Skip to content
Appifire
Docs
Order Lookup Reliability Guide

Order Lookup Reliability Guide

This guide explains the current order-lookup reliability logic in plain language, including the retry + token-refresh behavior and the main edge cases to watch.

1) End-to-end flow (quick view)

Section titled “1) End-to-end flow (quick view)”

When a shopper asks for order status:

  1. api.chat resolves the shop and picks a token source (Session table first, then Shop table).
  2. generateChatReply in app/lib/rag.server.js decides whether this turn is:
    • order intent without number -> asks for order number
    • order lookup turn with parsed reference -> fetches live order
    • regular RAG chat
  3. If order lookup is needed, it calls fetchOrderByShopResilient in app/lib/order-lookup.server.js.
  4. fetchOrderByShopResilient:
    • retries auth failures with backoff
    • re-reads latest token candidates each attempt
    • can trigger refresh-token exchange on 401/403
  5. On success: order context is formatted and included in assistant reply.
  6. On failure: user gets safe fallback message (auth vs generic API issue vs not found).

2) Conversation-state logic

Section titled “2) Conversation-state logic”

State is tracked in ChatSession.metadata:

  • awaitingOrderNumber
  • orderAskRetries

Behavior:

  • If shopper says “where is my order” (no order number), assistant asks for order number.
  • If shopper replies with #1001 or 1001, it is accepted as a direct follow-up order ref.
  • If order API auth fails, session remains in order-follow-up context so the next #1001 is still handled as an order lookup turn.
  • On terminal outcomes (success or not found), order-follow-up state is cleared.

This prevents the flow from drifting into generic RAG after a transient auth issue.

3) Resilient lookup behavior

Section titled “3) Resilient lookup behavior”

fetchOrderByShopResilient currently does:

  • Backoff attempts: 0ms, 300ms, 900ms, 1800ms
  • Candidate token order per attempt:
    1. current request token
    2. request fallback token
    3. latest offline Session token
    4. latest Shop token
  • For each candidate, it calls fetchOrderByShop.
  • If all candidates in an attempt fail with auth error, it can call refreshAccessToken callback and try refreshed token.

4) Refresh-on-401 behavior

Section titled “4) Refresh-on-401 behavior”

Implemented in:

  • rag.server.js (chat path)
  • api.order-lookup-test.jsx (API test path)
  • scripts/test-order-lookup.mjs (CLI script path)

Refresh logic:

  1. Read latest offline Session row.
  2. Use refreshToken (if present and not expired).
  3. Call Shopify token endpoint:
    • POST https://{shopDomain}/admin/oauth/access_token
    • grant_type: refresh_token
  4. Persist new access token to:
    • Session row (accessToken, optional rotated refresh fields)
    • Shop row (accessToken)
  5. Retry order lookup immediately.

5) Remaining edge cases + concrete fixes

Section titled “5) Remaining edge cases + concrete fixes”

These are the main scenarios where it can still fail:

  • Missing/expired refreshToken in offline Session
    Why it fails: auto-refresh cannot run without a valid refresh token.
    Fix:

    1. Re-auth the app once from Shopify Admin to regenerate offline Session credentials.
    2. Add a daily health check job: flag shops where offline Session has missing/expired refreshToken.
    3. In-app admin banner: if order lookup hits this condition, prompt merchant to “Reconnect Shopify”.
    4. Keep fallback behavior user-safe: customer sees temporary order lookup error, not raw auth details.

  • Revoked token / reauth required by merchant
    Why it fails: Shopify rejects both access token and refresh token after revocation/scope change/uninstall-reinstall paths.
    Fix:

    1. Detect repeated 401 after refresh attempt and mark shop auth status as degraded (internal flag or log signal).
    2. Show merchant-facing reconnect CTA in app admin.
    3. Block repeated blind retries after hard-auth failure (avoid useless load and noisy logs).
    4. After successful reauth, immediately test one known order via script or test endpoint.

  • App uninstalled or scopes changed
    Token invalid even after retries; lookup fails until reauth.

  • Older orders outside default read_orders window
    Why it fails: read_orders usually limits visibility; older orders may appear as not found even when they exist.
    Fix:

    1. Confirm order age in Shopify Admin when lookup returns not found with no auth error.
    2. If business use-case truly needs historical orders, request read_all_orders with clear justification for App Review.
    3. Add user-facing fallback copy: “I can only access recent orders right now. Please contact support for older orders.”
    4. Keep current query strategy (name:#1001, name:1001, #1001) to maximize match quality for accessible orders.

