gearworks-route
v1.10.0
Published
The routing function used by Gearworks apps, complete with full TypeScript definitions. Gearworks is the fastest way to get started with building Shopify apps!
Downloads
47
Maintainers
Readme
gearworks-route
The routing function used by Gearworks apps, complete with full TypeScript definitions. This routing function simplifies Shopify webhook, proxy and request validation, JWT authentication, parameter validation and more.
Gearworks is the fastest way to get started with building Shopify apps!
Installation
With Yarn:
yarn install gearworks-route
Or from NPM:
npm install gearworks-route --save
Importing
Import gearworks-route via ES6 default import:
import getRouter from "gearworks-route";
Or via Node's require:
const getRouter = require("gearworks-route").default;
Example
Pass your Express app and a configuration object into the getRouter
function, which will return a routing function that you can use to quickly configure routes:
import * as express from "express";
import getRouter from "gearworks-route";
const app = express();
const config = {
sealable_users_props: ["shopify_access_token"],
shopify_secret_key: "my shopify secret key used to validate Shopify requests",
iron_password: "My randomly generated password which will encrypt the sealable_users_props",
jwt_secret_key: "My randomly generated password which will sign JWT auth tokens",
userAuthIsValid: async (user) => {
// Use this function to tell the route whether the user's auth is now invalid by e.g. checking a cache or database.
return true;
}
}
const route = getRouter(expressApp, config);
// Create a route
route({
label: "Validate a Shopify webhook",
method: "post",
path: "/api/v1/webhooks/app-uninstalled",
validateShopifyWebhook: true,
handler: async function (req, res, next) {
// A user has uninstalled your Shopify app!
res.json({okay: true});
// All handlers must call next() when they're done.
return next();
}
})
Configuration
The getRouter
function expects you to pass in both an Express app, and a configuration object with the following values:
| prop | type | required | description |
|------|------|----------|-------------|
| shopify_secret_key
| string | true | Your Shopify app's secret key, used to validate Shopify requests. |
| iron_password
| string | true | A randomly-generated string used to encrypt and decrypt the properties in sealable_user_props
. |
| jwt_secret_key
| string | true | A randomly-generated string used to sign JWT auth tokens. |
| sealable_user_props
| string array | false | A list of sensitive properties on your User object that should be encrypted and sealed by Iron. Usually you'd want to encrypt at minimum the user's Shopify access token. |
| auth_header_name
| string | false | The name of the header to check for auth tokens. Defaults to gearworks_auth
. |
| userAuthIsValid
| function | false | A function that receives the User object to check whether a user's auth is still valid (e.g. they uninstalled your app and should be logged out). Return true for valid, false for invalid. |
Route Configuration
The getRouter
function returns a route
function, which you can use to quickly setup routes. It accepts a single parameter, an object with the following props:
| prop | type | required | description |
|------|------|----------|-------------|
| label
| string | false | A string which gives a quick summary of the route. Currently only used for developer convenience to quickly scan routes. |
| path
| string | true | The route's URL path. Can accept Express-style parameters, e.g. /api/v1/orders/:id
. |
| method
| string | true | The route's request method. Must be either get
, post
, put
, delete
, head
or all
. Case-sensitive, must be all lowercase. |
| handler
| function | true | The route's handler, a function which accepts req
, res
and next
parameters. Can be async. All handlers must call next()
to end the request. |
| cors
| boolean | false | A flag which enables Cross-Origin Resource Sharing (CORS) requests for the route. |
| requireAuth
| boolean | false | A flag which tells the route function whether it should require an authorized user. If true, the deserialized User object will be available to the handler function with req.user
. |
| bodyValidation
| object | false | A Joi validation scheme which will be applied to the request body. Access the validated object with req.validatedBody
in the handler function. |
| queryValidation
| object | false | A Joi validation scheme which will be applied to the request querystring. Access the validated object with req.validatedQuery
in the handler function. |
| paramValidation
| object | false | A Joi validation scheme which will be applied to the request url parameters. Access the validated object with req.validatedParams
in the handler function. |
| validateShopifyRequest
| boolean | false | A flag which tells the route function whether it should validate the request as a Shopify request. |
| validateShopifyWebhook
| boolean | false | A flag which tells the route function whether it should validate the request as a Shopify webhook. |
| validateShopifyProxyPage
| boolean | false | A flag which tells the route function whether it should validate the request as a Shopify proxy page request. |
TypeScript interfaces
This package comes complete with full TypeScript definitions! When using the getRouter
function, you're expected to pass in the type interface for your User object. That will then give you intellisense on the sealable_user_props
configuration option, and the req.user
object in your route handlers.
import getRouter from "gearworks-route";
interface User {
_id: string;
username: string;
shopify_access_token: string;
}
const route = getRouter<User>(expressApp, {
sealable_users_props: ["shopify_access_token" /* Array only accepts keys from the User interface */],
...
})
route({
label: "Get home page",
method: "get",
path: "/home",
requireAuth: true,
handler: async function (req, res, next) {
// req.user is type User
...
}
})
Finally, you'll need to install the typings for Express, Joi and Boom, otherwise your app probably won't compile:
yarn add @types/express@^4.0.35 @types/joi@^9.0.32 @types/boom@^4.2.0