Re: Authentication for Public apps without a login feature

AppsDartSupport · ‎09-21-2020

Hello Everyone. I have a scenario which i have no luck reaching to a solution so far. Please take some time and help me out here.

So the app im building doesn't contain a Login / Logout feature and its an embedded app. Its architecture is API-based (Laravel and React). I use Passport package for authentication

Now after the app installs the merchant is taken straight to the dashboard which works fine if the merchant is seeing the app in the embedded window. However if the merchant inspects the iframe element and copies the src field of that iframe and opens it in a new window, It will open for the merchant. This is a huge security breach which I need to address.

Cheers !

Note: If u want more information about this .. let me know what u need I will provide it.

wiretrackio · ‎07-24-2021

Hey there. Same doubt here, not much information. How did you end up solving this?

Authentication for Public apps without a login feature

finding sezzle app

Shopify Theme App Extension in paid app

Online Store 2.0 themes - App embed blocks not appearing automatically on store pages

How to make a product be only product in order

Customer-Facing Public App - Where to Start?

Re: Custom bundle creator

Re: Custom bundle creator

Re: Shopify PHP App Is not loading in safari browser

finding sezzle app

Shopify Theme App Extension in paid app