定制 kyon147/laravel-shopify 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

kyon147/laravel-shopify

Composer 安装命令:

composer require kyon147/laravel-shopify

包简介

Shopify package for Laravel to aide in app development

README 文档

README

Tests codecov License

This is a maintained version of the wonderful but now deprecated original Laravel Shopify App. To keep things clean, this has been detached from the original.

To install this package run:

composer require kyon147/laravel-shopify

Publish the config file:

php artisan vendor:publish --tag=shopify-config

A full-featured Laravel package for aiding in Shopify App development, similar to shopify_app for Rails. Works for Laravel 8 and up.

Screenshot Screenshot: Billable

Table of Contents

* Wiki pages

For more information, tutorials, etc., please view the project's wiki.

Goals

  • Per User Auth Working
  • Better support for SPA apps using VueJS
  • Getting "Blade" templates working better with Shopify's new auth process???

Documentation

For full resources on this package, see the wiki.

Expiring offline access tokens

Shopify requires expiring offline access tokens for new public apps created on or after April 1, 2026. This package supports them when enabled:

  1. Run package migrations so your shops table includes shopify_offline_refresh_token, shopify_offline_access_token_expires_at, and shopify_offline_refresh_token_expires_at.
  2. Set SHOPIFY_EXPIRING_OFFLINE_TOKENS=true in .env (see expiring_offline_tokens, auto_migrate_legacy, offline_access_token_refresh_skew_seconds, and offline_refresh_token_renewal_days in config/shopify-app.php).
  3. Keep APP_KEY stable: refresh tokens are stored encrypted with Laravel’s encrypter.

Authorization code exchange, session-token exchange, and refresh_token grants are handled inside this package (Osiset\ShopifyApp\Services\ApiHelper and OfflineAccessTokenRefresher), not via gnikyt/basic-shopify-api updates. A valid access token is refreshed automatically before apiHelper() builds the API session when the offline token is expired or within the configured skew.

Migrating existing installs (optional): Shops that already have a non-expiring offline token are not upgraded automatically when you enable the flag alone. Options:

  • Passive (default): With SHOPIFY_AUTO_MIGRATE_LEGACY=true (default), the first apiHelper() call for a legacy shop runs Shopify Step 4 token exchange synchronously. Failures are logged and the request continues with the legacy token (fail-open).
  • Batch CLI (serverless-safe): php artisan shopify-app:migrate-expiring-offline-tokens (--dry-run, --shop=example.myshopify.com, --queue=, --connection=) chunks matching shops and dispatches MigrateShopTokenJob to the queue — no HTTP in the command itself (suitable for Laravel Vapor). Without --queue= / config, jobs use the app default queue. Set SHOPIFY_MIGRATE_OFFLINE_TOKENS_JOB_QUEUE / SHOPIFY_MIGRATE_OFFLINE_TOKENS_JOB_CONNECTION (or matching job_queues / job_connections keys) for a dedicated worker.
  • Action: MigrateShopToExpiringOfflineAccessToken — call per shop from your own code; returns migrated, skipped, reason, and error keys.
  • API: ApiHelper::exchangeNonExpiringOfflineTokenForExpiring($shopDomain, $currentOfflineToken) then persist with ShopCommand::setAccessToken.

Migration is one-way: Shopify revokes the old token on successful exchange.

Proactive renewal for dormant shops (optional): Refresh tokens expire after ~90 days. If a shop has no API activity (webhooks, scheduled jobs, etc.) for that long, tokens can lapse. The package provides an opt-in CLI that queues renewal for shops whose refresh token expires within a configurable window (default 14 days via SHOPIFY_OFFLINE_REFRESH_TOKEN_RENEWAL_DAYS):

  • Batch CLI: php artisan shopify-app:refresh-expiring-offline-tokens (--dry-run, --shop=example.myshopify.com, --days=14, --queue=, --connection=) chunks matching shops and dispatches RefreshShopOfflineTokenJob to the queue. Use SHOPIFY_REFRESH_OFFLINE_TOKENS_JOB_QUEUE / SHOPIFY_REFRESH_OFFLINE_TOKENS_JOB_CONNECTION (or CLI overrides) to target a dedicated worker; otherwise jobs use the app default queue.
  • Scheduler (app-owned): the package does not register a schedule automatically. Add to your app's routes/console.php or Kernel:
Schedule::command('shopify-app:refresh-expiring-offline-tokens')->daily();

Long-running jobs: Token refresh runs when the API client is first built ($shop->api() / $shop->apiHelper()). If a job reuses the same shop model for hours, the cached client keeps the old access token even after expiry. Options:

  • Opt-in config: SHOPIFY_REFRESH_OFFLINE_TOKEN_BEFORE_API_CALL=true re-checks expiry before each api() / apiHelper() call and rebuilds the client when needed.
  • Manual helpers on your shop model:
    • $shop->offlineAccessTokenIsFresh()true when the token is outside the refresh skew window
    • $shop->refreshOfflineAccessTokenIfNeeded() — refreshes via Shopify and clears the cached client
    • $shop->resetApiClient() — clears the cached client so the next API call rebuilds it
// Per loop iteration in a bulk job
if (! $shop->offlineAccessTokenIsFresh()) {
    $shop->refreshOfflineAccessTokenIfNeeded();
}
$shop->api()->graph('...');

If your User model overrides $casts, merge datetime casts for the two *_expires_at columns (the ShopModel trait uses mergeCasts when initializeShopModel runs).

Longer term, consider replacing or forking gnikyt/basic-shopify-api for REST/Graph traffic if you need an actively maintained HTTP client; expiring offline OAuth is already decoupled from that dependency.

Issue or request?

If you have found a bug or would like to request a feature for discussion, please use the ISSUE_TEMPLATE in this repo when creating your issue. Any issue submitted without this template will be closed.

License

This project is released under the MIT license.

Misc

Repository

Contributors

Contributions are always welcome! Contibutors are updated each release, pulled from Github. See CONTRIBUTORS.txt.

If you're looking to become a contributor, please see CONTRIBUTING.md.

Maintainers

Maintainers are users who manage the repository itself, whether it's managing the issues, assisting in releases, or helping with pull requests.

Currently this repository is maintained by:

Looking to become a maintainer? E-mail @kyon147 directly.

Special Note

I develop this package in my spare time, with a busy family/work life like many of you! So, I would like to thank everyone who's helped me out from submitting PRs, to assisting on issues, and plain using the package (I hope its useful). Cheers.

kyon147/laravel-shopify 适用场景与选型建议

kyon147/laravel-shopify 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 307.73k 次下载、GitHub Stars 达 482, 最近一次更新时间为 2022 年 12 月 16 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「api」 「sdk」 「driver」 「shopify」 「laravel」 「facade」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 kyon147/laravel-shopify 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 kyon147/laravel-shopify 我们能提供哪些服务?
定制开发 / 二次开发

基于 kyon147/laravel-shopify 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 307.73k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 483
  • 点击次数: 31
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 482
  • Watchers: 14
  • Forks: 178
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2022-12-16