The latest version of my starter scripts for Shopify Public App development has been streamlined quite a bit, but I know it still needs to be redone again later in order to make it truly robust. This version I know will still be a bit clunky to setup as well as the admin page management. It also doesn’t include a secure mechanism for oauth_token storage. I’m sure it doesn’t include a few more features I’m sure will come up during development of this incarnation.
I found a few open source Shopify App skeletons on Github and grabbed a copy of one just to wrap my head around a working example of the Shopify API usage.
Since my language of choice is PHP I went with a solution in that language, however it used a PHP Session to store the oauth_token. It worked when I tested it, until I tried installing the app on a second store. The session was tied to my computer, so when I installed the app in the second store, it replaced the oauth_token and broke the authorization for the first store, but just from my browser. Still, this could happen if a developer or shop owner was managing multiple stores and used my app in more than one store.
I wanted to stay away from requiring a DB for an app skeleton since not every app needs it and the ones that do would likely have drastically different needs. My solution was to go with a file-based approach. A simple JSON dump and retrieval. Quick and easy to maintain. That being the case, I know this could be made a lot more robust than it currently will be.
- The App must be public; not a private app
- The App must be set to Offline Access Mode; not Online Access Mode where the
What the file-based system does:
- on install create a file in /appname/stores/
This location holds files like “jpapp.myshopify.com.php” that represent a single installed store.