jeffrafter
diff --git a/‎server-security.md‎
Lines changed: 30 additions & 1 deletion b/‎server-security.md‎
Lines changed: 30 additions & 1 deletion
diff --git a/‎shopify_api_interaction.md‎
Lines changed: 47 additions & 0 deletions b/‎shopify_api_interaction.md‎
Lines changed: 47 additions & 0 deletions
diff --git a/‎shopify_embedded_app.md‎
Lines changed: 232 additions & 0 deletions b/‎shopify_embedded_app.md‎
Lines changed: 232 additions & 0 deletions
diff --git a/‎ssl.md‎
Lines changed: 1 addition & 1 deletion b/‎ssl.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎starting_a_rails_app.md‎
Lines changed: 20 additions & 0 deletions b/‎starting_a_rails_app.md‎
Lines changed: 20 additions & 0 deletions
@@ -34,7 +34,7 @@ Next edit `/etc/apt/apt.conf.d/10periodic` so it looks like:
 Now we want a user. We'll call this user `deploy`:
 
     useradd -D -s /bin/bash
-    useradd deploy
+    useradd deploy --shell /bin/bash
     mkdir /home/deploy
     mkdir /home/deploy/.ssh
     chmod 700 /home/deploy/.ssh
@@ -244,7 +244,33 @@ For example, on Cloudflare you might have entries like this:
 
 ![Sample DNS config](./images/mail-dns-records.png "DNS")
 
+### Forwarding mail
 
+From [How to setup MX forwarding](http://www.cyberciti.biz/faq/linux-unix-bsd-postfix-forward-email-to-another-account/)
+
+In `/etc/postfix/main.cf` add the following:
+
+    virtual_alias_domains = example.com 
+    virtual_alias_maps = hash:/etc/postfix/virtual
+    
+If you followed the previous section you'll actually need to change your `inet_interfaces` line:
+
+    inet_interfaces = all    
+
+Then in `/etc/postfix/virtual`: 
+
+    # you can add specific virtual emails here for specific forwarding
+    @example.com   [email protected]    
+    
+Then restart the service:
+
+    postmap /etc/postfix/virtual    
+    service postfix reload
+    
+Now that your server can forward email you'll want to ensure the port is open (see the Firewall section below) and that the MX domain records are pointing to your server.    
+
+Test that your server is configured correctly (and is not an open relay) using a service like [http://mxtoolbox.com/diagnostic.aspx](http://mxtoolbox.com/diagnostic.aspx)
+    
 ### Watching the logs
 
 Next get logwatch:
@@ -488,6 +514,7 @@ Note, this means that you won't be able to SSH from a coffee-shop, the office, e
 
     ufw allow 443
     ufw allow 80
+    ufw allow 25
     ufw enable
 
 * [http://blog.viktorpetersson.com/post/101707677489/the-dangers-of-ufw-docker](http://blog.viktorpetersson.com/post/101707677489/the-dangers-of-ufw-docker)
@@ -533,6 +560,8 @@ See [http://ubuntuforums.org/showthread.php?t=862620](http://ubuntuforums.org/sh
 
 ## OSSEC
 
+https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-ossec-security-notifications-on-ubuntu-14-04
+
 ## logstash
 
 ## Jump servers / Bastion servers
@@ -0,0 +1,47 @@
+# Shopify API interaction
+
+You'll want to talk to the API and the best way to do this is using the Shopify API gem. Add the following to your `Gemfile`
+
+    gem 'shopify_api'
+    gem 'rest-client'
+
+Then `bundle`.
+
+## API keys
+
+In order to get started you are going to need to setup your application as a _Private Application_ on your shop. To do this, create a new private application: 
+
+    https://YOURSHOP.myshopify.com/admin/apps/private/new
+
+Once created, go to the application and find the API keys, add them to your `.env`:
+
+    SHOPIFY_API_KEY="YOUR_API_KEY"
+    SHOPIFY_PASSWORD="YOUR_PASSWORD"
+    SHOPIFY_SHOP="YOUR_SHOP_NAME"
+
+
+Once you have the API keys in your `.env` you should import them into your `config/secrets.yml`:
+
+    shopify_api_key: <%= ENV["SHOPIFY_API_KEY"] %>
+    shopify_password: <%= ENV["SHOPIFY_PASSWORD"] %>
+    shopify_shop: <%= ENV["SHOPIFY_SHOP"] %>
+
+
+## Initializer
+
+Once you've setup your API keys you'll want to preload them in an initializer. Create `/config/initializers/shopify.rb`:
+
+    shopify_shop_url = "https://#{Rails.application.secrets.shopify_api_key}:#{Rails.application.secrets.shopify_password}@#{Rails.application.secrets.shopify_shop}.myshopify.com/admin"
+    ShopifyAPI::Base.site = shopify_shop_url
+
+
+## Metafields
+
+
+product.add_metafield(ShopifyAPI::Metafield.new({
+   :description => 'Author of book',
+   :namespace => 'book',
+   :key => 'author',
+   :value => 'Kurt Vonnegut',
+   :value_type => 'string'
+}))
@@ -0,0 +1,232 @@
+# Shopify embedded app
+
+Start with a basic rails application. Then do the following:
+
+* Setup the secrets for the embedded app
+* Add the gems
+* Setup omniauth
+* 
+
+
+## Secrets
+
+Edit your `config/secrets.yml`
+
+    defaults: &defaults
+      shopify_app_api_key: <%= ENV["SHOPIFY_APP_API_KEY"] %>
+      shopify_app_api_secret: <%= ENV["SHOPIFY_APP_API_SECRET"] %>
+
+Add the environment variables to the `.env`:
+
+    SHOPIFY_APP_API_KEY=12345abcdef....
+    SHOPIFY_APP_API_SECRET=12345abcdef....
+    
+    
+## Gems
+
+Add the following to your `Gemfile`:
+
+    gem 'shopify_api'
+    gem 'omniauth'
+    gem 'omniauth-shopify-oauth2', git: 'git://github.com/jeffrafter/omniauth-shopify-oauth2'
+    
+Then `bundle`.
+
+## Setup omniauth
+
+Omniauth is middleware which is setup in an initializer. Create `config/initializers/omniauth.rb`:
+
+    # See http://docs.shopify.com/api/tutorials/oauth for all scopes
+    SHOPIFY_SCOPES = [
+      'read_content',
+      'write_content',
+      'read_products',
+      'write_products',
+      'read_customers',
+      'write_customers',
+      'read_orders'
+    ]
+
+    Rails.application.config.middleware.use OmniAuth::Builder do
+      provider :shopify,
+        Rails.application.secrets.shopify_app_api_key,
+        Rails.application.secrets.shopify_app_api_secret,
+        :scope => SHOPIFY_SCOPES.join(', '),
+        :setup => lambda {|env|
+          params = Rack::Utils.parse_query(env['QUERY_STRING'])
+          site_url = "https://#{params['shop']}"
+          env['omniauth.strategy'].options[:client_options][:site] = site_url
+        }
+    end
+
+
+## Shopify Models
+
+    rails g model shop_session shop_id:integer uid:string access_token:string ip:string user_agent:string access_at:datetime logout_at:datetime revoked_at:datetime
+
+
+    class CreateShopSessions < ActiveRecord::Migration
+      def change
+        create_table :shop_sessions do |t|
+          t.string :url
+          t.string :uid
+          t.string :access_token
+          t.string :ip
+          t.string :user_agent
+          t.datetime :access_at
+          t.datetime :logout_at
+          t.datetime :revoked_at
+
+          t.timestamps null: false
+        end
+
+        add_index :shop_sessions, [:uid, :access_token]
+        add_index :shop_sessions, [:revoked_at, :logout_at, :access_at]
+      end
+    end
+    
+    
+ Add a site method for the API
+ 
+     def site
+       "https://#{self.url}/admin"
+     end
+     
+     def token
+       self.access_token
+     end
+
+## Shopify Controller
+
+In order to handle the interactions in Shopify you will want a specific controller. Create `app/controllers/shopify_controller.rb`:
+
+
+https://gist.github.com/jeffrafter/5f3184de69d6737d2898
+
+
+# Shopify Layout
+
+https://gist.github.com/jeffrafter/a4ac26761d6a5e0552ce
+
+# Views
+
+
+New:
+
+    Shopify new
+
+    <div class="page-header" id="login-header">
