function generatePermissionUrl(clientId, redirectUri, scope) {
  const shopUrl = `https://${process.env.SHOP_URL}`;
  const authPath = '/admin/oauth/authorize';
  const state = generateRandomState(); // Generate a random state value
  storedState = state; // Store the state value securely
  const queryParams = `client_id=${clientId}&redirect_uri=${encodeURIComponent(redirectUri)}&response_type=code&scope=${scope}&state=${state}`;
  const permissionUrl = `${shopUrl}${authPath}?${queryParams}`;
  return { permissionUrl, state };
}

app.get('/install', (req, res) => {
  const clientId = process.env.CLIENT_ID;
  const redirectUri = 'http://localhost:3000/auth/shopify/callback';
  const scope = 'write_script_tags write_themes';

  const { permissionUrl, state } = generatePermissionUrl(clientId, redirectUri, scope);

  res.redirect(permissionUrl);
});