Strapi Plugin Shopify
Build a Shopify application with Strapi.
Table Of Content
- Requirements
- Installation
- Middlewares Configuration
- Shopify Configuration
- Environment Variables
- Endpoints
Requirements
Strapi v4 is required.
Installation
npm install --save strapi-plugin-shopifyMiddlewares configuration
Webhooks are authenticated with HMAC calculated on the raw body, strapi::body middleware should be configured to pass the unparsed body as following:
{
name: 'strapi::body',
config: {
includeUnparsed: true,
},
},If you want to serve an embedded app directly from Strapi you will find that default CSP policies will not allow to do that, strapi::security middleware should be configured as following (this configuration should be used only if you have problem with the embedded app iframe):
{
name: 'strapi::security',
config: {
contentSecurityPolicy: {
useDefaults: true,
directives: {
'frame-ancestors': null,
},
},
frameguard: false,
},
},Shopify Configuration
The Shopify application should be configured as follow:
- App URL should be set as
https://your-domain.com/api/shopify - Allowed redirection URL(s) should have both
https://your-domain.com/api/shopify/install/callbackhttps://your-domain.com/api/shopify/auth/callback
Environment Variables
This plugin needs the following environment variables to work:
| Variable | Example | Description |
|---|---|---|
| HOST_NAME | shop3.app |
the host name of your app without the protocol (http or https) |
| SHOPIFY_API_KEY | 553536bf79ee112525f63aaf25df59f8 |
the API key generated by Shopify |
| SHOPIFY_API_SECRET | 687b73300b570bdbe53220d84a18e23d |
the API secret generated by Shopify |
| SHOPIFY_SCOPES | read_locales,read_products |
the API scopes used by the application |
| SHOPIFY_APP_EMBEDDED | true |
whether the app is an embedded app or not |
| SHOPIFY_REDIRECT_URL | https://shop3.app/home |
the url where the user is redirect after authentication |
Endpoints
This are the endpoints exposed by this plugin:
| Method | Path | Description |
|---|---|---|
| GET | /api/shopify | the entry point of the application, it handles installation and authentication |
| POST | /api/shopify/webhooks | the default webhooks endpoint called by Shopify |
| GET | /api/shopify/install | the installation endpoint, should not be called directly, use /api/shopify instead |
| GET | /api/shopify/install/callback | the installation callback endpoint, should be called only by Shopify |
| GET | /api/shopify/auth | the authentication endpoint, should not be called directly, use /api/shopify instead |
| GET | /api/shopify/auth/callback | the authentication callback endpoint, should be called only by Shopify |
| POST | /api/shopify/auth/logout | the logout endpoint, should be called to delete the Shopify session |
| GET | /api/shopify/shop | this endpoint should be called to get the authenticated shop data |
| GET | /api/shopify/plans | this endpoint should be called to get available subscription plans |
| GET | /api/shopify/subscription | this endpoint should be called to get the shop subscription |
| POST | /api/shopify/subscription | this endpoint should be called to create a shop subscription |