@golevelup/nestjs-stripe
Interacting with the Stripe API or consuming Stripe webhooks in your NestJS applications is now easy as pie 🥧
Features
-
💉 Injectable Stripe client for interacting with the Stripe API in Controllers and Providers
-
🎉 Optionally exposes an API endpoint from your NestJS application at to be used for webhook event processing from Stripe. Defaults to /stripe/webhook
but can be easily configured
-
🔒 Automatically validates that the event payload was actually sent from Stripe using the configured webhook signing secret
-
🕵️ Discovers providers from your application decorated with StripeWebhookHandler
and routes incoming events to them
-
🧭 Route events to logical services easily simply by providing the Stripe webhook event type
Getting Started
Install
NPM
YARN
Import
Import and add StripeModule
to the imports
section of the consuming module (most likely AppModule
). Your Stripe API key is required, and you can optionally include a webhook configuration if you plan on consuming Stripe webhook events inside your app.
Stripe secrets you can get from your Dashboard’s Webhooks settings. Select an endpoint that you want to obtain the secret for, then click the Reveal link below "Signing secret".
account
- The webhook secret registered in the Stripe Dashboard for events on your accounts
account_test
- The webhook secret registered in the Stripe Dashboard for events on your accounts in test mode
connect
- The webhook secret registered in the Stripe Dashboard for events on Connected accounts
connect_test
- The webhook secret registered in the Stripe Dashboard for events on Connected accounts in test mode
import { StripeModule } from '@golevelup/nestjs-stripe';
@Module({
imports: [
StripeModule.forRoot(StripeModule, {
apiKey: 'pk_***',
webhookConfig: {
stripeSecrets: {
account: 'whsec_***',
accountTest: 'whsec_***',
connect: 'whsec_***',
connectTest: 'whsec_***',
},
},
}),
],
})
export class AppModule {
}
Configuration
The Stripe Module supports both the forRoot
and forRootAsync
patterns for configuration, so you can easily retrieve the necessary config values from a ConfigService
or other provider.
Injectable Providers
The module exposes two injectable providers with accompanying decorators for your convenience. These can be provided to the constructors of controllers and other providers:
@InjectStripeClient() stripeClient: Stripe
@InjectStripeModuleConfig() config: StripeModuleConfig
Consuming Webhooks
Included API Endpoint
This module will automatically add a new API endpoint to your NestJS application for processing webhooks. By default, the route for this endpoint will be stripe/webhook
but you can modify this to use a different prefix using the controllerPrefix
property of the webhookConfig
when importing the module.
⚠️ Configure Raw Request Body Handling
If you would like your NestJS application to be able to process incoming webhooks, it is essential that Stripe has access to the raw request payload.
By default, NestJS is configured to use JSON body parsing middleware which will transform the request before it can be validated by the Stripe library.
You can choose to pass the raw request body into the context of each Request,
which will not cause side effects to any of your existing project's architectural design and other APIs.
const app = await NestFactory.create<NestExpressApplication>(AppModule, {
rawBody: true,
});
You can then manually set up bodyProperty
to use rawBody:
StripeModule.forRoot(StripeModule, {
apiKey: 'pk_***',
webhookConfig: {
stripeSecrets: { ... },
requestBodyProperty: 'rawBody',
},
});
Decorate Methods For Processing Webhook Events
Exposing provider/service methods to be used for processing Stripe events is easy! Simply use the provided decorator and indicate the event type that the handler should receive.
Review the Stripe documentation for more information about the types of events available.
@Injectable()
class PaymentCreatedService {
@StripeWebhookHandler('payment_intent.created')
handlePaymentIntentCreated(evt: Stripe.PaymentIntentPaymentCreatedEvent) {
}
}
Webhook Controller Decorators
You can also pass any class decorator to the decorators
property of the webhookConfig
object as a part of the module configuration. This could be used in situations like when using the @nestjs/throttler
package and needing to apply the @SkipThrottle()
decorator, or when you have a global guard but need to skip routes with certain metadata.
StripeModule.forRoot(StripeModule, {
apiKey: 'pk_***',
webhookConfig: {
stripeSecrets: { ... },
decorators: [SkipThrottle()],
},
}),
Usage with Interceptors, Guards and Filters
This library is built using an underlying NestJS concept called External Contexts
which allows for methods to be included in the NestJS lifecycle. This means that Guards, Interceptors and Filters (collectively known as "enhancers") can be used in conjunction with Stripe webhook handlers. However, this can have unwanted/unintended consequences if you are using Global enhancers in your application as these will also apply to all Stripe webhook handlers. If you were previously expecting all contexts to be regular HTTP contexts, you may need to add conditional logic to prevent your enhancers from applying to Stripe webhook handlers.
You can identify Stripe webhook contexts by their context type, 'stripe_webhook'
:
@Injectable()
class ExampleInterceptor implements NestInterceptor {
intercept(context: ExecutionContext, next: CallHandler<any>) {
const contextType = context.getType<'http' | 'stripe_webhook'>();
if (contextType === 'stripe_webhook') {
return next.handle();
}
return next.handle();
}
}
Configure Webhooks in the Stripe Dashboard
Follow the instructions from the Stripe Documentation for remaining integration steps such as testing your integration with the CLI before you go live and properly configuring the endpoint from the Stripe dashboard so that the correct events are sent to your NestJS app.
Contribute
Contributions welcome! Read the contribution guidelines first.
License
MIT License