How to make a public app with Python Flask

alexmarginean · ‎07-25-2022

Hi everyone. For the past few weeks I've been trying to make a Shopify Public App with Python Flask but got stuck and I can't seem to find a way to sole my issue. I have researched as much as I could but unfortunately there isn't much documentation on how to do an app from scratch as the docs from Shopify tell you how to get a boilerplate code in Node or Ruby.

This is how my code looks like for now:

SHOPIFY_API_KEY = "<KEY>"
SHOPIFY_SHARED_SECRET = "<KEY>"
API_VERSION = '2022-04'

def shopify_auth_required(function):
	def decorated_function(*args, **kwargs):
		if "shopify_token" not in session:
			return redirect(url_for('install', _external = True, **request.args))

		return function()

	decorated_function.__name__ = function.__name__
	return decorated_function

@app.route('/')
@shopify_auth_required
def index():
	if 'shopify_token' in session:
		return "Token in Session  YAAAAY. Store %s" % (session['shopify_url'])

	return "Hello Shop! :)"

@app.route('/install')
def install():
	shop_url = request.args.get("shop")
	shopify.Session.setup(
		api_key = SHOPIFY_API_KEY,
		secret = SHOPIFY_SHARED_SECRET)

	newSession = shopify.Session(shop_url, API_VERSION)
	scopes = ['read_products', 'read_orders']
	redirect_uri = url_for('callback', _external = True)

	permission_url = newSession.create_permission_url(scopes, redirect_uri)
	return redirect(permission_url)

@app.route('/callback')
def callback():
	shop_url = request.args.get("shop")
	shopify.Session.setup(
		api_key = SHOPIFY_API_KEY,
		secret = SHOPIFY_SHARED_SECRET)

	newSession = shopify.Session(shop_url, API_VERSION)
	token = newSession.request_token(request.args)

	print("-------------------------------------")
	print(token)
	print("-------------------------------------")

	session['shopify_url'] = shop_url
	session['shopify_token'] = token
	session.modified = True

	return redirect(url_for('index', _external = True))

My code seems to partially work as in the app is installing successfully on a store but as soon as you're trying to install it in another store and if cookies from the other one haven't expired it will just redirect you to the other one. Also this method doesn't work at all in embedded form for some reason the session variables are not accessible there.

I would be extremely grateful if someone could help me figure out how I can get this working (I know I'm never clearing the session but I don't know when to do that and also that wouldn't solve the embedding issue).

LetterT · ‎07-25-2022

Have you seen this?

https://community.shopify.com/c/shopify-apis-and-sdks/building-a-shopify-app-using-python-and-flask/...

Don't be shy, click that like button!

alexmarginean · ‎07-25-2022

Hey, I have seen that and multiple resources online but had a lot of trouble understanding most of the parts as it is using a bunch of stuff I'm not familiar with. I was looking if someone could guide me through solving my issues from what I was able to get up and running.

alexmarginean · ‎07-26-2022

Steve, after looking even more at the code trying to understand most of it I have a better understanding now but this code still doesn't work properly and doesn't solve the issue. Same as in my case if you try to install it on another store it won't install. It seems to work only for one store at a time since the ACCESS_TOKEN is a global variable it seems to remain the same if trying to install on another store which is actually worse than what I've done cause my version would be able to install it if you were to try it from incognito or another browser instead.

LetterT · ‎07-27-2022

IMHO The code at https://github.com/garettB/shopify-flask-example is a good starting point if implementing in Python (& Flask) to begin to understand what the installation, authentication flow, etc + ways to make authenticated calls to the Shopify API. That topic in itself is too long to get into in single thread & I think the code speaks for itself in laying it out.

I'm not sure that the code is "plug & play", but I don't think it was ever intended that way. It was meant to demo how things go together. Eg. I don't think anyone's seriously suggesting to run an app that is intended to make money on ngrok 🙂 - it's just for instructional purposes.

Anyway ... ACCESS_TOKEN in the code is on a per store basis, as you've already figured out. That means that you've got to implement your own scheme to authenticate stores as they use your app, then use their ACCESS_TOKEN, etc. So, there's a lot more (eg. databases) that's got to be built on top of what's there.

In addition there's the billing API to deal with on the Shopify end, plus other issues if you're doing an embedded app, so there's much more to deal with to pass the app review.

Making a Shopify app (with Flask) is a lot of work as there are so many aspects, not sure if it would be that much easier other ways. Don't be discouraged, if you can understand what's going on from that code, it's a great start!

Don't be shy, click that like button!

How to make a public app with Python Flask

How to make a public app with Python Flask

Community Blog Articles