Module: ShopifyApp::LoginProtection
Defined Under Namespace
Classes: ShopifyDomainNotFound
Constant Summary
collapse
'X-Shopify-API-Request-Failure-Unauthorized'
Instance Method Summary
collapse
Instance Method Details
#activate_shopify_session ⇒ Object
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
# File 'lib/shopify_app/controller_concerns/login_protection.rb', line 19
def activate_shopify_session
if user_session_expected? && user_session.blank?
Rails.logger.debug("[ShopifyApp::LoginProtection] User session required. Redirecting to login...")
signal_access_token_required
return redirect_to_login
end
if current_shopify_session.blank?
Rails.logger.debug("[ShopifyApp::LoginProtection] Current shopify session is blank. Redirecting to login...")
return redirect_to_login
end
clear_top_level_oauth_cookie
begin
Rails.logger.debug("[ShopifyApp::LoginProtection] Activating session...")
ShopifyAPI::Base.activate_session(current_shopify_session)
yield
ensure
Rails.logger.debug("[ShopifyApp::LoginProtection] Clearing session...")
ShopifyAPI::Base.clear_session
end
end
|
#current_shopify_session ⇒ Object
43
44
45
46
47
|
# File 'lib/shopify_app/controller_concerns/login_protection.rb', line 43
def current_shopify_session
@current_shopify_session ||= begin
user_session || shop_session
end
end
|
#login_again_if_different_user_or_shop ⇒ Object
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
# File 'lib/shopify_app/controller_concerns/login_protection.rb', line 79
def login_again_if_different_user_or_shop
if session[:user_session].present? && params[:session].present? Rails.logger.debug("[ShopifyApp::LoginProtection] Session data was sent/stored correctly.")
clear_session = session[:user_session] != params[:session] if clear_session
Rails.logger.debug("[ShopifyApp::LoginProtection] Current user is different from stored user.")
end
clear_session
end
if current_shopify_session &&
params[:shop] && params[:shop].is_a?(String) &&
(current_shopify_session.domain != params[:shop])
clear_session = true
end
if clear_session
Rails.logger.debug("[ShopifyApp::LoginProtection] Clearing shopify session and redirecting to login...")
clear_shopify_session
redirect_to_login
end
end
|
#shop_session ⇒ Object
64
65
66
|
# File 'lib/shopify_app/controller_concerns/login_protection.rb', line 64
def shop_session
shop_session_by_jwt || shop_session_by_cookie
end
|
#shop_session_by_cookie ⇒ Object
#shop_session_by_jwt ⇒ Object
#signal_access_token_required ⇒ Object
102
103
104
|
# File 'lib/shopify_app/controller_concerns/login_protection.rb', line 102
def signal_access_token_required
response.(ACCESS_TOKEN_REQUIRED_HEADER, true)
end
|
#user_session ⇒ Object
49
50
51
|
# File 'lib/shopify_app/controller_concerns/login_protection.rb', line 49
def user_session
user_session_by_jwt || user_session_by_cookie
end
|
#user_session_by_cookie ⇒ Object
#user_session_by_jwt ⇒ Object