-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
- Privacy
const crypto = require('crypto'); function verifyWebhookSignature(payload, signature, secret) const expected = crypto .createHmac('sha256', secret) .update(JSON.stringify(payload)) .digest('hex'); return crypto.timingSafeEqual(Buffer.from(signature), Buffer.from(expected));
includes checkout_url for collecting payment method. checkout.hubuppayments.com
Authorization: Bearer secret_key Content-Type: application/json const crypto = require('crypto')
app.post('/api/webhooks/hubup', (req, res) => const sig = req.headers['hubup-signature']; if (!verifyWebhookSignature(req.body, sig, process.env.HUBUP_WEBHOOK_SECRET)) return res.status(401).send('Invalid signature'); const event = req.body; switch(event.type) case 'payment_intent.succeeded': const paymentIntent = event.data; // Update order status to PAID in your DB // Fulfill product, grant access, send email break; case 'payment_intent.failed': // Log failure, notify customer, retry logic break; default: console.log( Unhandled event type: $event.type ); secret) const expected = crypto .createHmac('sha256'
"plan_id": "plan_monthly_10", "customer_email": "user@example.com", "trial_days": 14, "success_url": "https://yoursite.com/subscribe/success", "cancel_url": "https://yoursite.com/subscribe/cancel"
BosGuy