Setting up 2 step customer login process

Highlighted
New Member
3 0 0

I'm trying to make the customer login process 2 steps (not to be confused with 2 factor). I'd like to collect the email address on the first step, and make an API call to Shopify's customer API through my web service to determine if the customer state=enabled. If the state is enabled, prompt for the password, otherwise send the user to the registration page.


The problem is we do not require customer accounts to reduce checkout friction. Customers signed up for our subscription service are trying to access and manage their subscriptions and then are told they don't have an account. Very frustrating experience for the end user as they call our customer support in a very bad mood. 

 

I'm running into cross side scripting issues when attempting to send to my web service and get a result. For example: "Cross-Origin Read Blocking (CORB) blocked cross-origin response".

 

Any recommendations on how I should set this up?

0 Likes
Community Manager
Community Manager
618 46 79

Hi @JGTAOS,

 

How are you making the request to Shopify? If you're making the request from the client, I think the error makes sense. You should be making authenticated requests to Shopify from a back-end server.

 

If I'm completely wrong, perhaps you could share some additional context into the actions you are performing.

 

Thanks!

0 Likes
New Member
3 0 0

@Busfox wrote:

Hi @JGTAOS,

 

How are you making the request to Shopify? If you're making the request from the client, I think the error makes sense. You should be making authenticated requests to Shopify from a back-end server.

 

If I'm completely wrong, perhaps you could share some additional context into the actions you are performing.

 

Thanks!


I'm attempting to make the AJAX request from the client (browser / Shopify web site) to my web service on a separate server, which calls my private Shopify app via API and attempts to pass back the information to the client. I have it working right now by POSTing the data from Shopify client to my web service, getting the API result and then redirecting back to either the Shopify login or registration page depending on the result. An AJAX call would be a bit more seamless but I understand the CORS/XSS issues. Just curious how others handle this.

0 Likes