Strategy for determining need for auth

[panzacoder]

Hi there, thanks for this repo.

I am attempting a similar configuration as your repo and have taken some inspiration, but am a bit confused by this line.

Perhaps this is just a lack of understanding of the Shopify API, but I am always provided a host, regardless of whether I am authenticated.

Additionally, this doesn't verify that my tokens are valid as described here in the documentation.

Is this just not something you've accounted for or am I missing something here?

[tolgap]

Hi @panzacoder!

but I am always provided a host, regardless of whether I am authenticated.

Unless you launch the app directly from your browser by manually typing the host. It's very hard to provide the correct host manually. So I added a verification check. Feel free to remove it. None of this code is set in stone. Its just a demo app to prove things work.

Additionally, this doesn't verify that my tokens are valid

I'm not sure what you mean by "this doesn't verify that my tokens are valid". That is not something that your frontend should provide.

Nest API talks with Shopify. Not your frontend. So the Nest API will do the token verification.