npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@bazaarforge/shopify-app-session-storage-adaptable-postgresql

v1.0.0-alpha.2

Published

Enhanced Shopify App Session Storage for PostgreSQL

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

bazaarforgegsbazaarforgegs

Keywords

shopifynodeappgraphqlrestwebhookAdmin APIStorefront APIpostgresqlPostgreSQLsession storagepg-promise

Readme

Adaptable Shopify Session Adapter

A shopify session adapter that allows you to customize how you connect to PostgreSQL.

Customizable Access to PostgreSQL

If you're using a library such as pg-promise or want to customize the way the connection is managed or the database is queried, the adapter offered by Shopify may not be ideal.

This adapter offers the following:

  • more flexibility in choosing how to connect to PostgreSQL
  • no automatic table creation or migration
  • possibility to encrypt the accessToken

Native PostgreSQL Adapter

Using the native pg library:

// Example usage with NativePostgresConnection

import {
  NativePostgresConnection,
  AdaptablePostgresStorage
} from '@bazaarforge/shopify-app-session-storage-adaptable-postgresql';

const sessionTableName = 'shopify_sessions';
const url = `postgres://user:password@host/dbname`

const storage = new AdaptablePostgresStorage(
  new NativePostgresConnection(url, sessionTableName)
);

pg-promise Adapter

Using the pg-promise adapter:

// Example usage with PgPromiseConnection

import pgPromise from 'pg-promise';
import {
  PgPromiseConnection,
  AdaptablePostgresStorage
} from '@bazaarforge/shopify-app-session-storage-adaptable-postgresql';


const sessionTableName = 'shopify_sessions';
const pgp = pgPromise();
const db = pgp('postgres://user:password@host/dbname');

const storage = new AdaptablePostgresStorage(
  new PgPromiseConnection(db, sessionTableName)
);

Custom Connection

You can extend the class BasePostgresConnection, see examples in src.

No Auto-Creation of Session Table

Unlike Shopify's adapter, this adapter will not automatically create the session database table. We believe this is not the responsibility of the runtime to do so.

Instead, you can add this table to your database manually:

CREATE TABLE IF NOT EXISTS "UserSession" (
  "id" varchar(255) NOT NULL PRIMARY KEY,
  "shop" TEXT NOT NULL,
  "state" varchar(255) NOT NULL,
  "isOnline" boolean NOT NULL,
  "scope" TEXT,
  "expires" integer,
  "onlineAccessInfo" TEXT,
  "accessToken" TEXT
);

We recommend using a migration tool such as goose, node-pg-migrate, umzug, etc.

Option to encrypt access token

Shopify recommends encrypting the database at rest; however, we believe that storing merchants' access tokens in plain text within the database poses significant privacy risks.

Unlike Shopify's default adapter, which does not encrypt session tokens, this adapter allows you to configure a signature key for symmetrical client-side encryption. As a result, access tokens are securely encrypted before being stored in the database.

Encrypt access token

Be aware that this should not be done on an existing production database without a proper migration.

  1. Generate a secret key, it should be a 32 bit key. On Linux, you can run in the terminal openssl rand -hex 32. This key should be kept secret and not be lost, as it is essential for encrypting and decrypting your data. You can store this key in an env variable or in a vault.

To use the SymmetricEncryptor for encrypting and decrypting data, follow the example below:

import {
  SymmetricEncryptor,
  NativePostgresConnection,
  AdaptablePostgresStorage
} from '@bazaarforge/shopify-app-session-storage-adaptable-postgresql';
import crypto from 'crypto';

// The encryption key that you generated in the previous step
const key = process.env.ENCRYPTION_KEY;

// Create an instance of SymmetricEncryptor
const encryptor = new SymmetricEncryptor({ key });

// Create an instance of AdaptablePostgresStorage using the encryptor
const storage = new AdaptablePostgresStorage(
  new NativePostgresConnection("postgres://..."),
  {
    encryptor
  }
);