This repository contains a plugin that extends the Sylius eCommerce platform with an API in JSON that allows performing all standard shop operations from the customer perspective.
The latest documentation is available here.
Before installing SyliusShopApiPlugin, you should disable all SyliusShopBundle's dependencies. You cannot use these packages together.
-
Run
composer require sylius/shop-api-plugin
and, when asked if you want to execute the Flex recipe, answer 'Yes'. -
Extend config files:
- Add SyliusShopApi to
config/bundles.php
.
// config/bundles.php return [ Sylius\ShopApiPlugin\SyliusShopApiPlugin::class => ['all' => true], ];
- Add
- { path: '^/shop-api', priorities: ['json'], fallback_format: json, prefer_extension: true }
tofos_rest.format_listener.rules
section inconfig/packages/fos_rest.yaml
file and import config from Plugin.
# app/config/config.yml imports: # <-- Add this section if it does not already exist and add the lines below # ... - { resource: "@SyliusShopApiPlugin/Resources/config/app/config.yml" } - { resource: "@SyliusShopApiPlugin/Resources/config/app/sylius_mailer.yml" } # ... fos_rest: # ... format_listener: rules: - { path: '^/shop-api', priorities: ['json'], fallback_format: json, prefer_extension: true } # <-- Add this - { path: '^/api', priorities: ['json', 'xml'], fallback_format: json, prefer_extension: true } - { path: '^/', stop: true }
- Adjust checkout configuration to not collide with Sylius shop API. For example (assuming, that you are using regular Sylius security definition):
# config/packages/sylius_shop.yaml sylius_shop: checkout_resolver: pattern: "%sylius.security.shop_regex%/checkout/.+"
- Add new routes file to import routes from the SyliusShopApiPlugin
# config/routes/sylius_shop_api.yaml sylius_shop_api: resource: "@SyliusShopApiPlugin/Resources/config/routing.yml"
- Configure firewall
- Change
sylius.security.shop_regex
parameter to excludeshop-api
prefix also - Add ShopAPI regex parameter
shop_api.security.regex: "^/shop-api"
- Add ShopAPI firewall config:
- Change
# config/packages/security.yaml parameters: # ... sylius.security.shop_regex: "^/(?!admin|api/.*|api$|shop-api|media/.*)[^/]++" # shop-api has been added inside the brackets sylius_shop_api.security.regex: "^/shop-api" # ... security: firewalls: // ... sylius_shop_api: pattern: "%sylius_shop_api.security.regex%" stateless: true anonymous: true provider: sylius_shop_user_provider json_login: check_path: /shop-api/login username_path: email password_path: password success_handler: lexik_jwt_authentication.handler.authentication_success failure_handler: lexik_jwt_authentication.handler.authentication_failure guard: authenticators: - lexik_jwt_authentication.jwt_token_authenticator
-
(optional) if you have installed
nelmio/NelmioCorsBundle
for Support of Cross-Origin Ajax Request,- Add the NelmioCorsBundle to the AppKernel
// config/bundles.php return [ Nelmio\CorsBundle\NelmioCorsBundle:class => ['all' => true], ];
- Add the new configuration file
# config/packages/nelmio_cors.yml # ... nelmio_cors: defaults: allow_credentials: false allow_origin: [] allow_headers: [] allow_methods: [] expose_headers: [] max_age: 0 hosts: [] origin_regex: false forced_allow_origin_value: ~ paths: '^/shop-api/': allow_origin: ['*'] allow_headers: ['Content-Type', 'authorization'] allow_methods: ['POST', 'PUT', 'GET', 'DELETE', 'OPTIONS'] max_age: 3600
- Add SyliusShopApi to
If you would like to receive serialized attributes you need to define an array of theirs codes under sylius_shop_api.included_attributes
key. E.g.
sylius_shop_api:
included_attributes:
- "MUG_MATERIAL_CODE"
This plugin comes with an integration with LexikJWTAuthenticationBundle. More information about security customizations may be found there.
The application can be tested with API Test Case. In order to run test suite execute the following commands:
$ cp tests/Application/.env.test.dist tests/Application/.env.test
$ set -a && source tests/Application/.env.test && set +a
$ (cd tests/Application && bin/console doctrine:database:create -e test)
$ (cd tests/Application && bin/console doctrine:schema:create -e test)
$ vendor/bin/phpunit
The application can be also tested with PHPSpec:
$ vendor/bin/phpspec run
If you think that you have found a security issue, please do not use the issue tracker and do not post it publicly.
Instead, all security issues must be sent to [email protected]
.
This library is officially maintained by Sylius together with the following contributors outside of the organization: