jamey/simpleshop_theme
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
e6f8d7fa2a
simpleshop_theme/lib/simpleshop_theme_web/router.ex
jamey eede9bb517 feat: add encrypted settings, guided Stripe setup, and admin credentials page 
Store API keys and secrets encrypted in the SQLite database via the
existing Vault module (AES-256-GCM). The only external dependency is
SECRET_KEY_BASE — everything else lives in the portable DB file.

- Add encrypted_value column to settings table with new "encrypted" type
- Add put_secret/get_secret/delete_setting/secret_hint to Settings context
- Add Secrets module to load encrypted config into Application env at startup
- Add Stripe.Setup module with connect/disconnect/verify_api_key flow
  - Auto-creates webhook endpoints via Stripe API in production
  - Detects localhost and shows Stripe CLI instructions for dev
- Add admin credentials page at /admin/settings with guided setup:
  - Not configured: single Secret key input with dashboard link
  - Connected (production): status display, webhook info, disconnect
  - Connected (dev): Stripe CLI instructions, manual signing secret input
- Remove Stripe env vars from dev.exs and runtime.exs
- Fix CSSCache test startup crash (handle_continue instead of init)
- Add nav link for Credentials page

507 tests, 0 failures.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-07 17:12:53 +00:00

140 lines
4.5 KiB
Elixir
Raw Blame History

defmodule SimpleshopThemeWeb.Router do
use SimpleshopThemeWeb, :router
import SimpleshopThemeWeb.UserAuth
pipeline :browser do
plug :accepts, ["html"]
plug :fetch_session
plug :fetch_live_flash
plug :put_root_layout, html: {SimpleshopThemeWeb.Layouts, :root}
plug :protect_from_forgery
plug :put_secure_browser_headers
plug :fetch_current_scope_for_user
end
pipeline :api do
plug :accepts, ["json"]
end
pipeline :printify_webhook do
plug SimpleshopThemeWeb.Plugs.VerifyPrintifyWebhook
end
pipeline :shop do
plug :put_root_layout, html: {SimpleshopThemeWeb.Layouts, :shop_root}
plug SimpleshopThemeWeb.Plugs.LoadTheme
end
# Public storefront (root level)
scope "/", SimpleshopThemeWeb do
pipe_through [:browser, :shop]
live_session :public_shop,
layout: {SimpleshopThemeWeb.Layouts, :shop},
on_mount: [{SimpleshopThemeWeb.CartHook, :mount_cart}] do
live "/", ShopLive.Home, :index
live "/about", ShopLive.About, :index
live "/contact", ShopLive.Contact, :index
live "/collections/:slug", ShopLive.Collection, :show
live "/products/:id", ShopLive.ProductShow, :show
live "/cart", ShopLive.Cart, :index
live "/checkout/success", ShopLive.CheckoutSuccess, :show
end
# Checkout (POST — creates Stripe session and redirects)
post "/checkout", CheckoutController, :create
end
# Cart API (session persistence for LiveView)
scope "/api", SimpleshopThemeWeb do
pipe_through [:browser]
post "/cart", CartController, :update
end
# Image serving routes (public, no auth required)
scope "/images", SimpleshopThemeWeb do
pipe_through :browser
get "/:id", ImageController, :show
get "/:id/thumbnail", ImageController, :thumbnail
get "/:id/variant/:width", ImageController, :variant
get "/:id/recolored/:color", ImageController, :recolored_svg
end
# Webhook endpoints (no CSRF, signature verified)
scope "/webhooks", SimpleshopThemeWeb do
pipe_through [:api, :printify_webhook]
post "/printify", WebhookController, :printify
end
scope "/webhooks", SimpleshopThemeWeb do
pipe_through [:api]
post "/stripe", StripeWebhookController, :handle
end
# Enable LiveDashboard and Swoosh mailbox preview in development
if Application.compile_env(:simpleshop_theme, :dev_routes) do
# If you want to use the LiveDashboard in production, you should put
# it behind authentication and allow only admins to access it.
# If your application does not have an admins-only section yet,
# you can use Plug.BasicAuth to set up some basic authentication
# as long as you are also using SSL (which you should anyway).
import Phoenix.LiveDashboard.Router
scope "/dev" do
pipe_through :browser
live_dashboard "/dashboard", metrics: SimpleshopThemeWeb.Telemetry
forward "/mailbox", Plug.Swoosh.MailboxPreview
# Preview error pages
get "/errors/404", SimpleshopThemeWeb.ErrorPreviewController, :not_found
get "/errors/500", SimpleshopThemeWeb.ErrorPreviewController, :server_error
end
end
## Authentication routes
# /admin redirects to theme editor (requires auth, will redirect to login if needed)
scope "/admin", SimpleshopThemeWeb do
pipe_through [:browser, :require_authenticated_user]
get "/", AdminController, :index
end
scope "/", SimpleshopThemeWeb do
pipe_through [:browser, :require_authenticated_user]
live_session :require_authenticated_user,
on_mount: [{SimpleshopThemeWeb.UserAuth, :require_authenticated}] do
live "/users/settings", UserLive.Settings, :edit
live "/users/settings/confirm-email/:token", UserLive.Settings, :confirm_email
live "/admin/theme", ThemeLive.Index, :index
live "/admin/providers", ProviderLive.Index, :index
live "/admin/providers/new", ProviderLive.Form, :new
live "/admin/providers/:id/edit", ProviderLive.Form, :edit
live "/admin/settings", AdminLive.Settings, :index
end
post "/users/update-password", UserSessionController, :update_password
end
scope "/", SimpleshopThemeWeb do
pipe_through [:browser]
live_session :current_user,
on_mount: [{SimpleshopThemeWeb.UserAuth, :mount_current_scope}] do
live "/users/register", UserLive.Registration, :new
live "/users/log-in", UserLive.Login, :new
live "/users/log-in/:token", UserLive.Confirmation, :new
end
post "/users/log-in", UserSessionController, :create
delete "/users/log-out", UserSessionController, :delete
end
end
Reference in New Issue View Git Blame Copy Permalink