Skip to content

shopify-app-session-storage-dynamodb

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History

shopify-app-session-storage-dynamodb

README.md

Session Storage Adapter for AWS DynamoDB

This package implements the SessionStorage interface that works with an AWS DynamoDB database.

Contributed by Chris - thank you 👏

import {shopifyApp} from '@shopify/shopify-app-express';
import {DynamoDBSessionStorage} from '@shopify/shopify-app-session-storage-dynamodb';

// You can use the default options
const storage = new DynamoDBSessionStorage();

// or, if you want to use a different session table name and shop index name
const storage = new DynamoDBSessionStorage({ sessionTableName: 'my-session-table', shopIndexName: 'my-shop-index' });

// or, if you want to use a different region or credentials
const storage = new DynamoDBSessionStorage({ config: { region: 'us-west-2', credentials: { ... } } });

const shopify = shopifyApp({
  sessionStorage: storage,
  // ...
});

Table Schema

{
  TableName: sessionTableName,
  AttributeDefinitions: [
    {AttributeName: 'id', AttributeType: 'S'},
    {AttributeName: 'shop', AttributeType: 'S'},
  ],
  KeySchema: [{AttributeName: 'id', KeyType: 'HASH'}],
  GlobalSecondaryIndexes: [
    {
      IndexName: shopIndexName,
      KeySchema: [{AttributeName: 'shop', KeyType: 'HASH'}],
      Projection: {ProjectionType: 'KEYS_ONLY'},
      ProvisionedThroughput: {
        ReadCapacityUnits: 1,
        WriteCapacityUnits: 1,
      },
    },
  ],
  ProvisionedThroughput: {ReadCapacityUnits: 1, WriteCapacityUnits: 1},
}

AWS Policy for DynamoDB

This policy must be attached to a user -- dynamodb:Query does not work with inline policies.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Statement1",
      "Effect": "Allow",
      "Action": [
        "dynamodb:GetItem",
        "dynamodb:DeleteItem",
        "dynamodb:PutItem",
        "dynamodb:Query",
        "dynamodb:DescribeTable"
      ],
      "Resource": ["arn:aws:dynamodb:<region>:<account-id>:table/<table-name>"]
    }
  ]
}

Refresh Token Support

This package supports storing refresh tokens for apps using expiring offline access tokens. No migration or schema changes are required. DynamoDB's flexible schema automatically accommodates the additional fields.

To enable expiring offline access tokens in your app:

const shopify = shopifyApp({
  sessionStorage: new DynamoDBSessionStorage(),
  future: {
    expiringOfflineAccessTokens: true,
  },
  // ...
});

If you prefer to use your own implementation of a session storage mechanism that uses the SessionStorage interface, see the implementing session storage guide.