Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement Stripe portal to allow usage-based customers to manage their billing details #10555

Merged
merged 1 commit into from
Jun 10, 2022
Merged

Implement Stripe portal to allow usage-based customers to manage their billing details #10555

merged 1 commit into from
Jun 10, 2022

Conversation

jankeromnes
Copy link
Contributor

@jankeromnes jankeromnes commented Jun 9, 2022
edited

Description

  • Implement Stripe portal to allow usage-based customers to manage their subscription.

Related Issue(s)

Fixes #10327

How to test

  1. Create a team called "Gitpod", or "Gitpod1", "Gitpod2" ...
  2. Navigate to Team Settings > Team Billing
  3. Wait for the Usage-Based Billing UI to appear
  4. Upgrade to Usage-Based Billing by adding a credit card (e.g. 4242 4242 4242 4242, 4/24, 424)
  5. Once upgraded, clicking on Manage Billing should open the Stripe Portal
  6. (The Stripe Portal also has a link that takes you back to Gitpod)
Click on Manage Billing View Stripe Portal
Screenshot 2022-06-10 at 08 29 13 Screenshot 2022-06-10 at 08 29 30

Release Notes

NONE

Documentation

  • /werft with-payment

@werft-gitpod-dev-com
Copy link

started the job as gitpod-build-jx-stripe-portal.2 because the annotations in the pull request description changed
(with .werft/ from main)

@roboquat roboquat added size/M and removed size/S labels Jun 9, 2022
Base automatically changed from jx/stripe-cleanup to main June 9, 2022 15:52
@roboquat roboquat added size/L and removed size/M labels Jun 9, 2022
@roboquat roboquat added size/M and removed size/L labels Jun 9, 2022
@jankeromnes jankeromnes marked this pull request as ready for review June 10, 2022 06:30
@jankeromnes jankeromnes requested a review from a team June 10, 2022 06:30
@jankeromnes jankeromnes changed the title Implement Stripe portal to allow usage-based customers to manage their subscription Implement Stripe portal to allow usage-based customers to manage their account Jun 10, 2022
@github-actions github-actions bot added the team: webapp Issue belongs to the WebApp team label Jun 10, 2022
@jankeromnes jankeromnes changed the title Implement Stripe portal to allow usage-based customers to manage their account Implement Stripe portal to allow usage-based customers to manage their billing details Jun 10, 2022
@easyCZ
Copy link
Member

easyCZ commented Jun 10, 2022

@jankeromnes Thanks for the PR. I haven't had a chance to dig into the details of Stripe API yet but to give you a faster review, how does the authentication and authorization against Stripe work from our link? Specifically:

  1. Does the user in effect need to create an account to access teh dashboard? Or are we generating a one-time sign-in link which we're exposing in our dashboard?
  2. What guarantees that a user outside a team is not given access to another teams portal?

@jankeromnes
Copy link
Contributor Author

Thanks @easyCZ! Good questions. The answers are in the code, but to give you fast answers:

  1. Does the user in effect need to create an account to access teh dashboard?

Yes, you need both a Gitpod account and a Stripe customer account before you can see the Stripe Portal button, let alone open it.

Or are we generating a one-time sign-in link which we're exposing in our dashboard?

We are indeed generating a one-time sign-in link server-side to allow specifically one customer to open their own Stripe Portal.

  1. What guarantees that a user outside a team is not given access to another teams portal?

We do not give a one-time sign-in link to users who are not an Owner of the Team that is the Stripe Customer (standard team-ownership access control check before generating the one-time sign-in link).

Also, FYI from the portal, you can only see a semi-censored version of your own customer details, and update them to new values.

@easyCZ
Copy link
Member

easyCZ commented Jun 10, 2022

Thanks. And last one:

We are indeed generating a one-time sign-in link server-side to allow specifically one customer to open their own Stripe Portal.

From the code, I understand we generate the portal link based on the user. Is this correct? Should it instead be the team? I'm asking because it's unclear if you're in multiple teams, which link to the portal you should receive.

@jankeromnes
Copy link
Contributor Author

jankeromnes commented Jun 10, 2022
edited

From the code, I understand we generate the portal link based on the user. Is this correct? Should it instead be the team? I'm asking because it's unclear if you're in multiple teams, which link to the portal you should receive.

No, we actually generate the portal link based on the Stripe Customer, which currently can only be a Team.

Note: The getStripePortalUrlForTeam API has a required teamId parameter.

@easyCZ
Copy link
Member

easyCZ commented Jun 10, 2022

Thanks for the info @jankeromnes. LGTM

@roboquat roboquat merged commit 610694c into main Jun 10, 2022
@roboquat roboquat deleted the jx/stripe-portal branch June 10, 2022 08:13
@jankeromnes jankeromnes mentioned this pull request Jun 13, 2022
Closed
@roboquat roboquat added deployed: webapp Meta team change is running in production deployed Change is completely running in production labels Jun 14, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@easyCZ easyCZ easyCZ approved these changes

Assignees
No one assigned
Labels
deployed: webapp Meta team change is running in production deployed Change is completely running in production release-note-none size/M team: webapp Issue belongs to the WebApp team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Show whether a user has a valid subscription and allow managing it
3 participants
@jankeromnes @easyCZ @roboquat