  • Shopify-side transient API issues / throttling
    Why it fails: temporary 5xx, 429, or network instability can outlive local retries.
    Fix:

    1. Add jitter to retry backoff (for example 300-500ms, 900-1300ms) to reduce synchronized spikes.
    2. Treat 429 separately: read throttle hints/headers where available and delay accordingly.
    3. Log per-attempt status code and elapsed time when ORDER_LOOKUP_DEBUG=true.
    4. Keep graceful shopper fallback and avoid exposing “rate limit” internals in widget replies.

  • Concurrent refresh races (rare under load)
    Why it fails: two requests may refresh simultaneously and temporarily use mixed token states.
    Fix:

    1. Add a short-lived per-shop refresh lock (DB/advisory lock or in-memory mutex in single-node env).
    2. If lock exists, second request waits briefly and re-reads Session token before retrying.
    3. Use idempotent update policy: always persist latest refreshed token to both Session and Shop.
    4. Keep retry loop in place even with lock, because cross-instance races can still occur.

6) Troubleshooting checklist

Section titled “6) Troubleshooting checklist”

Use this order:

  1. Run script:
    • node scripts/test-order-lookup.mjs --shop=<shop> --orderRef=#1001
  2. If error is 401:
    • confirm Session has valid refreshToken
    • confirm app API key/secret env vars exist
  3. If found: false with no auth error:
    • verify order ref format and existence in Shopify Admin
    • verify scope window (read_orders vs old order age)
  4. If intermittent:
    • retry once and inspect server logs for refresh success
    • consider adding temporary debug logs around refresh attempts
Section titled “7) Recommended hardening backlog”

If you want this to be production-strong at scale, implement in this order:

  1. Per-shop refresh lock around refresh-token exchange.
  2. Auth degradation signal (internal status/event) after repeated 401 + failed refresh.
  3. Ops telemetry: attempt count, token source, refresh success/failure reason.
  4. Merchant reconnect UX in admin for degraded auth state.
  5. Optional scope expansion to read_all_orders only if product requirements require old-order access.

8) Files to know

Section titled “8) Files to know”
  • Core fetch + resilience:
    • app/lib/order-lookup.server.js
  • Conversation orchestration:
    • app/lib/rag.server.js
  • API test endpoint:
    • app/routes/api.order-lookup-test.jsx
  • CLI test script:
    • scripts/test-order-lookup.mjs
Home

01 Overview

AppiFire AI Chat — Product Plan & Architecture Options (A, B, C) Technology Overview & High-Level Tasks

01 Platform Foundation

Prerequisites (Detailed Plan) Shopify Setup — Partner Account, CLI, App, and Extension Shopify App Skeleton & Database (Detailed Plan)

02 Knowledge and RAG

Database Schema for RAG Product Sync & Ingestion RAG & Chat API RAG Data Sync (Products, Collections, Inventory, Blog Posts) + Order Lookup How the Codebase Uses Vector Information to Answer Users in Chat Website Knowledge from Web (GPT-4o Mini Search)

03 Billing and Usage

Billing & Usage Billing & Usage — Remaining Tasks Credits wallet: one-time purchases & subscription included credits Free Plan: Reply Cap and Monthly Reset Promo code functionality Shopify App Billing and Payments Tasks

04 Admin and Storefront

Admin Settings & Chat Widget Admin UI Design Plan — Bigger Font, Different Font, More Spacing, Styled Buttons AI Chats / Logs Screen Billing Screen Restructure Plan (Sales + Marketing Focus) Dashboard Plan — AppiFire AI Chat Design Guidelines and Styling System (Polaris + Tailwind Plan) Theme & Design System Timezone & Time Display Plan (Admin + Widget)

05 Chat Experience and Safety

Chat Guardrails Inspection Full Conversation History in OpenRouter Chat Order Lookup Reliability Guide Order Status Conversational Chat Flow Pre-Chat User Identity Form

06 Merchant Lifecycle

Register / Identify App Users (Paying Merchants) Uninstall: Record & Goodbye Email

