Feature/cookieless - Billing, Turbo (gnikyt#772)

* add turbo support

* change name for test package

* add get token helper

* add missing auth url exception

* added billing to allowed routes, change token receipt

* exception added to prevent loop redirects if authorization link is empty

* added billing payments with tokens

* change middleware

* return name

* remove session helper

* add shop domain to request

* turbolinks auth token to header

* usage charge billing

* remove shopQuery

* remove unused classes

* change middleware

src/ShopifyApp/Actions/AuthenticateShop.php

@@ -88,6 +88,7 @@ public function __invoke(Request $request): array
             ShopDomain::fromNative($request->get('shop')),
             $request->query('code')
         );
+
         if (! $result['completed']) {
             // No code, redirect to auth URL
             return [$result, false];

src/ShopifyApp/Exceptions/MissingAuthUrlException.php

@@ -0,0 +1,10 @@
+<?php
+
+namespace Osiset\ShopifyApp\Exceptions;
+
+/**
+ * Exception for handling a missing shop's myshopify domain.
+ */
+class MissingAuthUrlException extends BaseException
+{
+}

src/ShopifyApp/Http/Middleware/VerifyShopify.php

@@ -22,6 +22,7 @@
 use Osiset\ShopifyApp\Objects\Values\NullShopDomain;
 use Osiset\ShopifyApp\Objects\Values\NullableSessionId;
 use Osiset\ShopifyApp\Contracts\ApiHelper as IApiHelper;
+use function Osiset\ShopifyApp\getAccessTokenFromRequest;
 use Osiset\ShopifyApp\Contracts\Queries\Shop as IShopQuery;
 use Osiset\ShopifyApp\Exceptions\SignatureVerificationException;
 use Osiset\ShopifyApp\Contracts\Objects\Values\ShopDomain as ShopDomainValue;
@@ -104,13 +105,13 @@ public function handle(Request $request, Closure $next)
             throw new SignatureVerificationException('Unable to verify signature.');
         }
 
-        // Continue if current route is an auth route
-        if (Str::startsWith($request->getRequestUri(), '/authenticate')) {
+        // Continue if current route is an auth or billing route
+        if (Str::startsWith($request->getRequestUri(), ['/authenticate', '/billing'])) {
             return $next($request);
         }
 
-        // Get the token (if available)
-        $tokenSource = $request->ajax() ? $request->bearerToken() : $request->get('token');
+        $tokenSource = getAccessTokenFromRequest($request);
+
         if ($tokenSource === null) {
             // Not available, we need to get one
             return $this->handleMissingToken($request);

src/ShopifyApp/resources/config/shopify-app.php

@@ -383,4 +383,14 @@
     */
 
     'config_api_callback' => null,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Enable Turbolinks or Hotwire Turbo
+    |--------------------------------------------------------------------------
+    |
+    | If you use Turbolinks / Turbo And Livewire turn on this setting to get the token
+    |
+    */
+    'turbo_enabled' => false,
 ];

src/ShopifyApp/resources/views/layouts/default.blade.php

@@ -28,6 +28,19 @@
                     forceRedirect: true,
                 });
             </script>
+            @if(\Osiset\ShopifyApp\getShopifyConfig('turbo_enabled'))
+            <script>
+                document.addEventListener("turbolinks:request-start", (event) => {
+                    utils.getSessionToken(app).then((token) => {
+                        let xhr = event.data.xhr;
+                        xhr.open('GET', event.data.url, true);
+                        xhr.setRequestHeader("Authorization", "Bearer " + token);
+                        xhr.send();
+                    });
+                });
+
+            </script>
+            @endif
 
             @include('shopify-app::partials.flash_messages')
         @endif