Make it easier to get started with webhooks #842
Conversation
byrichardpowell
force-pushed
the
declarative-webhooks
branch
2 times, most recently
from
3499cce to
26c2922
Compare
1. Providing the config for mandatory webhook topics 2. Adding a product create webhook, so partners can see a webhook trigger when pressing "generte a product" 3. Separating each webhook topic into it's own URL
byrichardpowell
force-pushed
the
declarative-webhooks
branch
from
26c2922 to
3bf02fb
Compare
There was a problem hiding this comment.
A while back we had talked about using snippets as a way to share common code patterns with developers, and I feel like this could be a good use case!
I would like to confirm with the webhook team, but I am thinking for the privacy webhooks we want to be able to process them even if the app is uninstalled/has no session.
There was a problem hiding this comment.
That's a great way to tidy all the webhooks handling! Most of the webhook endpoints should not rely on a session or admin to be set, as the app could be already uninstalled for app/uninstall and compliance webhooks.
Ideally, we'd like to encourage receiving webhooks and respond ASAP and then do the processing asynchronously or using a job queue. (I understand that's probably out of the scope of the template)
|
|
||
| // Webhook requests can trigger after an app is uninstalled. | ||
| // If the app is already uninstalled, the session may be undefined. | ||
| if (session) { |
There was a problem hiding this comment.
You're comment is right: the session might not be defined when processing a webhook request. From what I can understand, authenticate.webhook will first validate the webhook origin (by checking the HMAC signature from the headers) and then it will try to load an offline session and admin. But this can fail so we can only count on the shop, payload to be defined here.
TLDR: you can drop the session check IMO.
There was a problem hiding this comment.
We are effectively using the session check here to say "Did we already process this?". Using shop, I think we'd need to do something like this:
const { shop } = await authenticate.webhook(request);
// Webhook requests can trigger after an app is uninstalled.
// If the app is already uninstalled, the session may be undefined.
try {
db.session.deleteMany({ where: { shop } });
} catch (error) {
console.error(error);
}Try/catch is the recommended way in Prisma to delete without raising exceptions if the record exists. I don't think try/catch is quite as nice.
WDYT @lizkenyon & @cdarne ?
There was a problem hiding this comment.
I think for this case it makes sense to check for the session!
We could add another sentence for clarity if we wanted 🤷
// Webhook requests can trigger after an app is uninstalled.
// If the app is already uninstalled, the session may be undefined, which means it has already been deleted.
|
@lizkenyon @cdarne please can I get a second review? Note i also updated the README to steer partners towards app-specific webhooks |
Make it easier to get started with webhooks
WHY are these changes introduced?
We want to make it easier to get started with declarative webhooks
WHAT is this pull request doing?
Test this PR
npm run dev. Do you see a message like this:webhooks │ APP_UNINSTALLED webhook deliveredgenerate a productin the UI. Does the product create webhook trigger?Checklist
README.mdfile and other related documentation, if applicableCHANGELOG.md