We're building an app that extends some of the account management options available to customers such as the ability to change their contact information, accepts marketing flag, etc.
We have an app set up and we're authenticating requests from shopify via the generated signature, but we're still scratching our heads as to what the best approach is to authenticate inputs from specific customers. Obviously, we want to ensure that inputs coming into our app are limited to the user logged into the store, so that someone with malicious intent isn't able to change other customers' info if they happen to know a given customer's ID.
Currently, we're generating a hash/token every time an input is processed by our app and storing it as a customer metafield. We feel this is a weak approach because as requests are sent via ajax, we have to return the updated hash in the response, making that process vulnerable to a man in the middle attack.
We're interested in others thoughts/ideas that have addressed this type of scenario in the past.