07 Ops and Release

Deploy: Cloudflare Tunnel + Your Domain & App to appifire-ai-chat.appifire.com Launch & Publishing Guide Links Scheduled jobs, privacy & shop analytics Testing Up to Phase 2 (Product Sync & Ingestion)

08 Research and Ideas

App Names 20 Paid Feature Gaps — AppiFire AI Chat Roadmap Templates Shortlisted Top 30 Shopify App Ideas — High Demand, Buildable, Revenue Potential

09 Archive

100 AI Questions User Can Ask App Embed Settings Plan Chat Thread Identity and History Plan Plan: Free reply monthly reset & paid included credits delivery Future Todo List Promo Code Module Plan Reorganize Documents Support Feature Plan Talk to Human Flow Plan Welcome Email Plan (Brevo API)

10 Marketing and SEO

Article Writing Prompt Appifire SEO Topical Map Topical Map Prompt Appifire VS Pages VS Pages Prompt

11 Video Testimonial Collector

Post-Purchase Video Testimonial Collector — Detailed Product Plan Video Testimonial Collector - Implementation Blueprint Video Testimonial Collector - Pricing & Billing Options Delete All Existing Code and DB Tables (Boilerplate Cleanup) 05 — Storefront Widgets + Public Read API (Screen 8 & 8.1) 06 — Public Submission Page (Screen 13, `/t/:token`) 07 — Email/SMS Request Delivery Pipeline (Blueprint §4) 08 — Security, Compliance & Privacy (Blueprint §8) 09 — Submissions Inbox (Screen 5, `/app/testimonials`) 10 — Submission Detail & Moderation (Screen 6, `/app/testimonials/:id`) 11 — Published Content Manager (Screen 7, `/app/testimonials/published`) 12 — Moderation Settings (Screen 9, `/app/testimonials/moderation`) 13 — Requests Log (Blueprint Screen 10, `/app/testimonials/requests`) 14 — Analytics (Blueprint Screen 11, `/app/testimonials/analytics`) 15 — Billing & Usage (Blueprint Screen 12, `/app/testimonials/billing`) 16 — Templates (Screen 4, `/app/testimonial-templates`) 17 — Campaigns List (Screen 2, `/app/testimonial-campaigns`) 18 — Campaign Create/Edit (Screen 3, `/app/testimonial-campaigns/:id`) 19 — Dashboard (Screen 1, `/app`) 20 — Database Design & Migrations (Blueprint §5) 21 — Route & File Map Execution Plan (Blueprint §6) 22 — Integration & Processing Orchestration (Blueprint §7) 23 — Release Plan & Milestones (Blueprint §9) 24 — Build Notes Execution Standards (Blueprint §10) 25 — Core Modules Breakdown (Blueprint §2.2) 26 — Project Conventions Execution Guide (Blueprint §2.1) 27 — Product Scope Recommendation Execution (Blueprint §1) 28 — Admin Screens Information Architecture (Blueprint §3) 29 — Milestone 1 Delivery Plan (Blueprint §9.1) 30 — Milestone 2 Delivery Plan (Blueprint §9.2) 31 — Milestone 3 Delivery Plan (Blueprint §9.3) 32 — Email/SMS Operational Detail (Blueprint §4) 33 — TestimonialModerationLog Model & Audit Workflow (Blueprint §5.10) 34 — TestimonialDailyAnalytics Model & Rollup Jobs (Blueprint §5.11) 35 — TestimonialProductLink Model & Multi-Product Merchandising (Blueprint §5.9) 36 — TestimonialMediaAsset Model & Processing Pipeline (Blueprint §5.8) 37 — TestimonialSubmission Model & Lifecycle (Blueprint §5.7) 38 — TestimonialRequestEvent Model & Delivery Event Stream (Blueprint §5.6) 39 — TestimonialRequest Model & Scheduling Lifecycle (Blueprint §5.5) 40 — TestimonialTemplate Model & Resolution Rules (Blueprint §5.4) 41 — TestimonialCampaignProduct Model & Targeting Rules (Blueprint §5.3) 42 — TestimonialCampaign Model & Automation Rules (Blueprint §5.2) 43 — Shop Model Extension for Testimonials (Blueprint §5.1) 44 — Per-Product Collection Rule (Required) Implementation Plan 45 — Two Storefront Widgets (v1 Requirement, Screen 8.1)