How to use oauth (session)

Highlighted
Excursionist
16 0 13

When the app is installed first time, I am saving store_url & access_token to my db. 
From shop admin dashboard when I click app, I am seeing some query params are coming from shopify such as hmac, locale, session, shop, timestamp 

The question is, how should check, this is valid authentication request or not ? Basically I can get shop url and check whether there is any record on db and get the access_token of that store but this doesn't seem safe. 

Second Image Hover Animations converts product images on your site into dynamic ones with simply one click
The Detective FAQ outstanding FAQ page templates & Product FAQs
Boostify ‑ Variant Swatch Show variants on collections with one click.
1 Like