There are different options to transfer data between your shop and any external service. The method you choose will depend on the usecase:
You may retrieve and update data from a shop using different methods:
The webservice is a REST API allowing you to interact with most of the database tables used by the core. It uses Basic access authentication to allow requests.
Resources:
Adding a module ObjectModel to the list of resources available
The hook addWebserviceResources
must be registered by your module.
Then an array containing all the ressources (= Object Model subclasses) you want to add should be returned.
For instance, in the module blockreassurance we have an ObjectModel class, called reassuranceClass
. If we wanted to make it available in the webservice, it would look like this:
<?php
/**
* Add an entity in the Webservice
*
* @param array $params All existing resources from the core
* @return array New resources
*/
public function hookAddWebserviceResources($params)
{
return array(
'reassurance' => array(
'description' => 'Module Reassurance example',
'class' => 'reassuranceClass',
'forbidden_method' => array('PUT', 'POST', 'DELETE')),
);
}
This will add the resource reassurance
available into the permissions list, based on the key.
As the webservice is only an interface to get and update objects on the database, it does not allow to run complex actions. Module controller may be implemented to allow any external service to reach your shop, then trigger specific actions or retrieve content.
You should implement a method that filters non-authenticated calls. This prevents guests accessing private content, or trigger actions on your behalf.
This can be done by generating your own token and checking it everytime the controller is called. Tools::encrypt($token)
may be useful.
Resources:
HTTP requests can be triggered from a shop to an external service.
Several methods allows requests to be sent (in order of preference):
cURL
or fopen()
, depending on what is available on the shop.