class ShopifyApp::SessionsController
def authenticate
def authenticate return render_invalid_shop_error unless sanitized_shop_name.present? if ShopifyApp.configuration.use_new_embedded_auth_strategy? ShopifyApp::Logger.debug("Starting OAuth - Redirecting to Shopify managed install") start_install else ShopifyApp::Logger.debug("Starting OAuth - Redirecting to begin auth") start_oauth end end
def copy_return_to_param_to_session
def copy_return_to_param_to_session session[:return_to] = RedirectSafely.make_safe(params[:return_to], "/") if params[:return_to] end
def create
def create authenticate end
def destroy
def destroy reset_session flash[:notice] = I18n.t(".logged_out") ShopifyApp::Logger.debug("Session destroyed") ShopifyApp::Logger.debug("Redirecting to #{login_url_with_optional_shop}") redirect_to(login_url_with_optional_shop) end
def new
def new authenticate if sanitized_shop_name.present? end
def redirect_auth_to_top_level
def redirect_auth_to_top_level url = login_url_with_optional_shop(top_level: true) ShopifyApp::Logger.debug("Redirecting to top level - #{url}") fullpage_redirect_to(url) end
def redirect_to_begin_oauth
def redirect_to_begin_oauth callback_url = ShopifyApp.configuration.login_callback_url.gsub(%r{^/}, "") ShopifyApp::Logger.debug("Starting OAuth with the following callback URL: #{callback_url}") auth_attributes = ShopifyAPI::Auth::Oauth.begin_auth( shop: sanitized_shop_name, redirect_path: "/#{callback_url}", is_online: user_session_expected?, ) cookies.encrypted[auth_attributes[:cookie].name] = { expires: auth_attributes[:cookie].expires, secure: true, http_only: true, value: auth_attributes[:cookie].value, } auth_route = auth_attributes[:auth_route] ShopifyApp::Logger.debug("Redirecting to auth_route - #{auth_route}") redirect_to(auth_route, allow_other_host: true) end
def render_invalid_shop_error
def render_invalid_shop_error flash[:error] = I18n.t("invalid_shop_url") redirect_to(return_address) end
def start_install
def start_install shop_name = sanitized_shop_name.split(".").first install_path = "https://admin.shopify.com/store/#{shop_name}/oauth/install?client_id=#{ShopifyApp.configuration.api_key}" redirect_to(install_path, allow_other_host: true) end
def start_oauth
def start_oauth copy_return_to_param_to_session if embedded_redirect_url? ShopifyApp::Logger.debug("Embedded URL within / authenticate") if embedded_param? redirect_for_embedded else redirect_to_begin_oauth end elsif top_level? redirect_to_begin_oauth else redirect_auth_to_top_level end end
def top_level?
def top_level? return true unless ShopifyApp.configuration.embedded_app? !params[:top_level].nil? end
def top_level_interaction
def top_level_interaction @url = login_url_with_optional_shop(top_level: true) validate_shop_presence end
def validate_shop_presence
def validate_shop_presence @shop = sanitized_shop_name unless @shop render_invalid_shop_error return false end true end