Class: ShopifyAPI::Session

Inherits:

Object

• Object
• ShopifyAPI::Session

Defined in:

lib/shopify_api/session.rb

Instance Attribute Summary

• #name ⇒ Object

  Returns the value of attribute name.

• #token ⇒ Object

  Returns the value of attribute token.

• #url ⇒ Object

  Returns the value of attribute url.

Class Method Summary

• .prepare_url(url) ⇒ Object
• .setup(params) ⇒ Object
• .temp(domain, token, &block) ⇒ Object
• .validate_signature(params) ⇒ Object

Instance Method Summary

• #initialize(url, token = nil, params = nil) ⇒ Session constructor

  A new instance of Session.

• #shop ⇒ Object
• #site ⇒ Object
• #valid? ⇒ Boolean

Constructor Details

#initialize(url, token = nil, params = nil) ⇒ Session

Returns a new instance of Session.

# File 'lib/shopify_api/session.rb', line 50

def initialize(url, token = nil, params = nil)
  self.url, self.token = url, token
  self.class.prepare_url(self.url)

  if params
    unless self.class.validate_signature(params) && params[:timestamp].to_i > 24.hours.ago.utc.to_i
      raise "Invalid Signature: Possible malicious login" 
    end
  end
end

Instance Attribute Details

#name ⇒ Object

Returns the value of attribute name.

# File 'lib/shopify_api/session.rb', line 10

def name
  @name
end

#token ⇒ Object

Returns the value of attribute token.

# File 'lib/shopify_api/session.rb', line 10

def token
  @token
end

#url ⇒ Object

Returns the value of attribute url.

# File 'lib/shopify_api/session.rb', line 10

def url
  @url
end

Class Method Details

.prepare_url(url) ⇒ Object

# File 'lib/shopify_api/session.rb', line 35

def prepare_url(url)
  return nil if url.blank?
  url.gsub!(/https?:\/\//, '')                            # remove http:// or https://
  url.concat(".myshopify.com") unless url.include?('.')   # extend url to myshopify.com if no host is given
end

.setup(params) ⇒ Object

# File 'lib/shopify_api/session.rb', line 14

def setup(params)
  params.each { |k,value| send("#{k}=", value) }
end

.temp(domain, token, &block) ⇒ Object

# File 'lib/shopify_api/session.rb', line 18

def temp(domain, token, &block)
  session = new(domain, token)
  begin
    original_domain  = URI.parse(ShopifyAPI::Base.site.to_s).host
  rescue URI::InvalidURIError
  end
  original_token   = ShopifyAPI::Base.headers['X-Shopify-Access-Token']
  original_session = new(original_domain, original_token)

  begin
    ShopifyAPI::Base.activate_session(session)
    yield
  ensure
    ShopifyAPI::Base.activate_session(original_session)
  end
end

.validate_signature(params) ⇒ Object

# File 'lib/shopify_api/session.rb', line 41

def validate_signature(params)
  return false unless signature = params[:signature]

  sorted_params = params.except(:signature, :action, :controller).collect{|k,v|"#{k}=#{v}"}.sort.join
  Digest::MD5.hexdigest(secret + sorted_params) == signature
end

Instance Method Details

#shop ⇒ Object

# File 'lib/shopify_api/session.rb', line 61

def shop
  Shop.current
end

#site ⇒ Object

# File 'lib/shopify_api/session.rb', line 65

def site
  "#{protocol}://#{url}/admin"
end

#valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/shopify_api/session.rb', line 69

def valid?
  url.present? && token.present?
end