0
votes

When shopify sends a webhook to my app, I want to access the products resource of the shop owner's store through the API and compare the ids of the product in the store and the product ordered by the customer.

app/views.py

@csrf_exempt
def webhook (request, *args, **kwargs):
    products = []

    import shopify
    with request.user.session: # This doesn't work because no login I think
        products = shopify.Product.find()

    print "THE PRODUCTS ARE:", products

    if request.method == "POST":
        line_items = json.loads(request.body)["line_items"]
        return HttpResponse(status=200)

I can't do this because the user isn't logged in so the request.user.session doesn't work.
I can't ask the webhook to login to the owner's store for me.
So, how do I access the products like shopify.Product.find() in this function?

2

2 Answers

0
votes

I think you're mixing concepts here: webhooks, products and customers. You first need to loop through all products of a particular store. Once you have all the products in the right place with the right id (take into account dealing with variants instead of products), then you need to have all the customers or orders of that particular store. Each order, has line items with the right variant.id. Then you loop through all variants to see which variants that particular order/customer has ordered.

0
votes

The webhook request needs to be validated via its HMAC headers in order to be sure that it is genuine. Once this is done, you can safely assume that the domain it's coming from is legitimate, so you can look up the user in your database. Instead of implementing this yourself, you can use django-shopify-webhook to handle webhook requests.

You can check out my answer to this question to see an example of how to do this.