This episode is for members only
Sign up to access "Build a Pay Once For Access App" right now.
Get started
Already a member? Sign in to continue
Playing
03. Protected member area
Episodes
01. Introduction and demo
2m 23s
0%
02. Setting up Laravel and Breeze
2m 42s
0%
03. Protected member area
5m 45s
0%
04. Setting up the Stripe library
5m 15s
0%
05. Creating a payment intent
6m 53s
0%
06. Creating the Stripe card form
6m 43s
0%
07. Confirming the card payment
4m 56s
0%
08. Handling card errors
4m 41s
0%
09. Redirecting after successful payment
6m 47s
0%
10. Creating a Stripe webhook
5m 53s
0%
11. Handling a successful payment intent
4m 27s
0%
12. Updating a user member status
2m 45s
0%
13. Protecting the payment page with middleware
1m 16s
0%
14. Securing the Stripe webhook with a signature
5m 9s
0%
15. Preventing duplicate Payment Intents
5m 25s
0%
Transcript
00:00
Our goal for this episode is to be able to land on the members page and either be redirected back to the dashboard or the home page if we don't have access or if we do have access we just allow the user in. We saw a little bit earlier on in the introduction that within the users table we're going to have this member column which is just a boolean to say whether we've paid and we're
00:22
technically a member and of course you can use any kind of terminology around this that you like. So the first thing that we're going to do is go ahead and update the users table to add that new column. So we're going to go ahead and make out a migration here and we're going to add member to the users table and let's go ahead and just run that. Let's open that migration add member
00:45
to users table and if we come down we just need a simple boolean in here so let's go ahead and create our boolean and we're just going to call this member. Now really sensibly here we're going to add a default of either zero or false because when a user registers we want this to be set by default to false and then on the down if we do use down migrations we can just go ahead and drop
01:08
that member column. Okay so now that we've done this let's run php artisan migrate and we now have a member column in here. Brilliant. Okay so now we're going to go ahead and create out the controller which will handle that member page. So let's go ahead and say php artisan make controller and let's call this member index controller. Let's head over to our web root to register this. So
01:34
let's come down to here and we'll just do slash members. Let's reference that member index controller in there and that's pretty much all we need to do. So let's open up member index controller and because we're just going to make this invocable we just want to create out a magic invoke method and from here return a view. Let's just name this first so members.index and we can
02:00
go ahead and create that over in our resources section under views. So let's go ahead and create a new folder in here called members and inside of this index.blade.php and we're going to copy the markup from the dashboard page here just because we want it to look very similar. So I'm going to go ahead and call this members and we're going to say members area. Now with the middleware
02:24
that we're about to create you can apply this to any controller or any group of routes that you want to so you don't just have to have a single page that's protected. Okay so back over to here when we hit that members page now we should see the members area that we've just created but of course at the moment we're not a member so we need to create out that middleware to protect this. So
02:46
let's go and open up our terminal and run php artisan make middleware and let's go ahead and call this redirect if not member. So let's open up that redirect if not member middleware and let's come down to here. So this has a handle method and just up here we're going to have an if statement to check if the currently authenticated user that's trying to access this or run through this
03:10
middleware is not a member. If that's the case let's redirect them back to the dashboard and then finally return the next request. So here we've already got access to the request so we can very easily say request user and member which is that boolean. Now if we are not a member we're going to go ahead and return a redirect in here and we're going to redirect to the dashboard page.
03:37
That's really as simple as that middleware gets. So there's a couple of ways that we can apply this. Let's do this directly in the controller and then I'll show you how to group this if you have multiple routes that you need to protect. So if we wanted to do this directly within the controller we just create out a constructor within this controller and we'd go ahead and call this
03:55
middleware. Into this array we can just pass that middleware redirect if not member and give the fully qualified class name. So now if we just head over to the members area sure enough we're redirected back to the dashboard. Let's come over and just manually set the member column here to true and if we come over to members now sure enough we get access. So that's just one way of adding
04:20
that middleware. Let's comment this out really quickly and head over to our web routes. We can also add this down here directly by chaining on middleware and then giving this in here so redirect if not member. We can add that in there or we can create a middleware group for this. So let's go ahead and say root middleware and in here what we can do is create out a closure, put all of the
04:44
routes that we want to protect in here and as the first argument give that middleware. So redirect if not member and that'll work as well. So that means if you have multiple routes that you want to protect this is a little bit more convenient rather than adding it to every single controller. Let's just test this out by hitting members and yeah sure enough I've not implemented this
05:06
correctly. So what we want is instead of a closure here we want to call root middleware but then we want to use the group method on this. So let's create the closure inside of a group method and then we should find this works and of course if we set member to false we're going to see exactly the same behavior. Okay so let's leave this as this group just in case you do need that
05:28
and over in the member index controller I'll just leave this commented out in here in case you need that as a reference. Okay there we go we now have a members area that at the moment we can't access. We're going to need to start accepting payments now so in the next episode we're going to set up the Stripe SDK.
15 episodes•1 hr 11 mins•3 years ago
Overview
Let's do payments right with the Stripe Payment Intent API, and build an app where customers can pay to access a members area.
We'll cover setting up a Payment Intent, process payments correctly with authorization, handle declines, and securely respond to a Stripe webhook to upgrade a member.
This course is for you if:
- You want to process payments to upgrade customers for access
- You need to learn how to properly process one-off payments with Stripe
- You need a refresher on the Payment Intents API
Alex Garrett-Smith
Hey, I'm the founder of Codecourse!
Episode discussion
No comments, yet. Be the first!