#fusync-webhook-signature

Hello! Yep, I believe that's correct, it's not shown in the Dashboard by default for most accounts.

You can still add it via the API though.

Hi Rubeus, how would I do that?

Here's the API reference for the lookup_key property on Prices: https://stripe.com/docs/api/prices/create#create_price-lookup_key

Will the lookupkey ever return to the dashboard?

I don't believe there are any plans for it, no. What's your use case for the lookup key in the Dashboard?

To retrive the prodcut data when the user clicks on the plan they want. It will then direct them to checkout on stripe hosted checkout page. The lookup key is used to find product details. Saw it in the quickstart guide

Why do you want to be able to set it using the Dashboard though?

The operations you're decribing would be done via the API, correct?

I prefer to set it up using the dashboard

I believe you can contact support and request they enable that field in the Dashboard for you: https://support.stripe.com/contact/email

cool

I had another problem for
router.post(
'/webhook',
does it run after
router.post('/create-portal-session',
from the stripe server

Those are routes you would define on your server, and when they get called is up to how your frontend code works and how you configure webhooks.

Can you ask something more specific, or provide more details?

so I am following this quickstart guide
https://stripe.com/docs/billing/quickstart

And it has the three posts
create portal session which uses the product data and generates link to stripe checkout but after the payment it redirects to
domain.com/success.html?session_id={CHECKOUT_SESSION_ID}
but how does session id gert obtained? I am assuming from the webhook post but I am confused on how it will work?

{CHECKOUT_SESSION_ID} is a placeholder and will be replaced by the Checkout Session's ID when Checkout redirects.

Details here: https://stripe.com/docs/payments/checkout/custom-success-page#modify-success-url

what about the webhook would I need that too?

That endpoint receives Events sent to your server directly from Stripe. You configure a Webhook Endpoint to point to that URL so we can let your server know when certain things happen.

More info here: https://stripe.com/docs/webhooks

is that seperate to the payment e.g. I will only use webhook to manage the details but the acutal payament flow for the customer would be done with those to rest requests a post to checkout and app.get('/order/success',

Ideally you use both. By default most transactions will be handled by your client-side flow working as intended, with the webhooks as a backup in case something client-side goes wrong.

For example, if someone is paying you and just as they complete the payment their battery dies you want to know you got paid, so you can fulfill the order, even if the client-side code doesn't run.

There are a lot of cases where that happens. Losing your Internet when going into a tunnel, a strange browser extension breaking something, etc.

So webhooks are an important backup to your client-side flow.

I see does that mean after the payment is done the post webhook runs separately

Yeah, your webhook URL is hit directly by Stripe. It's outside the client-side flow.

I should inlcude this in a seprate file in my router folder in express.js then

That's up to you, it will work either way.

How does stripe secure this webhook and how is it verfied I see a endpointsecret but theres no conditional checking statement like endpointsecret === secretkey

Stripe provides a signaure for every Event sent to your endpoint which you can (and should) verify on your end using a secret only you and Stripe know: https://stripe.com/docs/webhooks/signatures

in the code is this the condtional checking statement

event = stripe.webhooks.constructEvent(
request.body,
signature,
endpointSecret

Yep, constructEvent will validate the signature and return an error if it doesn't work out as expected.

fusync-webhook-signature

Ok for wheen the webhook is sent back tot he server does the event contain the user id from stripe

what do you call "the user id" as it could mean many different things

the customer details id

It depend on which Event you are listening for.

e.g. for here

outer.get('/success', async (req, res) => {
const sessionID = req.query.session_id;
console.log('sessionID',sessionID)
const customer = await stripe.customers.retrieve(sessionID.customer);
console.log('customer',customer)

I get value for sessionId but the cutomer detail fails

Sure, step 1: log the information and debug
Like what does the customer id look like? Did you create one first? If not why do you expect one here?

error for customer variable

C:\Users\Owner\Documents\web\node_modules\stripe\cjs\StripeResource.js:99
throw new Error(Stripe: Argument "${param}" must be a string, but got: ${arg} (on API request to \${requestMethod} ${path}`)`);
^

Error: Stripe: Argument "customer" must be a string, but got: undefined (on API request to GET /v1/customers/{customer})
at C:\Users\Owner\Documents\web\node_modules\stripe\cjs\StripeResource.js:99:23

I mean that's just dumping a crash with no info

You control the code here. Log the value before calling that API, make sure the value is correct and not null

value for sessionID?

You are the developer triggering an Event. You receive that Event. You can then log the content to understand what's in it. You seem to expect customer to be set. But it's not by default, not unless you explicitly create a Customer first and attach it to the Session yourself on creation which I assume you didn't

I think I am using the wrong function when I have the session Id after the user has payed (from session url => session_id={CHECKOUT_SESSION_ID}), can I use it to access the user data and if so which function would it be? e.g. something like await stripe.customers.retrieve(sessionID)

sorry we're completely talking past each other a bit right now

Checkout does not create a Customer for you by default for one-time payments. I'm assuming you use Checkout (per what you said) and are doing one-time payments and not creating a Customer yourself, so there would be no Customer id in customer.

I set up a subscription payment
mode: 'subscription'

😅

okay so can you give me an example Checkout Session id?

cs_test_a1fXvx1qjtaKcRu2xlALuIa1JspeQw4MB423EsNNWQEIt4ooarcDZ6jZbu

Okay so you can see that Checkout Session's Event checkout.session.completed straight in your Dashboard here: https://dashboard.stripe.com/test/events/evt_1NNOAlKEJ34I7jmxU5RYdD7X
and if you look you can see it has the customer set as expected

Nice
What function can I use to retrieve it with nodejs

I mean right now I really don't get what you're asking just yet unfortunately and you seem quite lost

I just showed you what the Event looks like with its raw JSON which is what you were asking about earlier

but maybe you're not talking about an Event at all are just lost?

    const sessionID = req.query.session_id;
    console.log('sessionID',sessionID)
    const customer = await stripe.customers.retrieve(sessionID.customer);
    console.log('customer',customer)```
what is thios? Where does `res.query.session_id` come from?

Is this part of the Redirect URL?

yeah but somehting like
const customer = await stripe.customers.retrieve(sessionID);
where all the detials can be gotten from event e.g. if I want customer data

yeah

yeah okay so we're back to what I said earlier, you need to log stuff

Like right now, the URL has session_id=cs_test_123 It's purely a string. How would it have a sub-property called customer, that wouldn't make sense

With the Checkout Session id cs_test_123 what your code can do is call the Retrieve Checkout Session API https://stripe.com/docs/api/checkout/sessions/retrieve to get the full Session object

and that will have customer: 'cus_123' and any other information

yeah thats why I was enquiring about

is there a api call I can make to stripe

e.g. await stirpe.something. retrieve(sessionId)

where the session string is the identifier

Gotcha, sorry that's definitely not what I understood from your ask! But all our objects have a Retrieve API equivalent

nice may I know where to find it or what it is for this case?