I am currently investigating possible ways to tackle a specific use case, using Shopify with the Next.js Commerce integration for building a custom storefront. Right now, their product does not include an option for authenticating using OAuth2 - e.g. Google and Facebook. I have a rough draft of a solution, but still can't imagine the complete flow.
It would go something like this:
- User visits storefront and requests a social login (let's use Google for this example)
- A request is made to a cloud function OR a separate backend OR firebase auth OR a Shopify App (not sure if possible) - We will refer to the method of choice as "Backend"
- Backend returns a redirect response to the Google Auth page OR opens the google auth page in a modal
- User consents to Google authentication
- Their profile info is returned and the modal is closed OR another redirect is returned along with it, to the initial location
- That info is sent to Backend to generate a Multipass token
- Multipass token is then used to authenticate the customer
Now, one thing needs to be taken into consideration. Before creating a token for a customer, we need to create a new customer, right? And as far as I know, the Shopify mutation requires username and password input. Do you reckon this could render the entire idea useless? And another thing, if the Google info for that customer changes, for example the last name, would that make the generated Multipass invalid -- since a new last name is encoded into it, thus changing the string itself?
Please share your thoughts!