Apologies if similar questions have been asked, I can't seem to find relevant information.
I have a Shopify storefront that requires customers to log in using Shopify's inbuilt customer authentication, and I need to be able to securely fetch data from a 3rd party API (REST API) that is relevant to the logged-in customer.
The idea is, the customer will log in and be taken to a custom page within Shopify, the page will fetch the customer's details from Shopify (name, email, etc.), and then use this information to fetch the relevant data from the 3rd party. The tricky part is that I need to ensure the customer is authenticated before fetching from the 3rd party.
My initial thoughts were to create a Node.js server hosted somewhere that would act as a middleman/authenticator for the 3rd party API. So Shopify would send the customer details AND a customer auth token to the Node.js server and the server would then validate the token before fetching the data and passing it back to Shopify. Only problem is, I don't know how to obtain the customer's auth token.
Also, I would very much like it if I could somehow build this custom page within Shopify using React JS and Shopify's Polaris library as I am much more familiar with React than I am with Liquid. Am I able to create a React page using Polaris and somehow embed it to the Storefront?
Thanks so much for the advice.