Shopify API – Saving Access Token in the Database (PHP & MySQL)

  Shopify

Before you can start working with Shopify store data using Shopify API, there must be an authentication where the store approves your app for certain permission.

We have done this so many times now. So if you don’t know yet how to set up your first Shopify app then I highly recommend you to read first my article on how to create Shopify apps using PHP.



In this article, we’re going to store and save access tokens in two ways and that is through MySQL/PHP and Cookies/Sessions. I will also explain anything you need to know and which one you should really use.

I have received comments about this recently so I decided to write about it as soon as I can. Now let’s say that you already have built your Shopify app and you’re having issues about access tokens. How can we actually save access tokens that were generated by the stores?

Well, there are…

 

Two ways to save access tokens

There are two ways to store access tokens and the first option you have is to…

Save access tokens using MySQL Database

This is quite obvious now since MySQL database is your only reliable and secured storage for saving data. Now how can we do this? Well, the first thing you wanna do is to create a database through your web host. If you’re using XAMPP/WAMP server then just go to your localhost URL and browse your phpMyAdmin and create a database. If you have your own web host then just go and proceed to your Dashboard and create a database.

Disclaimer, I can’t pretty much give you instructions on how to navigate to your database since we all don’t have the same dashboard or control panel. All I can tell you is to look for MySQL tab or category, click that, and try to create a new database account.

Keep in mind as well that some host requires you to create a username and password for database while some host does not require you to do so and you can just proceed to phpMyAdmin and get your account details there.

Now let’s proceed to PhpMyAdmin and create a database.

Creating Database for Shopify App API Development Tutorial

I will name my database example_db just for the sake of this tutorial. You can name your database whatever you want.

After that, click on the database that you just have created, and proceed to SQL tab and type in the following SQL query.

CREATE TABLE example_table ( id INT(8) UNSIGNED AUTO_INCREMENT PRIMARY KEY, store_url VARCHAR(255) NOT NULL, access_token VARCHAR(255) NOT NULL, install_date DATETIME )

Make sure that your database is selected.

How to Create a Database for Shopify App API Development Tutorial

And just click the ‘Go’ button located at the very bottom right corner of the query box.

You should have something like this:

Tutorial on How To Create a Database for Shopify App API Development Tutorial PHP

Now that our database is ready, let’s go back to our Shopify app project and create a new script.

Let’s name it connect_to_mysql.php and copy the following code:

<?php $servername = "YOUR SERVER NAME"; $username = "YOUR DATABASE USERNAME"; $password = "YOUR DATABASE PASSWORD"; $db = "example_db"; $conn = mysqli_connect($servername, $username, $password, $db); if (!$conn) { die("Connection Error: " . mysqli_connect_error()); }

Make sure you replace the value of each variable above before you proceed. Otherwise, you’ll be getting an error once you reference this script in our next code.

To be sure that there will be no errors. Browse this file using your browser. For example, We have https://example.com/connect_to_mysql.php

If it shows no errors then that means you’re good to go.

Now save the script and let’s go back to our generate_token.php or token_generator.php (I have created two tutorials as far as I can remember, so the name of the file doesn’t really matter, as long as it has the same code. 😛)

So far, these are the files I have in our project.

Shopify App Development Tutorial Files (Step by Step Guide for MySQL/PHP)

And this is the code inside our token generator.

Shopify App Development Access Token Generator

Underneath the require_once("inc/functions.php"); type in require_once("connect_to_mysql.php");

Next, locate the line where it says echo $access_token; and comment that out.

After that, add the following code just below the //echo $access_token; line.

$sql = "INSERT INTO example_table (store_url, access_token, install_date) VALUES ('".$params['shop']."', '".$access_token."', NOW())"; if (mysqli_query($conn, $sql)) { header('Location: https://'.$params['shop'].'/admin/apps'); die(); } else { echo "Error inserting new record: " . mysqli_error($conn); }

Make sure you have the same table name. After that, save the file and uninstall your app and re-install again.

After installing the app, check your database and see if it saved the access token. Like this:

Shopify App Development - Saving Access Token with MySQL and PHP

Keep in mind that these tokens are kind of like a password which is important for stores. So you might wanna encrypt these tokens just for the sake of additional security.

 

Save access tokens using cookies/sessions

The other option that you may use is by saving access tokens using cookies or sessions.

I don’t personally recommend doing this since cookies and sessions are temporary storage. Especially if you usually clear your browser’s data.

Plus, it is also not safe to do this.

However, if you still want to know how to save access tokens using cookies then doing that is very simple. All you need is JavaScript code like this:

document.cookie = "token=" + <?php echo $access_token; ?>;

See that code above? You’re pretty much displaying the token for the public to see. Yay! free tokens!

Conclusion

Shopify access token is very important for each store. It’s like a password which makes it very critical. So make sure you secure them as much as you can.

If you don’t know about encryption, I highly suggest you search about MD5 or HASH. This will help you secure your important data such as access tokens and passwords.

For now, I thank you for reaching this far. If you have more concerns regarding this series, feel free to share them down in the comments and I swear I respond faster than your internet connection.


Good luck Shopify Developers!

React to this topic
Subscribe
Notify of
guest
11 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments