I am new to Shopify platform and have a doubt which I want to clarify.
We are developing a public app on Shopify. Currently we are facing a issue after app uninstall.
Our app contains a login page and we are using jwt based authentication. We are storing jwt token in local storage.
Now the issue is :
- When ever our app is uninstalled, we get a uninstall webhook based on which we perform few database operations.
- Now once the app is uninstall, We want to remove jwt token from local storage because after uninstallation of the app, if we try to access our public app specific APIs, they are accessed because JWT token in my local storage exists.
I Somehow want to restrict all kinds of these unethical activities and want to overcome all security flaws. Currently I am thinking to clear token from local storage.
As I am new to shopify, Can anyone tell me what better solution for this problem could be ? Is my current approach of saving jwt token in local storage is correct ?