#flawda-guy_webhooks
dense brookBOT
๐ Welcome to your new thread!
โฒ๏ธ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.
โฑ๏ธ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.
๐ This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1415036350201069648
๐ Have more to share? Add more details, code, screenshots, videos, etc. below.
raven forum
hello! sounds like you're using node + express right?
foggy talon
hello! sounds like you're using node + express right?
Correct. I've implemented this before on a different project but now I can't get it to work on this one
raven forum
what i typically recommend doing is running through the quickstart guides (which also use express), making sure you can get that running, and then reverse engineering the problem in your code from there:
https://docs.stripe.com/webhooks/quickstart?lang=node
the signature verification should just work if you use the quickstart example directly
foggy talon
what i typically recommend doing is running through the quickstart guides (which...
Pretty sure I've already done this. My code like this:
//imports up here
const app = express();
app.post("/stripe-hook", express.raw({ type: "application/json" }), webhook);
app.use(
express.urlencoded({
extended: true,
}),
);
app.use(cors);
app.use(express.json());
const port = process.env.EXPRESS_PORT;
const upload = multer({ storage: multer.memoryStorage() });
app.use(cookieParser());
//Other routes down here
app.listen(port, async () => {
console.log(`Listening on port ${port}`);
console.log(process.env.ENV);
});
A snippet from hook code is like this:
const stripe = new Stripe(process.env.STRIPE_SECRET_KEY || "");
let event;
const body = req.body as Buffer;
const endpointSecret = process.env.STRIPE_WEBHOOK_SECRET || "";
const signature = req.headers["stripe-signature"];
if (!signature) throw new Error("No stripe signature found");
try {
event = stripe.webhooks.constructEvent(body, signature, endpointSecret);
} catch (error) {
res.status(400).send(`Webhook Error: ${error.message}`);
console.log(error.message);
return;
}
I think this is exactly what Im supposed to do. The secret key, web hook secret I have verified multiple times, and the signature is valid but I still get:
No signatures found matching the expected signature for payload. Are you passing the raw request body you received from Stripe?
raven forum
when you print the signature out does it look like this?
https://docs.stripe.com/webhooks/signature#check-the-signature
foggy talon
when you print the signature out does it look like this?
https://docs.stripe.com...
Yes
raven forum
hmm, superficially your code looks fine, it doesn't look like you're doing anything strange
are you printing both your webhook secret and secret key when you process the event to verify that they are exactly what you think they should be?
i do think this is probably related to the body being modified somehow but just want to triple check
foggy talon
๐คฆโโ๏ธ I figured it out, when I was running the stripe listen command it was printing the last 3 letters of the webhook secret on a new line and I just didnt realize it lol
raven forum
oooo haha, makes sense
always happy to be a rubber duck while you solve your own issues ๐
fyi i'll close this thread out shortly unless you have more questions, but you're always welcome to come back!
foggy talon
I have nothing else, thanks for helping ๐
You can close the thread