Public environment variables

[ollebergkvist]

Using publicly exposed environment variables for the access token and store domain is not a good idea as they will be included in the build and are easily accessed by the client.

Hence, createCheckout and updateCheckout in src/lib/shopify.ts should be moved to api routes as they are run client-side.
The other queries are run server-side (getStaticProps), so they can utilize env variables.

Maybe that was mentioned in the course, but I believe a lot of people might use this project as a starting template. So maybe it's important to mention it somewhere in the readme.

Great material otherwise, I learned a lot from just exploring the repo.