Negatory. Postpone Mission.
    Have ideas to improve npm?Join in the discussion! »


    0.0.35 • Public • Published

    Plugin to add Shopify authentication to Actionhero

    Still early stages, would love any input!


    To configure your Actionhero server to authenicate with shopify oAuth:

    1. Add this plugin to your actionhero project npm install ah-shopify-auth-plugin. Also, if you want to store your creditnails in a file rather than your server's ENVIRONMENT, you can npm install dotenv.
    2. Include this plugin in your config/plugins.ts.
    import { join } from "path";
    export const DEFAULT = {
      plugins: () => {
        return {
          "ah-shopify-auth-plugin": {
            path: join(__dirname, "..", "node_modules", "ah-shopify-auth-plugin")
    1. Set the required enviornment variables, either in your ENV or .env. This plugin requites SHOPIFY_API_KEY and SHOPIFY_API_SECRET.
    1. Add a shopifyAuth.ts to your config directory with the following:
    const path = require("path");
    export const DEFAULT = {
      shopifyAuth: config => {
        return {
            apiKey: process.env.SHOPIFY_API_KEY,
            apiSecret: process.env.SHOPIFY_API_SECRET,
            scopes: 'read_products',
            ignoredDirectories: ["static"] //array of ignored directories (top level only)
    1. In most cases change your default route in config/servers/web.ts to be "api" rather than "file" (this plugin only authenticates api calls)

    SameSite cookies

    Shopify and chrome now require cookies to be SameSite=none. To do this you need to add these attributes to your sessionID cookie in config/servers/web.ts:

    // Settings for determining the id of an http(s) request (browser-fingerprint)
    fingerprintOptions: {
      cookieKey: "sessionID",
      toSetCookie: true,
      onlyStaticElements: false,
      settings: {
        path: "/",
        expires: 3600000,
        sameSite: "None",
        secure: true

    Processing Auth Token

    Auth Token and scopes are saved on the session object. Like this:

      shopifySession: {
        access_token: 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
        scope: 'read_products',
        shop: ''

    If you need to do something with the Shopify authToken once a user authenticates you can overwrite the function:

    api.shopifyAuth.afterAuth = async (data, shopifySession) => {
        // Overwrite this function process the shopify access token after its been recieved
        log("Shopify Authorization Complete!");

    the data object is the same data object passed to Actionhero actions, and the shopifySession is structured as above.


    npm i ah-shopify-auth-plugin

    DownloadsWeekly Downloads






    Unpacked Size

    54.6 kB

    Total Files


    Last publish


    • avatar