sylius / shop-api-plugin
Shop API for Sylius E-Commerce.
Installs: 287 778
Dependents: 1
Suggesters: 0
Security: 0
Stars: 129
Watchers: 28
Forks: 89
Open Issues: 51
Type:sylius-plugin
Requires
- php: ^8.0
- doctrine/doctrine-bundle: ^2.0
- lexik/jwt-authentication-bundle: ^2.5
- sylius/sylius: ~1.11.10 || ~1.12.0
- symfony/messenger: ^5.4 || ^6.0
Requires (Dev)
- lchrusciel/api-test-case: ^5.1
- matthiasnoback/symfony-config-test: ^4.0
- matthiasnoback/symfony-dependency-injection-test: ^4.0
- phpspec/phpspec: ^7.0
- phpstan/phpstan: ^1.8
- phpstan/phpstan-webmozart-assert: ^1.2
- phpunit/phpunit: ^9.0
- sylius-labs/coding-standard: ^4.0
- symfony/debug-bundle: ^5.4 || ^6.0
- symfony/dotenv: ^5.4 || ^6.0
- symfony/web-profiler-bundle: ^5.4 || ^6.0
- symfony/webpack-encore-bundle: ^1.15
Suggests
- nelmio/cors-bundle: allows you to send Cross-Origin Ajax API Request
- 1.7.x-dev
- 1.6.x-dev
- v1.6.0
- 1.5.x-dev
- v1.5.1
- v1.5.0
- 1.4.x-dev
- v1.4.1
- v1.4.0
- 1.3.x-dev
- v1.3.1
- v1.3.0
- 1.2.x-dev
- v1.2.1
- v1.2.0
- 1.1.x-dev
- v1.1.1
- v1.1.0
- 1.0.x-dev
- v1.0.0
- v1.0.0-rc.3
- v1.0.0-rc.2
- v1.0.0-rc.1
- v1.0.0-beta.21
- v1.0.0-beta.20
- v1.0.0-beta.19
- v1.0.0-beta.18
- v1.0.0-beta.17
- v1.0.0-beta.16
- v1.0.0-beta.15
- v1.0.0-beta.14
- v1.0.0-beta.13
- v1.0.0-beta.12
- v1.0.0-beta.11
- v1.0.0-beta.10
- v1.0.0-beta.9
- v1.0.0-beta.8
- v1.0.0-beta.7
- v1.0.0-beta.6
- v1.0.0-beta.5
- v1.0.0-beta.4
- v1.0.0-beta.3
- v1.0.0-beta.2
- v1.0.0-beta.1
- v1.0.0-alpha.3
- v1.0.0-alpha.2
- v1.0.0-alpha.1
This package is auto-updated.
Last update: 2024-12-11 21:30:43 UTC
README
Sylius Shop API
This repository contains a plugin that extends the Sylius eCommerce platform with an API in JSON that allows performing all standard shop operations from the customer perspective.
Documentation
The latest documentation is available here. If you are looking for more information how the system works have a look at the cookbook
Installation
IMPORTANT NOTE: Before installing SyliusShopApiPlugin, you should disable all SyliusShopBundle's dependencies. You cannot use these packages together.
-
Run
composer require sylius/shop-api-plugin
and, when asked if you want to execute the Flex recipe, answer 'Yes'. -
Extend config files:
- Add SyliusShopApi to
config/bundles.php
.
// config/bundles.php return [ Sylius\ShopApiPlugin\SyliusShopApiPlugin::class => ['all' => true], ];
- Add
- { path: '^/shop-api', priorities: ['json'], fallback_format: json, prefer_extension: true }
tofos_rest.format_listener.rules
section inconfig/packages/fos_rest.yaml
file and import config from Plugin.
# config/packages/_sylius_shop_api.yaml imports: # <-- Add this section if it does not already exist and add the lines below # ... - { resource: "@SyliusShopApiPlugin/Resources/config/app/config.yml" } - { resource: "@SyliusShopApiPlugin/Resources/config/app/sylius_mailer.yml" } # config/packages/fos_rest.yaml fos_rest: # ... format_listener: rules: - { path: '^/shop-api', priorities: ['json'], fallback_format: json, prefer_extension: true } # <-- Add this - { path: '^/api', priorities: ['json', 'xml'], fallback_format: json, prefer_extension: true } - { path: '^/', stop: true }
- Add new routes file to import routes from the SyliusShopApiPlugin
# config/routes/sylius_shop_api.yaml sylius_shop_api: resource: "@SyliusShopApiPlugin/Resources/config/routing.yml"
-
Configure firewall
- Change
sylius.security.shop_regex
parameter to excludeshop-api
prefix also - Add ShopAPI regex parameter
sylius_shop_api.security.regex: "^/shop-api"
- Add ShopAPI firewall config:
-
Symfony 6:
# config/packages/security.yaml parameters: # ... sylius.security.shop_regex: "^/(?!admin|api/.*|api$|shop-api|media/.*)[^/]++" # shop-api has been added inside the brackets sylius_shop_api.security.regex: "^/shop-api" # ... security: firewalls: // ... sylius_shop_api: pattern: "%sylius_shop_api.security.regex%" stateless: true entry_point: jwt provider: sylius_shop_user_provider json_login: check_path: /shop-api/login username_path: email password_path: password success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure jwt: true access_control: - { path: "%sylius_shop_api.security.regex%/address-book", role: ROLE_USER} - { path: "%sylius_shop_api.security.regex%/me", role: ROLE_USER}
-
Symfony 5:
# config/packages/security.yaml parameters: # ... sylius.security.shop_regex: "^/(?!admin|api/.*|api$|shop-api|media/.*)[^/]++" # shop-api has been added inside the brackets sylius_shop_api.security.regex: "^/shop-api" # ... security: firewalls: // ... sylius_shop_api: pattern: "%sylius_shop_api.security.regex%" stateless: true anonymous: true provider: sylius_shop_user_provider json_login: check_path: /shop-api/login username_path: email password_path: password success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure guard: authenticators: - lexik_jwt_authentication.jwt_token_authenticator access_control: - { path: "%sylius_shop_api.security.regex%/address-book", role: ROLE_USER} - { path: "%sylius_shop_api.security.regex%/me", role: ROLE_USER}
-
- Change
-
(optional) if you have installed
nelmio/NelmioCorsBundle
for Support of Cross-Origin Ajax Request,- Add the NelmioCorsBundle to the AppKernel
// config/bundles.php return [ Nelmio\CorsBundle\NelmioCorsBundle::class => ['all' => true], ];
- Add the new configuration file
# config/packages/nelmio_cors.yml # ... nelmio_cors: defaults: allow_credentials: false allow_origin: [] allow_headers: [] allow_methods: [] expose_headers: [] max_age: 0 hosts: [] origin_regex: false forced_allow_origin_value: ~ paths: '^/shop-api/': allow_origin: ['*'] allow_headers: ['Content-Type', 'authorization'] allow_methods: ['POST', 'PUT', 'GET', 'DELETE', 'PATCH', 'OPTIONS'] max_age: 3600
- Add SyliusShopApi to
Sample configuration of Shop API can be found here: https://github.com/Sylius/SyliusDemo/commit/4872350dcd6c987d54dec1f365b4bb890d7183c9
Additional features
Attributes
If you would like to receive serialized attributes you need to define an array of theirs codes under sylius_shop_api.included_attributes
key. E.g.
# config/packages/sylius_shop_api.yml sylius_shop_api: included_attributes: - "MUG_MATERIAL_CODE"
This plugin comes with an integration with LexikJWTAuthenticationBundle. More information about security customizations may be found there.
Testing
The application can be tested with API Test Case. In order to run test suite execute the following commands:
$ cp tests/Application/.env.test.dist tests/Application/.env.test $ set -a && source tests/Application/.env.test && set +a $ (cd tests/Application && bin/console doctrine:database:create -e test) $ (cd tests/Application && bin/console doctrine:schema:create -e test) $ vendor/bin/phpunit
The application can be also tested with PHPSpec:
$ vendor/bin/phpspec run
Security issues
If you think that you have found a security issue, please do not use the issue tracker and do not post it publicly.
Instead, all security issues must be sent to security@sylius.com
.
Maintenance
This library is officially maintained by Sylius together with the following contributors outside of the organization:
Release cycle
This projects follows Semantic Versioning. Shop API release cycle is independent from Sylius release cycle.
Next major releases are not planned yet. Minor and patch releases will be published as needed.
We provide bug fixes only for the most recent minor release. We provide security fixes for one year since the release of subsequent minor release.