We have a shopify app that lets users create a mobile app for their shopify stores. Now we are trying to implement a new feature which is passwordless login using OTP. I came across this link about the customer access token that can be generated using just the customer's email and password, but the issue is that the token generated has an expiration. So this can cause a issue as if we again try to create this customer access token we will need the password of that customer and cannot be possible without storing the password of the customer in our databases which can cause a potential privacy violation. So is there any way we can implement this feature without storing the password of the customers.
Hi Sandeep, instead of storing raw Password use a encryption algorithm to encode the password and store in DB.
whenever you are generating token read enc Password from DB and decode. For example you can use AES ALGO
Hope it helps.
HI @sandeepks23 - did you end up going this route? We are in a similar position and are evaluating passwordless login options. Would love to know where you ended up.
On our Shopify Expert Marketplace, you can find many trusted third party developers and fr...By Arno Nov 27, 2023
You've downloaded the Search & Discovery app from the Shopify App store, and as you're ...By Skye Nov 8, 2023