Is there a simple way to implement where a user donates x and gets isPremium = true added to their account. Stripe documentation is confusing me, and I have not found any updated tutorials on this. It sounds like a simple concept, but seems to be a complex solution.
I am using an Express API, and Angular 9.
Please help...
Comments linked to Webhook Notifications for the stripe case
For PayPal there are similarly Webhooks Events, as well as the legacy Instant Payment Notification (IPN) service
Related
We have implemented a Paypal susbcription into our SaaS project.
The subscriptions are working fine and now we want to integrate webhooks to automatically work with cancellations / non payment.
We struggle to find any information on how to work with webhooks inside a javascript environment.
The only source we find is this:
https://developer.paypal.com/api/rest/webhooks/
Does anybody know about this or can give further advice?
I would like to set up a notifications system to be used when a new update of my progressive web app is available.
The pwa uses react and has node (with express) as the backend.
I followed google's guide to push notifications (link) and everything works fine when sending a push message from the devTools' service workers tab.
The problem is that the guide ends there and i would like to be able to send a notification to every subscribed user.
I tried to look for a solution and i found out that Firebase Cloud Messaging could do what i need, but when i tried to implement it i got a bit confused as it seems quite different from what I've done in the guide mentioned above.
I've also looked at other guides here and there but they don't do what i need and some of them doesn't even work.
Can someone please explain me what should i do the get that result?
Thanks in advance for the help, i hope my question isn't too stupid '^^
Im new to backend dev, and I have a full fledge working React app that GETs,DELETEs and PUTs data using a fake server. Now I need to use an actual backend and I was thinking of going with Firebase as it seems really convenient. However I saw some examples using Firebase directly in the React app, and some using Node.js to do the work.. Could someone please tell me whats the best way to go with this? If there's an easier way to create REST API using express/mongo, I am also open to those :)
You have to keep in mind that anything you do from the frontend will be visible to the user, so communicating with Firebase from React will be a bad idea at least for anything involving sensitive information (passwords, credit card info, etc.). Just because you can do something doesn't mean you should. Use a Node backend and use that to communicate with your DB and other services.
To address the last part of your question, it is possible that Firebase might be more than you need. A simple setup with Express and MongoDB might be easier. MLab has a pretty good free sandbox database-as-a-service that requires very minimal setup.
I think firebase can also be a good fit, you can use Firebase auth to manage authentication and Rules in the Realtime database or in Firestore to prevent not authenticated users to manipulate your data https://firebase.google.com/docs/database/security/ And to get the best out of Firebase I would recommend using the SDKs but you can also use the REST API https://firebase.google.com/docs/reference/rest/database/
Also if you want to have functionality on the backend you can do so With Firebase Admin SDK https://firebase.google.com/docs/reference/admin/
From my point of view that is one of the advantages of firebase, you can get con going really fast without having to worry about managing infrastructure.
I'm using kinvey. They provide this great tutorial detailing sign-in via oauth. They also handle a considerable amount on their end allowing a very simple social signin method.
The issue is providing a proper Callback URL when creating the app within twitter. How do I make that play nicely with the tabs:childBrowser in Trigger.IO?
I've seen this answer regarding how to use Trigger.IO to handle OAuth2, how would I go about augmenting the method they provide for use with OAuth1.0a for use with Twitter?
I've put together a demo app which shows how to use forge.request.ajax and forge.tabs.open to do an OAuth 1.0a flow against Twitter. Might update the docs with the same when a get a second.
https://github.com/goodgravy/forge-spikes/tree/master/twitter-oauth
I'm developing a new web site that will be a single paged app with some dialog/modal windows. I want to use backbone for frontend. This will call backend using ajax/websockets
and render the resulting json using templates.
As a backend I'll use nodejs express app, that will return the json needed for client, it'll be some kind of api. This will not use server side views.
Client will use facebook, twitter, etc. for authentication and maybe custom registration form.
Client static resources, such as css, js, and html files will be handled by nginx (CDN later).
Questions that I have now:
How can I determine that a given user has the right to do some action in api(i.e. delete a building, create new building)? This is authorization question, I thought of giving user a role when they login and based on it determine their rights. Will this work?
Similar to the above question, will this role based security be enough to secure the api? Or I need to add something like tokens or request signing?
Is this architecture acceptable or I'm over engineering and complicating it?
Passport is an option for the authentication piece of the puzzle. I'm the developer, so feel free to ask me any questions if you use it.
I thought of giving user a role when they login and based on it determine their rights. Will this work?
Yes this will work. You can check for a certain role on the user after it's been fetched from the server. You can then display different UI elements depending on this role.
Will this role based security be enough to secure the api? Or I need to add something like tokens or request signing?
It wont be enough. Anyone could hop into the console and set something like user.admin = true. In your API you'll need to validate a user token from the request, making sure that the related user has the appropriate permissions.
Is this architecture acceptable or I'm over engineering and complicating it?
At the least you should have an API validation layer. That would make a decent enough start, and wouldn't be over-engineering.
For the authentication part of your question i would use everyauth which is an authentication middleware for connect/express. It supports almost every oauth-social-network-thingie.
For role management you could give node-roles a try. I didn't use it myself but it should help you out, because it checks the role on the server side. Of course that is only useful if your API is implemented in node.js. If that's not the case, you have to "proxy" the API calls over your node.js app.
I hope I could help you! :)