Subscription Payments #5: Deploy Stripe Application to Production using Heroku

Subscription Payments #5: Deploy Stripe Application to Production using Heroku

Store secrets securely

We have our secret keys in the source code right now. This is a big no-no when we go into production. The best way to secure store secrets is in a .env file.

Let's create a .env

STRIPE_SECRET_KEY=sk_xxx
PRODUCT_BASIC=price_xxx
PRODUCT_PRO=price_xxx
MONGODB=mongodb://localhost:27017/users
STRIPE_WEBHOOK_SECRET=whsec_xxx
TRIAL_DAYS=14

We can then use these values in our source code by installing dotenv.

npm install dotenv

In the first line of app.js

require('dotenv').config()

This will load up the secrets in .env and we can access them with process.env

In our src/connect/stripe.js

const Stripe = stripe(process.env.STRIPE_SECRET_KEY, {
  apiVersion: '2020-08-27'
})

Deploy on Heroku

The easiest way to deploy our application is on Heroku. We can use their CI/CD pipeline to deploy from a Github repository.

image

Don't forget to add our environmental variables to the deployment.

Go to Settings > Config Vars

Add in all the variables from the .en

image

Set up a cloud Mongo instance on MongoDB Atlas

We will need a hosted MongoDB instance tto work with our application. MongoDB Atlas is a great choice. And it's free.

Create a new account at MongoDB Atlas.

Create a new Cluster.

Cloud Provider: AWS

Region: Choose one with a free tier

We also need to add a user to be able to read the data. On the Atlas dashboard, add a new Database User by clicking on Security > Database Access. Default priviliges of Read and write to any database should be fine. You can however set up specific privileges for better security.

image

Our database is now ready to be used. To get the connection string, click on Click Cluster button on the dashboard > Connect your application.

image

The connection string looks like,

mongodb+srv://<username>:<password>@saasbase-guides.bibzo.mongodb.net/users?retryWrites=true&w=majority

Add in your database username, password to the string. We can now add this to the MONGODB Config Var on Heroku.

Configure Webhook for Production

We have been using a local webhook for the events from Stripe. This will not work in Production. We need to create a Production webhook key in Stripe Dashboard so that our deployed application can receive events. It's pretty simple to set up.

On the Stripe dashboard, head on over to Developers > Webhooks . Add a new endpoint.

Endpoint URL: Heroku deployment endpoint + /webhook

Events to send: customer.subscription.created and customer.subscription.updated

image

Copy over the newly generated Webhook Signing Secret and add it to the Config Vars as STRIPE_WEBHOOK_SECRET in Heroku.

Redeploy the application so that the changes can take effect. And there you have it! Your own Billing solution for your SaaS!