Keep previous routes around so this is not a breaking change

Shopify · Jun 10, 2022 · 68d9cb6 · 68d9cb6
1 parent e05286d
commit 68d9cb6
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 5 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,8 @@
 Unreleased
 ----------
 
+* Add the `login_callback_url` config to allow overwriting that route as well, and mount the engine routes based on the configurations. [#1445](https://github.com/Shopify/shopify_app/pull/1445)
+
 19.0.2 (April 27, 2022)
 ----------
 
@@ -27,7 +29,7 @@ BREAKING, please see migration notes.
 18.1.0 (Jan 28, 2022)
 ----------
 * Support Rails 7 [#1354](https://github.com/Shopify/shopify_app/pull/1354)
-* Fix webhooks handling in Ruby 3 [#1342](https://github.com/Shopify/shopify_app/pull/1342) 
+* Fix webhooks handling in Ruby 3 [#1342](https://github.com/Shopify/shopify_app/pull/1342)
 * Update to Ruby 3 and drop support to Ruby 2.5 [#1359](https://github.com/Shopify/shopify_app/pull/1359)
 
 18.0.4 (Jan 27, 2022)
@@ -51,7 +53,7 @@ BREAKING, please see migration notes.
 
 18.0.0 (May 3, 2021)
 ----------
-* Support OmniAuth 2.x 
+* Support OmniAuth 2.x
   * If your app has custom OmniAuth configuration, please refer to the [OmniAuth 2.0 upgrade guide](https://github.com/omniauth/omniauth/wiki/Upgrading-to-2.0).
 * Support App Bridge version 2.x in the Embedded App layout. [#1241](https://github.com/Shopify/shopify_app/pull/1241)
 
@@ -81,7 +83,7 @@ BREAKING, please see migration notes.
 
 17.0.4 (January 25, 2021)
 ----------
-* Redirect user to login page if shopify domain is not found in the `EnsureAuthenticatedLinks` concern [#1158](https://github.com/Shopify/shopify_app/pull/1158) 
+* Redirect user to login page if shopify domain is not found in the `EnsureAuthenticatedLinks` concern [#1158](https://github.com/Shopify/shopify_app/pull/1158)
 
 17.0.3 (January 22, 2021)
 ----------

diff --git a/app/controllers/shopify_app/sessions_controller.rb b/app/controllers/shopify_app/sessions_controller.rb
@@ -44,9 +44,11 @@ def authenticate
     end
 
     def start_oauth
+      callback_url = ShopifyApp.configuration.login_callback_url.gsub(%r{^/}, "")
+
       auth_attributes = ShopifyAPI::Auth::Oauth.begin_auth(
         shop: sanitized_shop_name,
-        redirect_path: ShopifyApp.configuration.login_callback_url,
+        redirect_path: "/#{callback_url}",
         is_online: user_session_expected?
       )
       cookies.encrypted[auth_attributes[:cookie].name] = {

diff --git a/config/routes.rb b/config/routes.rb
@@ -8,10 +8,21 @@
     get login_url => :new, :as => :login
     post login_url => :create, :as => :authenticate
     get "logout" => :destroy, :as => :logout
+
+    # Kept to prevent apps relying on these routes from breaking
+    if login_url.gsub(%r{^/}, "") != "login"
+      get "login" => :new, :as => :default_login
+      post "login" => :create, :as => :default_authenticate
+    end
   end
 
   controller :callback do
     get login_callback_url => :callback
+
+    # Kept to prevent apps relying on these routes from breaking
+    if login_callback_url.gsub(%r{^/}, "") != "auth/shopify/callback"
+      get "auth/shopify/callback" => :default_callback
+    end
   end
 
   namespace :webhooks do

diff --git a/lib/shopify_app/configuration.rb b/lib/shopify_app/configuration.rb
@@ -52,7 +52,8 @@ def login_url
     end
 
     def login_callback_url
-      @login_callback_url || File.join(@root_url, "auth/shopify/callback")
+      # Not including @root_url to keep historic behaviour
+      @login_callback_url || File.join("auth/shopify/callback")
     end
 
     def user_session_repository=(klass)