This repository contains a plugin that extends the Sylius eCommerce Framework with an API in JSON that allows performing all standard shop operations from the customer perspective.
The latest documentation is available here.
-
Run
composer require sylius/shop-api-pluginand, when asked if you want to execute the Flex recipe, answer 'Yes'. -
Extend config files:
- Add SyliusShopApi to
config/bundles.php.
// config/bundles.php return [ Sylius\ShopApiPlugin\ShopApiPlugin::class => ['all' => true], ];
- Add
- { path: '^/shop-api', priorities: ['json'], fallback_format: json, prefer_extension: true }tofos_rest.format_listener.rulessection inconfig/packages/fos_rest.yamlfile and import config from Plugin.
# app/config/config.yml imports: # <-- Add this section if it does not already exist and add the lines below # ... - { resource: "@ShopApiPlugin/Resources/config/app/config.yml" } - { resource: "@ShopApiPlugin/Resources/config/app/sylius_mailer.yml" } # ... fos_rest: # ... format_listener: rules: - { path: '^/shop-api', priorities: ['json'], fallback_format: json, prefer_extension: true } # <-- Add this - { path: '^/api', priorities: ['json', 'xml'], fallback_format: json, prefer_extension: true } - { path: '^/', stop: true }
- Adjust checkout configuration to not collide with Sylius shop API. For example (assuming, that you are using regular Sylius security definition):
# config/packages/sylius_shop.yaml sylius_shop: checkout_resolver: pattern: "%sylius.security.shop_regex%/checkout/.+"
- Add new routes file to import routes from the ShopApiPlugin
# config/routes/sylius_shop_api.yaml sylius_shop_api: resource: "@ShopApiPlugin/Resources/config/routing.yml"
- Configure firewall
- Change
sylius.security.shop_regexparameter to excludeshop-apiprefix also - Add ShopAPI regex parameter
shop_api.security.regex: "^/shop-api" - Add ShopAPI firewall config:
- Change
# config/packages/security.yaml parameters: # ... sylius.security.shop_regex: "^/(?!admin|api/.*|api$|shop-api|media/.*)[^/]++" # shop-api has been added inside the brackets shop_api.security.regex: "^/shop-api" # ... security: firewalls: // ... shop_api: pattern: "%shop_api.security.regex%" stateless: true anonymous: true
-
(optional) if you have installed
nelmio/NelmioCorsBundlefor Support of Cross-Origin Ajax Request,- Add the NelmioCorsBundle to the AppKernel
// config/bundles.php return [ Nelmio\CorsBundle\NelmioCorsBundle:class => ['all' => true], ];
- Add the new configuration file
# config/packages/nelmio_cors.yml # ... nelmio_cors: defaults: allow_credentials: false allow_origin: [] allow_headers: [] allow_methods: [] expose_headers: [] max_age: 0 hosts: [] origin_regex: false forced_allow_origin_value: ~ paths: '^/shop-api/': allow_origin: ['*'] allow_headers: ['Content-Type', 'authorization'] allow_methods: ['POST', 'PUT', 'GET', 'DELETE', 'OPTIONS'] max_age: 3600
- Add SyliusShopApi to
If you would like to receive serialized attributes you need to define an array of theirs codes under sylius_shop_api.included_attributes key. E.g.
sylius_shop_api:
included_attributes:
- "MUG_MATERIAL_CODE"By default no authorization is provided together with this bundle. But it is tested to work along with LexikJWTAuthenticationBundle In order to check example configuration check
- security.yml
- jwt parameters and jwt config in config.yml
- example rsa keys
- login request
From the test app.
The application can be tested with API Test Case. In order to run test suite execute the following commands:
$ cp tests/Application/.env.test.dist tests/Application/.env.test
$ set -a && source tests/Application/.env.test && set +a
$ (cd tests/Application && bin/console doctrine:database:create -e test)
$ (cd tests/Application && bin/console doctrine:schema:create -e test)
$ vendor/bin/phpunitThe application can be also tested with PHPSpec:
$ vendor/bin/phpspec runIf you think that you have found a security issue, please do not use the issue tracker and do not post it publicly.
Instead, all security issues must be sent to security@sylius.com.
This library is officially maintained by Sylius together with the following contributors outside of the organization: