shopify_app_whitelist
This Gem extends shopify_app to add a whitelist option so only defined shops can access your app for installation.
Compatibility
v2.0 up - Rails 5 and Shopify App 8 are supported.
v1.0 up - Rails 4 and Rails 5, Shopify App <7.1 are supported. Appraisal Gem is used to test against both versions of Rails.
Installation
Assuming shopify_app is already installed
- Add
gem 'shopify_app_whitelist'
to your Gemfile - Run
bundle install
Configuration
- Open your existing
config/initializers/shopify_app.rb
file - Add
whitelist
andwhitelist_redirect
options
Example:
ShopifyApp.configure do |config|
# ...
config.whitelist = %w(allowed.myshopify.com another-allowed-shop.myshopify.com)
config.whitelist_redirect = '/404.html'
# ...
end
Testing
This Gem is tested. See test/
or run bundle rake test
after installing development dependencies.
How It Works
This Gem adds two configuration options to ShopifyApp::Configuration
automatically. Using a Railite, it also automatically injects a controller concern into ActionController::Base
.
The concern will check if the current controller is shopify_app/sessions_controller
and that the action is one of new
, create
, or callback
. If it is, it will check the shop's Shopify domain against the whitelist to see if the shop is allowed to access these methods.
License
This project is released under the MIT license.