Customer saved products app
The site allowed users to create their own products, but they had no way to store an individual user's created products.
I was tasked with solving that issue, along with the following paramters:
- The products had to be secure
- The app had to work with the sites customizer app
- Users needed the ability to update and delete products
- Users needed the ability to search their own products
The customizer app created a new Shopify product to act as the go-between for the user and the service. I used this to my advantage by first setting up a products/create webhook and checking the data that was available to me.
I found that since the customizer was saving products to a hidden collection, but the customer ID was stored as tags on the new product, i would be able to create a secondary collection for each user individually which could hold all of their products.
I started by creating a private Shopify app in Ruby on Rails which could parse the webhook data and first check if this user already had a collection, if they did, i simply updated the product with their private collection, if not i created a new private collection and then added the new product to that.
Now each product was stored inside a private user collection, all that was left to do was to 1) secure the products 2) add update and delete functions and 3) add search functionality.To secure the products, i took advantage of Shopify Liquid. I did a simple customer check on the page, if the current customer id matched the collection title I would display the collection (or product), if not, they were bounced to their own collection without ever rendering the private products of the targeted user.
The update and delete functions were simple CRUD inside the private Shopify App, but i opted to add further security by checking the authenticity of the request and also sending a salted hash of the customer ID so that it could be matched up with the owner of the product. All that remained was taking advantage of the Shopify Admin API to actually make the changes.