Shop API for Sylius.
Branch: master
Clone or download
lchrusciel feature #390 Add missing customer attributes to sylius_shop_api_me ()
This PR was merged into the 1.0-dev branch.

Discussion
----------

In order to be able to load all user details through shopApi I suggest to change the response of `sylius_shop_api_me`, adding the missing customer attributes:  `birthday`, `gender`, `phoneNumber` and `subscribedToNewsletter`

Having this, we can get and edit all customer attributes and that will be useful if you want to use Sylius as headless system, e.g.

Commits
-------

565e547 Add missing customer attributes to sylius_shop_api_me
Latest commit 3e5d831 Feb 22, 2019

README.md

Sylius Shop API

License Version Build Status Scrutinizer Quality Score

This repository contains a plugin that extends the Sylius eCommerce Framework with an API in JSON that allows performing all standard shop operations from the customer perspective.

Documentation

The latest documentation is available here.

Installation

  1. Run composer require sylius/shop-api-plugin:^1.0@beta.

  2. Extend config files:

    1. Add SyliusShopApi to AppKernel.
    // app/AppKernel.php
    
        public function registerBundles(): array
        {
            return array_merge(parent::registerBundles(), [
                new \Sylius\ShopApiPlugin\ShopApiPlugin(),
                new \League\Tactician\Bundle\TacticianBundle(),
            ]);
        }
    1. Add - { path: '^/shop-api', priorities: ['json'], fallback_format: json, prefer_extension: true } to fos_rest.format_listener.rules section in app/config/config.yml file and import config from Plugin.
    # app/config/config.yml
    
    imports:
        # ...
        - { resource: "@ShopApiPlugin/Resources/config/app/config.yml" }
        - { resource: "@ShopApiPlugin/Resources/config/app/sylius_mailer.yml" }
    
    # ...
    
    fos_rest:
        # ...
        
        format_listener:
            rules:
                - { path: '^/shop-api', priorities: ['json'], fallback_format: json, prefer_extension: true } # <-- Add this
                - { path: '^/api', priorities: ['json', 'xml'], fallback_format: json, prefer_extension: true }
                - { path: '^/', stop: true }
    
    1. Adjust checkout configuration to not collide with Sylius shop API. For example (assuming, that you are using regular Sylius security definition):
    # app/config/config.yml
    
    # ...
    
    sylius_shop:
        checkout_resolver:
            pattern: "%sylius.security.shop_regex%/checkout/.+"
    1. Add routing to app/config/routing.yml
    # app/config/routing.yml
    
    # ...
    
    sylius_shop_api:
        resource: "@ShopApiPlugin/Resources/config/routing.yml"
    1. Configure firewall
      1. Change sylius.security.shop_regex parameter to exclude shop-api prefix also
      2. Add ShopAPI regex parameter shop_api.security.regex: "^/shop-api"
      3. Add ShopAPI firewall config:
    parameters:
        # ...
    
        sylius.security.shop_regex: "^/(?!admin|api/.*|api$|shop-api)[^/]++" # shop-api has been added inside the brackets
        shop_api.security.regex: "^/shop-api"
    
    # ... 
    
    security:
        firewalls:
            // ...
    
            shop_api:
                pattern: "%shop_api.security.regex%"
                stateless:  true
                anonymous:  true
    1. (optional) if you have installed nelmio/NelmioCorsBundle for Support of Cross-Origin Ajax Request,

      1. Add the NelmioCorsBundle to the AppKernel
      // app/AppKernel.php
      
      /**
       * {@inheritdoc}
       */
      public function registerBundles()
      {
          $bundles = array(
              // ...
              new Nelmio\CorsBundle\NelmioCorsBundle(),
              // ...
          );
          // ...
      }
      1. Add the configuration to the `config.yml
      # app/config/config.yml
      
      # ...
      
      nelmio_cors:
          defaults:
              allow_credentials: false
              allow_origin: []
              allow_headers: []
              allow_methods: []
              expose_headers: []
              max_age: 0
              hosts: []
              origin_regex: false
              forced_allow_origin_value: ~
          paths:
              '^/shop-api/':
                  allow_origin: ['*']
                  allow_headers: ['Content-Type', 'authorization']
                  allow_methods: ['POST', 'PUT', 'GET', 'DELETE', 'OPTIONS']
                  max_age: 3600

Additional features

Attributes

If you would like to receive serialized attributes you need to define an array of theirs codes under shop_api.included_attributes key. E.g.

shop_api:
    included_attributes:
        - "MUG_MATERIAL_CODE"

Authorization

By default no authorization is provided together with this bundle. But it is tested to work along with LexikJWTAuthenticationBundle In order to check example configuration check

From the test app.

Testing

The application can be tested with API Test Case. In order to run test suite execute the following command:

$ bin/phpunit

Security issues

If you think that you have found a security issue, please do not use the issue tracker and do not post it publicly. Instead, all security issues must be sent to security@sylius.com.