Our client has their “general” store as an online store and a custom hydrogen website for configuring custom products. Ideally, the client would wants it to be the case that when a customer is logged in on their online store and they open the hydrogen custom configurator they are immediately logged in (independent from which URL they came from).
We would want however that if a customer is not logged in they are not redirected to the Shopify login form but rather just redirected to the home page of hydrogen.
As far as I understand, to check the login status between headless and online stores the auth flow needs to be started as documented here. One solution would be to on first page load always redirect the user to account/login. This however redirects the users to the login form. To stop this behaviour we can manually create the link to Shopify’s OAuth by following this guide. This however also forces us to verify the auth status ourselves instead of calling context.customerAccount.authorize().
Right now how I immediately check auth status of a user is by:
- On first load check session storage whether auth is checked
a. If auth is checked do nothing
b. If it is not redirect user to /account/login?autoLogin=true - On the /account/login route autoLogin query param = true
a. then build OAuth URL with redirect_uri account/authorize-auto and prompt=none appended
b. if autoLogin is null then return context.customerAccount.login - account/authorize-auto checks whether there is an error in search params.
a. If there is redirect to home page (‘/’)
b. if there is not redirect to /account/login (without autoLogin =true) - /account/login redirects to account/authorize which immediately logs the user in.
This setup requires two different authorize callback routes to be implemented and feels dirty. Is there something I have missed?
If not, would it be possible to add a parameter to the customerAccount.login function that has the same effect as appending prompt=none to OAuth url?