通过邮递员/Shopify 创建 Shopify 订单 API
Creating a Shopify Order via postman / Shopify API
我 运行 进入 this tutorial using every technology in the world which is supposed to show how to build a react app from the ground up to leverage the shopify API. However there also this page 描述一个简单的 API 调用来完成或多或少我需要的东西。
目标是在 shopify 系统中建立一个完全自定义(极其简单)的结帐流程。它会是这样的:
Stripe 购买成功 -> shopify 订单已保存 -> 感谢页面重定向。
编辑:https://api_key:api_secret.@my-store.myshopify.com/admin/api/2019-07/orders.json 格式似乎解决了身份验证问题。来电:
GET https://key:secret@my-test-store.myshopify.com/admin/api/2019-07/orders.json
return很愉快
{
"orders": []
} 所以认证没问题。
但是,做一个 POST https://key:secret@my-test-store.myshopify.com/admin/api/2019-07/orders.json
似乎 return 一个神秘的页面,而不是像这样的错误(这只会导致您的演示 store/app):
所以,总而言之,我有一家商店,一个授权应用程序(已成功通过身份验证),那么如何以编程方式为 existing SKU 添加订单?
您确定请求中没有 cookie 吗?因为如果我添加 cookie,我可以重现您的确切问题。
使用 curl 可能更容易,以便绝对清楚正在 post 编辑的内容。例如:
# Edit to change app hostname, key/secret, and product/variant/customer ids
curl -X POST 'https://key:secret@so57018447.myshopify.com/admin/api/2019-07/orders.json' \
-H 'Content-Type: application/json' \
-d '{
"order": {
"line_items": [
{
"product_id": 2017449607219,
"variant_id": 17985741619251,
"quantity": 1
}
],
"customer": {
"id": 1257159000115
},
"financial_status": "pending"
}
}
'
回复:
{
"order": {
"id":952834392115,
"email":"",
"closed_at":null,
"created_at":"2019-07-15T14:38:18-04:00",
...
但是如果你想坚持使用 Postman,这里是支持的屏幕截图,显示没有 cookie 成功,以及失败:
确认没有设置 cookie:
成功post到orders.json端点:
现在,添加一个 cookie:
我得到了你问题中显示的回复:
如果您阅读了私有应用程序的文档
Shopify doesn't support cookies in POST requests that use basic HTTP authentication. Any POST requests that use basic authentication and include cookies will fail with a 200 error code. Using cookies with basic authentication can expose your app to CSRF attacks, such as session hijacking.
https://help.shopify.com/en/api/getting-started/authentication/private-authentication
这是故意的,在客户端这样做是犯罪行为。如果您在服务器端做某事,那么可以使用基本身份验证。但是在客户端你不应该使用它
如果你想在 postman 中使用,那么你需要将它与 access_token
一起使用
Private apps can authenticate with Shopify by including the request header X-Shopify-Access-Token: {access_token}, where {access_token} is replaced by your private app's Admin API password.
我 运行 进入 this tutorial using every technology in the world which is supposed to show how to build a react app from the ground up to leverage the shopify API. However there also this page 描述一个简单的 API 调用来完成或多或少我需要的东西。
目标是在 shopify 系统中建立一个完全自定义(极其简单)的结帐流程。它会是这样的:
Stripe 购买成功 -> shopify 订单已保存 -> 感谢页面重定向。
编辑:https://api_key:api_secret.@my-store.myshopify.com/admin/api/2019-07/orders.json 格式似乎解决了身份验证问题。来电:
GET https://key:secret@my-test-store.myshopify.com/admin/api/2019-07/orders.json
return很愉快
{
"orders": []
} 所以认证没问题。
但是,做一个 POST https://key:secret@my-test-store.myshopify.com/admin/api/2019-07/orders.json
似乎 return 一个神秘的页面,而不是像这样的错误(这只会导致您的演示 store/app):
所以,总而言之,我有一家商店,一个授权应用程序(已成功通过身份验证),那么如何以编程方式为 existing SKU 添加订单?
您确定请求中没有 cookie 吗?因为如果我添加 cookie,我可以重现您的确切问题。
使用 curl 可能更容易,以便绝对清楚正在 post 编辑的内容。例如:
# Edit to change app hostname, key/secret, and product/variant/customer ids
curl -X POST 'https://key:secret@so57018447.myshopify.com/admin/api/2019-07/orders.json' \
-H 'Content-Type: application/json' \
-d '{
"order": {
"line_items": [
{
"product_id": 2017449607219,
"variant_id": 17985741619251,
"quantity": 1
}
],
"customer": {
"id": 1257159000115
},
"financial_status": "pending"
}
}
'
回复:
{
"order": {
"id":952834392115,
"email":"",
"closed_at":null,
"created_at":"2019-07-15T14:38:18-04:00",
...
但是如果你想坚持使用 Postman,这里是支持的屏幕截图,显示没有 cookie 成功,以及失败:
确认没有设置 cookie:
成功post到orders.json端点:
现在,添加一个 cookie:
我得到了你问题中显示的回复:
如果您阅读了私有应用程序的文档
Shopify doesn't support cookies in POST requests that use basic HTTP authentication. Any POST requests that use basic authentication and include cookies will fail with a 200 error code. Using cookies with basic authentication can expose your app to CSRF attacks, such as session hijacking.
https://help.shopify.com/en/api/getting-started/authentication/private-authentication
这是故意的,在客户端这样做是犯罪行为。如果您在服务器端做某事,那么可以使用基本身份验证。但是在客户端你不应该使用它
如果你想在 postman 中使用,那么你需要将它与 access_token
Private apps can authenticate with Shopify by including the request header
X-Shopify-Access-Token: {access_token}, where{access_token}is replaced by your private app's Admin API password.