-project --prefer-dist laravel/laravel:^7.0 .
php artisan key:generate
composer require osiset/laravel-shopify
php artisan vendor:publish --tag=shopify-config
You're now able to access config in config/shopify-app.php
Essentially you will need to fill in the app_name, api_key, api_secret, and api_scopes to generate a working app. Its recommended you use an env file for the configuration.
In your app's settings on your Shopify Partner dashboard, you need to set the callback URL to be:
https://example.com/
And the redirect_uri to be:
https://example.com/authenticate
The callback URL will point to the home route, while the redirect_uri will point to the authentication route.
NOTE:Those two URLs must start with https, otherwise you will get an error message: "Oauth error invalid_request: The redirect_uri is not whitelisted"
This package expects a route named home to exist. By default, the package has this route defined which shows a simple welcome page. To enable it, you will need to open routes/web.php and comment out the default Laravel route for /.
Route::get('/', function () {
return view('welcome');
})->middleware(['verify.shopify'])->name('home');
Next, modify resources/views/welcome.blade.php to extend this packages' layout for Shopify AppBridge abilities, example:
@extends('shopify-app::layouts.default')
@section('content')
<!-- You are: (shop domain name) -->
<p>You are: {{ $shopDomain ?? Auth::user()->name }}</p>
@endsection
@section('scripts')
@parent
<script>
actions.TitleBar.create(app, { title: 'Welcome' });
</script>
@endsection
You will need to modify your Laravel user model. Normally located in app/User.php or app/Models/User.php.
Open the file, add after the namespace:
use Osiset\ShopifyApp\Contracts\ShopModel as IShopModel;
use Osiset\ShopifyApp\Traits\ShopModel;
Next, modify the class line to become:
class User extends Authenticatable implements IShopModel
Next, inside the class, add:
use ShopModel;
A completed User.php file will look like this:
<?php
namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Osiset\ShopifyApp\Contracts\ShopModel as IShopModel;
use Osiset\ShopifyApp\Traits\ShopModel;
class User extends Authenticatable implements IShopModel
{
use Notifiable;
use ShopModel;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'email', 'password',
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
}
First, you need to get permission for write script tags to storefront. Add write_script_tags to api_scopes (or in SHOPIFY_API_SCOPES env variable) in config/shopify-app.php like the following:
'api_scopes' => env('SHOPIFY_API_SCOPES', 'read_products,write_products,write_script_tags'),
There is a default job provided which soft deletes the shop, and its charges (if any) for you. You're able to install this job directly or extend it.
To install, first run:
php artisan vendor:publish --tag=shopify-jobs a job will be placed in App/Jobs/AppUninstalledJob.
Next, edit config/shopify-app.php to enable the job:
'webhooks' => [
[
'topic' => env('SHOPIFY_WEBHOOK_1_TOPIC', 'APP_UNINSTALLED'),
'address' => env('SHOPIFY_WEBHOOK_1_ADDRESS', 'https://(your-domain).com/webhook/app-uninstalled')
],
],
By default, running php artisan migrate is enough. If you'd like to edit or review the migrations before running migrate, see Manual below.
Set env SHOPIFY_MANUAL_MIGRATIONS=1 or edit config/shopify-app.php, then run:
php artisan vendor:publish --tag=shopify-migrations
This will publish the migrations to your app's migration folder. When you're satisfied, run php artisan migrate to commit the changes.
You must disable CSRF as there is currently no solution for verifying session tokens with CSRF, there is a conflict due to new login creation each request.
Open \App\Http\Middleware\VerifyCsrfToken.php, and add or edit:
protected $except = [
'*',
];
This will exclude all routes from verifying CSRF.