- solidus.io
- Documentation
- Join our Slack (solidusio.slack.com)
- solidus-security mailing list
Background story tl;dr: I wanted to use solidus_api along with provided admin panel (solidus_backend), but the default api authentication mechanism
did not satisfy my security and usage needs at all. At first, I only wanted to fork the solidus_api gem and integrate it with devise_token_auth,
but it turned out that the whole solidus project heavily relies on this default spree_api_key thing - so here it is, a solidus fork, extensively revised to be fully compliant with devise_token_auth,
replacing the spree_api_key mechanism also in stuff like solidus_backend. The test suite is fully passing; I have also upgraded it a little to test stuff (like authentication) that it used to just stub previously.
There are so many changes that it can't simply be merged to the upstream repository - people use that spree_api_key in their own integrations, so this fork is usable mostly when you're starting from scratch
and want to use solidus with devise_token_auth or you want to use the solidus_api for the first time, or if you want to refactor your existing solidus_api app to become more secure.
As of 24.10.2018 the upstream repository is merged, but if you need some latest solidus features and nobody updates this repo from the upstream, feel free to do it yourself - it shouldn't take much more than just resolving some git conflicts, bumping the version and submitting a pull request here.
To add solidus_devise_token_auth, begin with a Rails 5 application and a database configured and created. Add the following to your Gemfile:
gem 'solidus_devise_token_auth'
gem 'solidus_auth_devise_devise_token_auth' # ain't my naming convention skills sick?Because of the gem name being different, you have to include this in your config/application.rb (depending on what you want to use):
require 'solidus_core'
require 'solidus_api'
require 'solidus_backend'
require 'solidus_frontend'
require 'solidus_sample'
require 'solidus_auth_devise'Then basically just follow the original solidus guides, watching out for api authentication (described here).
Every piece is rebuilt and available on rubygems:
gem 'solidus_api_devise_token_auth'
gem 'solidus_frontend_devise_token_auth'
gem 'solidus_backend_devise_token_auth'
gem 'solidus_core_devise_token_auth'
gem 'solidus_sample_devise_token_auth'Solidus is a complete open source ecommerce solution built with Ruby on Rails. It is a fork of Spree.
See the Solidus class documentation and the Solidus Guides for information about the functionality that Solidus provides.
Solidus consists of several gems. When you require the solidus gem in your
Gemfile, Bundler will install all of the gems maintained in this repository:
solidus_api(RESTful API)solidus_frontend(Cart and storefront)solidus_backend(Admin area)solidus_core(Essential models, mailers, and classes)solidus_sample(Sample data)
All of the gems are designed to work together to provide a fully functional
ecommerce platform. However, you may only want to use the
solidus_core gem
combine it with your own custom frontend, admin interface, and API.
Try out Solidus with one-click on Heroku:
Begin by making sure you have Imagemagick installed, which is required for Paperclip. (You can install it using Homebrew if you're on a Mac.)
To add solidus, begin with a Rails 5 application and a database configured and created. Add the following to your Gemfile.
gem 'solidus'
gem 'solidus_auth_devise'Run the bundle command to install.
After installing gems, you'll have to run the generators to create necessary configuration files and migrations.
bundle exec rails g spree:install
bundle exec rails g solidus:auth:install
bundle exec rake railties:install:migrationsRun migrations to create the new models in the database.
bundle exec rake db:migrateFinally start the rails server
bundle exec rails sThe solidus_frontend storefront will be accessible at http://localhost:3000/
and the admin can be found at http://localhost:3000/admin/.
As part of running the above installation steps, you will be asked to set an admin email/password combination. The default values are admin@example.com and test123, respectively.
The best way to ask questions is via the #support channel on the Solidus Slack.
Instead of a stable build, if you want to use the bleeding edge version of Solidus, use this line:
gem 'solidus', github: 'solidusio/solidus'Note: The master branch is not guaranteed to ever be in a fully functioning state. It is unwise to use this branch in a production system you care deeply about.
By default, the installation generator (rails g spree:install) will run
migrations as well as adding seed and sample data. This can be disabled using
rails g spree:install --migrate=false --sample=false --seed=falseYou can always perform any of these steps later by using these commands.
bundle exec rake railties:install:migrations
bundle exec rake db:migrate
bundle exec rake db:seed
bundle exec rake spree_sample:loadThere are also options and rake tasks provided by solidus_auth_devise.
You may notice that your Solidus store runs slowly in development mode. This
can be because in development each CSS and JavaScript is loaded as a separate
include. This can be disabled by adding the following to
config/environments/development.rb.
config.assets.debug = falseTo gain some extra speed you may enable Turbolinks inside of Solidus admin.
Add gem 'turbolinks', '~> 5.0.0' into your Gemfile (if not already present) and append these lines to vendor/assets/spree/backend/all.js:
//= require turbolinks
//= require backend/app/assets/javascripts/spree/backend/turbolinks-integration.jsCAUTION Please be aware that Turbolinks can break extensions and/or customizations to the Solidus admin. Use at own risk.
-
Clone the Git repo
git clone git://github.com/solidusio/solidus.git cd solidus -
Install the gem dependencies
bundle install
Solidus is meant to be run within the context of Rails application. You can easily create a sandbox application inside of your cloned source directory for testing purposes.
This sandbox includes solidus_auth_devise and generates with seed and sample data already loaded.
-
Create the sandbox application (
DB=mysqlorDB=postgresqlcan be specified to override the default sqlite)bundle exec rake sandbox -
Start the server
cd sandbox rails server
Solidus uses RSpec for tests. Refer to its documentation for more information about the testing library.
We use CircleCI to run the tests for Solidus as well as all incoming pull requests. All pull requests must pass to be merged.
You can see the build statuses at https://circleci.com/gh/solidusio/solidus.
ChromeDriver is required to run the frontend and backend test suites.
To execute all of the test specs, run the build.sh script at the root of the Solidus project:
bash build.shThe build.sh script runs using PostgreSQL by default, but it can be overridden by setting the DB environment variable to DB=sqlite or DB=mysql. For example:
DB=mysql bash build.shEach gem contains its own series of tests. To run the tests for the core project:
cd core
bundle exec rspecBy default, rspec runs the tests for SQLite 3. If you would like to run specs
against another database you may specify the database in the command:
DB=postgresql bundle exec rspecIf you want to run the SimpleCov code coverage report:
COVERAGE=true bundle exec rspecIn addition to core functionality provided in Solidus, there are a number of ways to add features to your store that are not (or not yet) part of the core project.
A list can be found at extensions.solidus.io.
If you want to write an extension for Solidus, you can use the solidus_cmd gem.
Solidus is an open source project and we encourage contributions. Please read CONTRIBUTING.md before contributing.