This repository contains a plugin that extends the Sylius eCommerce platform with an API in JSON that allows performing all standard shop operations from the customer perspective.
The latest documentation is available here. If you are looking for more information how the system works have a look at the cookbook
IMPORTANT NOTE: Before installing SyliusShopApiPlugin, you should disable all SyliusShopBundle's dependencies. You cannot use these packages together.
-
Run
composer require sylius/shop-api-pluginand, when asked if you want to execute the Flex recipe, answer 'Yes'. -
Extend config files:
- Add SyliusShopApi to
config/bundles.php.
// config/bundles.php return [ Sylius\ShopApiPlugin\SyliusShopApiPlugin::class => ['all' => true], ];
- Add
- { path: '^/shop-api', priorities: ['json'], fallback_format: json, prefer_extension: true }tofos_rest.format_listener.rulessection inconfig/packages/fos_rest.yamlfile and import config from Plugin.
# config/packages/_sylius_shop_api.yaml imports: # <-- Add this section if it does not already exist and add the lines below # ... - { resource: "@SyliusShopApiPlugin/Resources/config/app/config.yml" } - { resource: "@SyliusShopApiPlugin/Resources/config/app/sylius_mailer.yml" } # config/packages/fos_rest.yaml fos_rest: # ... format_listener: rules: - { path: '^/shop-api', priorities: ['json'], fallback_format: json, prefer_extension: true } # <-- Add this - { path: '^/api', priorities: ['json', 'xml'], fallback_format: json, prefer_extension: true } - { path: '^/', stop: true }
- Add new routes file to import routes from the SyliusShopApiPlugin
# config/routes/sylius_shop_api.yaml sylius_shop_api: resource: "@SyliusShopApiPlugin/Resources/config/routing.yml"
-
Configure firewall
- Change
sylius.security.shop_regexparameter to excludeshop-apiprefix also - Add ShopAPI regex parameter
sylius_shop_api.security.regex: "^/shop-api" - Add ShopAPI firewall config:
-
Symfony 6:
# config/packages/security.yaml parameters: # ... sylius.security.shop_regex: "^/(?!admin|api/.*|api$|shop-api|media/.*)[^/]++" # shop-api has been added inside the brackets sylius_shop_api.security.regex: "^/shop-api" # ... security: firewalls: // ... sylius_shop_api: pattern: "%sylius_shop_api.security.regex%" stateless: true entry_point: jwt provider: sylius_shop_user_provider json_login: check_path: /shop-api/login username_path: email password_path: password success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure jwt: true access_control: - { path: "%sylius_shop_api.security.regex%/address-book", role: ROLE_USER} - { path: "%sylius_shop_api.security.regex%/me", role: ROLE_USER}
-
Symfony 5:
# config/packages/security.yaml parameters: # ... sylius.security.shop_regex: "^/(?!admin|api/.*|api$|shop-api|media/.*)[^/]++" # shop-api has been added inside the brackets sylius_shop_api.security.regex: "^/shop-api" # ... security: firewalls: // ... sylius_shop_api: pattern: "%sylius_shop_api.security.regex%" stateless: true anonymous: true provider: sylius_shop_user_provider json_login: check_path: /shop-api/login username_path: email password_path: password success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure guard: authenticators: - lexik_jwt_authentication.jwt_token_authenticator access_control: - { path: "%sylius_shop_api.security.regex%/address-book", role: ROLE_USER} - { path: "%sylius_shop_api.security.regex%/me", role: ROLE_USER}
-
- Change
-
(optional) if you have installed
nelmio/NelmioCorsBundlefor Support of Cross-Origin Ajax Request,- Add the NelmioCorsBundle to the AppKernel
// config/bundles.php return [ Nelmio\CorsBundle\NelmioCorsBundle::class => ['all' => true], ];
- Add the new configuration file
# config/packages/nelmio_cors.yml # ... nelmio_cors: defaults: allow_credentials: false allow_origin: [] allow_headers: [] allow_methods: [] expose_headers: [] max_age: 0 hosts: [] origin_regex: false forced_allow_origin_value: ~ paths: '^/shop-api/': allow_origin: ['*'] allow_headers: ['Content-Type', 'authorization'] allow_methods: ['POST', 'PUT', 'GET', 'DELETE', 'PATCH', 'OPTIONS'] max_age: 3600
- Add SyliusShopApi to
Sample configuration of Shop API can be found here: https://github.com/Sylius/SyliusDemo/commit/4872350dcd6c987d54dec1f365b4bb890d7183c9
If you would like to receive serialized attributes you need to define an array of theirs codes under sylius_shop_api.included_attributes key. E.g.
# config/packages/sylius_shop_api.yml
sylius_shop_api:
included_attributes:
- "MUG_MATERIAL_CODE"This plugin comes with an integration with LexikJWTAuthenticationBundle. More information about security customizations may be found there.
The application can be tested with API Test Case. In order to run test suite execute the following commands:
$ cp tests/Application/.env.test.dist tests/Application/.env.test
$ set -a && source tests/Application/.env.test && set +a
$ (cd tests/Application && bin/console doctrine:database:create -e test)
$ (cd tests/Application && bin/console doctrine:schema:create -e test)
$ vendor/bin/phpunitThe application can be also tested with PHPSpec:
$ vendor/bin/phpspec runIf you think that you have found a security issue, please do not use the issue tracker and do not post it publicly.
Instead, all security issues must be sent to security@sylius.com.
This library is officially maintained by Sylius together with the following contributors outside of the organization:
This projects follows Semantic Versioning. Shop API release cycle is independent from Sylius release cycle.
Next major releases are not planned yet. Minor and patch releases will be published as needed.
We provide bug fixes only for the most recent minor release. We provide security fixes for one year since the release of subsequent minor release.
| Version | Release date | End of support |
|---|---|---|
| 1.0 | 23rd Nov 2019 | 19th June 2021 |
| 1.1 | 19th June 2020 | 08th December 2020 |
| 1.2 | 08th December 2020 | 22th April 2021 |
| 1.2.1 | 22th April 2021 | 22th April 2021 |
| 1.3 | 22th April 2021 | 22th April 2021 |
| 1.3.1 | 22th April 2021 | 30th June 2021 |
| 1.4 | 30th June 2021 | 06th July 2021 |
| 1.4.1 | 06th July 2021 | 20th July 2022 |
| 1.5 | 20th July 2022 | 21th July 2022 |
| 1.5.1 | 21th July 2022 | 13th January 2023 |
| 1.6 | 13th January 2023 |