PortfolioAbout This Article
Point balance is personal information and must not be accessed without proper authentication. This article explains the mechanism for supporting multiple authentication methods while ensuring security.
Why Authentication is Important
Risks Without Authentication
| Risk | Specific Damage |
|---|---|
| Viewing others' points | Privacy violation, personal data breach |
| Fraudulent point use | Issuing coupons with others' points |
| Customer list leak | Customer IDs obtained through brute force |
| System attacks | Service outage from mass requests |
Viewing others' points
Specific DamagePrivacy violation, personal data breach
Fraudulent point use
Specific DamageIssuing coupons with others' points
Customer list leak
Specific DamageCustomer IDs obtained through brute force
System attacks
Specific DamageService outage from mass requests
Security Principles to Follow
- Authentication: Confirm who the request is from
- Authorization: Confirm the person has access permission
- Audit: Record all access
Authentication Mechanism
Authentication Check Flow
Receive request
Receive point retrieval request from client
Check authentication info
Get authentication token from request header
Verify token
Verify token validity (signature, expiration)
Get customer ID
Get authenticated customer ID from token
Verify ownership
Confirm request target customer ID matches authenticated customer ID
Allow/Deny access
If all pass, continue processing; if fail, return error
Flow Diagram
Authentication Flow Details
Client
GET /api/points (Authorization: Bearer xxx)
Server
Extract token -> Verify signature -> Check expiration -> Get customer ID -> Verify ownership
| Verification Result | Response |
|---|---|
| Authentication success | 200 OK + point data |
| Authentication failure | 401/403 error response |
Authentication success
Response200 OK + point data
Authentication failure
Response401/403 error response
Supported Authentication Methods
Session Token Authentication
Session Token Method - At Login
Login with email OTP
Customer authenticates with one-time password
Token issuance
Server issues session token
Save to Cookie
Save token in HttpOnly Cookie
| Feature | Details |
|---|---|
| XSS attack resistance | Protected with HttpOnly |
| CSRF protection | Separate measures required |
| Auto logout | Achieved via Cookie expiration |
XSS attack resistance
DetailsProtected with HttpOnly
CSRF protection
DetailsSeparate measures required
Auto logout
DetailsAchieved via Cookie expiration
Shopify Customer Account API Integration
Shopify OAuth Method - At Login
Login with Shopify account
Customer authenticates on Shopify's authentication screen
OAuth token issuance
Shopify issues OAuth token
Customer info accessible
Can access customer info with token
| Feature | Details |
|---|---|
| Authentication infrastructure | Leverage Shopify's authentication infrastructure |
| Password management | Delegated to Shopify |
| SSO | SSO possible across multiple stores |
Authentication infrastructure
DetailsLeverage Shopify's authentication infrastructure
Password management
DetailsDelegated to Shopify
SSO
DetailsSSO possible across multiple stores
Importance of Ownership Verification
Why Verify Ownership
| Case | Auth Token | Request Target | Result |
|---|---|---|---|
| Normal | Customer A's | Customer A's points | OK, return points |
| Fraudulent | Customer A's | Customer B's points (fraud) | 403 Forbidden |
Normal
Auth TokenCustomer A's
Request TargetCustomer A's points
ResultOK, return points
Fraudulent
Auth TokenCustomer A's
Request TargetCustomer B's points (fraud)
Result403 Forbidden
Important: Even if authenticated, don't allow access to others' data
Verification Logic
Ownership Verification Flow
Get input info
Get customer ID (A) from auth token, target customer ID (X) from request params
Check ID match
Confirm A === X
Result
Match -> Return point balance / Mismatch -> 403 error, log as unauthorized access
Security Measures
Implemented Measures
| Measure | Purpose | Implementation |
|---|---|---|
| Rate limiting | DoS attack prevention | 60 requests per minute from same IP |
| Token expiration | Reduce damage from leaks | Expires in 7 days |
| Logging | Fraud detection/tracking | Record all access with timestamps |
| Error message restriction | Prevent info leakage | Don't return detailed error reasons |
| Force HTTPS | Prevent interception | Reject HTTP connections |
Rate limiting
PurposeDoS attack prevention
Implementation60 requests per minute from same IP
Token expiration
PurposeReduce damage from leaks
ImplementationExpires in 7 days
Logging
PurposeFraud detection/tracking
ImplementationRecord all access with timestamps
Error message restriction
PurposePrevent info leakage
ImplementationDon't return detailed error reasons
Force HTTPS
PurposePrevent interception
ImplementationReject HTTP connections
Error Response Design
For operators: Details can be verified in admin panel
Logging and Monitoring
Information to Record
| Item | Recorded Content | Purpose |
|---|---|---|
| Timestamp | Request date/time | Chronological analysis |
| Customer ID | Authenticated customer | Access tracking |
| IP Address | Request source | Fraud detection |
| Result | Success/Failure | Failure rate monitoring |
| Error type | Auth/Authz/Other | Cause analysis |
Timestamp
Recorded ContentRequest date/time
PurposeChronological analysis
Customer ID
Recorded ContentAuthenticated customer
PurposeAccess tracking
IP Address
Recorded ContentRequest source
PurposeFraud detection
Result
Recorded ContentSuccess/Failure
PurposeFailure rate monitoring
Error type
Recorded ContentAuth/Authz/Other
PurposeCause analysis
Monitoring Alerts
| Notification Type | Condition |
|---|---|
| Immediate | Mass requests from same IP in short time |
| Immediate | Consecutive authentication failures |
| Immediate | Attempt to access others' data |
| Daily report | Total access count and failure rate |
| Daily report | Usage by authentication method |
| Daily report | Abnormal pattern detection results |
Immediate
ConditionMass requests from same IP in short time
Immediate
ConditionConsecutive authentication failures
Immediate
ConditionAttempt to access others' data
Daily report
ConditionTotal access count and failure rate
Daily report
ConditionUsage by authentication method
Daily report
ConditionAbnormal pattern detection results
Benefits of This Design
Security
- Safe design where others' points cannot be viewed
- Fraud detection and tracking possible
- Resilience against attacks
Operations
- Easy to identify causes when issues occur
- Security audit ready
- Data collection for continuous improvement