Sha256: a2329b185994e3c19b5f9fadbfbc5c09f9ebb584ef7e1ab3ac94420fe99786f0
Contents?: true
Size: 1.26 KB
Versions: 2
Compression:
Stored size: 1.26 KB
Contents
module DiscoApp
module Flow
module Concerns
module ActionsController
extend ActiveSupport::Concern
included do
before_action :verify_flow_action
before_action :find_shop
protect_from_forgery with: :null_session
end
def create_flow_action
DiscoApp::Flow::CreateAction.call(
shop: @shop,
action_id: params[:id],
action_run_id: params[:action_run_id],
properties: params[:properties]
)
head :ok
end
private
def verify_flow_action
return head :unauthorized unless flow_action_is_valid?
request.body.rewind
end
# Shopify Flow action endpoints use the same verification method as webhooks, which is why we reuse this
# service method here.
def flow_action_is_valid?
DiscoApp::WebhookService.valid_hmac?(
request.body.read.to_s,
ShopifyApp.configuration.secret,
request.headers['HTTP_X_SHOPIFY_HMAC_SHA256']
)
end
def find_shop
@shop = DiscoApp::Shop.find_by!(shopify_domain: params[:shopify_domain])
end
end
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| disco_app-0.17.0 | app/controllers/disco_app/flow/concerns/actions_controller.rb |
| disco_app-0.18.0 | app/controllers/disco_app/flow/concerns/actions_controller.rb |