My app was rejected because when the merchant reinstalled the app, my app didn't OAuth immediately。

Shopflyer
Shopify Partner
9 0 3

My app was rejected because when the merchant reinstalled the app, my app didn't OAuth immediately。

The following is the email information and recording screen of the reviewer。

superKaKa2_0-1652510792260.png

https://shopify.click/22-05-8088-2543.webm

 

The current process of my app is like this. When the merchant uninstalls my app, I will change the status of the merchant in the database to inactive through uninstall webhook. When the merchant accesses the front-end page of the app in the browser, the back-end interface will return the status code of 401, which indicates that the merchant has uninstalled the app, and then the front-end interface will jump to the login page. I will ask the merchant to fill in the domain name of the store on the login page, After the merchant fills in the domain name, click the login button, and I will jump to xxxxxx/auth?shop=xxxxx, which will eventually jump to the app installation page, which is in the merchant's management background. When the merchant clicks the install app button, I will restart the OAuth process.
Is there any problem with the above process? Why was it rejected by the reviewer? What should I change the app process to pass the audit?

Reply 1 (1)

AlexKokobane
Shopify Partner
11 0 2

Hi @Shopflyer,

 

It would seem you have done what's needed for the most part. But just to be sure, after the merchant clicks install you do not restart the auth process, you have to continue it, this is exactly the part where your app receives the session token. That means the merchant is already authenticated by that point, you can route them to any route you want.

Alex here, the Creator of Windfall, an app for creating giveaways and awarding shop discount vouchers as prizes. Feel free to DM or email me at alex@makamuta.com if you'd like to know more about how Windfall can help you increase your revenue.