+      <h1>Install This App</h1>
+      <h1><small>This app requires you to login to start using it.</small></h1>
+    </div>
+
+    <div style="width:340px; margin:0 auto;">
+      <%= form_tag :shopify_login, method: :get, class: 'form-search' do %>
+        <%= text_field_tag 'shop', nil, placeholder: 'Shop URL', class: 'btn-large' %>
+        <%= submit_tag 'Install', class: 'btn btn-primary btn-large' %>
+      <% end %>
+    </div>
+
+    <p align="center" style="margin-top:30px">
+      <%= image_tag 'shopify.png' %>
+    </p>
+
+Welcome:
+
+
+    Shopify welcome!
+    <br>
+    <br>
+    [<%= shop_session.shop %>]
+    <br>
+    <br>
+    <strong><%= flash[:notice] %></strong>
+
+
+
+
+
+
+
+# Routes
+
+    Rails.application.routes.draw do
+      root "shopify#welcome"
+
+      get '/shopify/welcome', to: 'shopify#welcome', as: :shopify_welcome
+      get '/shopify/products', to: 'shopify#products', as: :shopify_products
+
+      get '/shopify/login', to: 'shopify#new', as: :shopify_login
+      post '/shopify/login', to: 'shopify#create'
+      get '/shopify/logout', to: 'shopify#destroy', as: :shopify_logout
+      get '/auth/shopify/callback', to: 'shopify#create', as: :shopify_callback
+    end
+
+
+
+
+
+
+Now go to this url:
+
+https://snowe-shopify.herokuapp.com/shopify/login?shop=embedded-test
+
+
+https://docs.shopify.com/api/authentication/oauth
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+http://embedded-test.myshopify.com/admin/admin/api_clients/new?shop=embedded-test
+
+https://embedded-test.myshopify.com/admin/api_clients/new?shop=embedded-test&api_client[return_url]=http://snowe-shopify.herokuapp.com/shopify/login
+
+
+
+https://embedded-test.myshopify.com/admin/oauth/authorize?client_id=9498a7cd6d0e1a56547c5c618bd8c004&scope=read_content,write_content,read_products,write_products, read_customers,write_customers,read_orders&redirect_uri=https://snowe-shopify.herokuapp.com/welcome
+
+read_content,write_content,read_products,write_products, read_customers,write_customers,read_orders
+
+
+
+
+https://snowe-shopify.herokuapp.com/auth/shopify/callback?code=5bb8f92ff8c7da37eaba890020ed2f45&hmac=6dfa0f1e0b56bb3c4d8390c96634d693a699be896ba7c6e211e14f630d2d502d&shop=embedded-test.myshopify.com&signature=b80e78f1c664bca5dc2c2178905709cb&timestamp=1428965125
+
+
+# Safari and IE embedded IFrame Cookies
+
+http://www.mendoweb.be/blog/internet-explorer-safari-third-party-cookie-problem/
+
+
+# Validating the HMAC
+
+The problem is that in many requests the HMAC is blank. For example lets say you go to
+
+    https://<your-site>/shopify/welcome
+    
+This will hit your controller and render the welcome page (without an HMAC). When this page renders it will render the JavaScript which runs the shopify app embed which will reframe your page within the Shopify Admin:
+
+    https://<your-shop>.myshopify.com/admin/apps/<your-app-no>/shopify/welcome
+    
+This page will re-render your welcome page but this time with the shop and the hmac params included:
+
+    https://<your-site>/shopify/welcome?hmac=12345&signature=12345&timestamp=12345&shop=<your-shop>.myshopify.com
+    
+    
+ 
@@ -46,7 +46,7 @@ Now you have the Certificate request files. Go through a service (like [https://
 
 Startssl is a good option to use because the generated certs are approved and you can get a free cert for a single domain. The website can be sluggish if it is overloaded, but that is only a problem when generating your request. They are also a great option for Wildcard and Verified certs if you need them.
 
-**Note**: StartSSL will work for the root domain and 1 subdomain only for the fee option.
+**Note**: StartSSL will work for the root domain and 1 subdomain only for the free option.
 
 Go to:
 
 
@@ -465,3 +465,23 @@ You may need to update your test database:
     bundle exec rake RAILS_ENV=test rake db:migrate
 
 
+## Money in Rails
+
+Don't represent money using floating point numbers. Use the [monetize](https://github.com/RubyMoney/monetize) gem and the [money-rails](https://github.com/RubyMoney/money-rails) gem:
+
+    gem 'monetize'
+    gem 'money-rails'
+
+And setup the initializer:
+
+    rails g money_rails:initializer 
+    
+Store your fields as integers with cents (you can customize this with currencies using the `t.money` method):
+
+    t.integer :price_cents, default: 0    
+    
+Then in your models:
+
+    class Product < ActiveRecord::Base
+      monetize :price_cents # allow_nil: true
+    end