So my website is essentially a POS for multiple physical stores. Since I'm working with multiple stores, I need to be able to tie each purchase made online to the physical storefront it was purchased at. To solve this problem I have been combining the functions of different apps to meet these requirements. This is my current solution:
I first use the Locksmith app to completely lock down the entire website with a special "secret URL". Then I use GoAffPro to make my store owners affiliates, set them up to receive 100% commission (since they will have already bought the inventory from me in bulk), and set their referral link as the "secret URL" I previously put in the Locksmith app. This will allow only people who use this affiliate link/secret URL to access the store and buy things which then payout the correct store owners since they are affiliates.
The problem with this is that the Locksmith app uses a session cookie. This makes it so that if one of my store's customers enters the site using a secret URL/affiliate link, forgets to close out that tab, then attempts to enter a new store by reopening that old tab, their purchase will credit the previous store rather than the current one.
I don't believe an incident like this would happen very often, but regardless I need to guarantee that commission to my store owners and I can't do that when I have a loophole like this. Because of this I'm looking for a locking app that either doesn't use session cookies or has a timer on them so they eventually expire. After speaking with Locksmith support, they are looking into adding a timer, but I can't really wait around for this.
If anyone knows an app that can provide this or has a different approach they would like to share, I'd love to hear it.