Create a React app with Auth0 and Stripe

About this guide

This development guide walks you through everything you need to do to build a high-quality React app integrated with Auth0 and Stripe. Check out the tasks below to get started. To save time, you can also use our boilerplate, which gives you a complete React codebase with all of these tasks done for you. Okay, let's dive in!

Tasks

• Setup your React appGet the code

  Setup a React app using npx create-react-app and routing using React Router. There are many ways you can structure your app, but a common setup is to have an App component that defines top-level routes, with each route component imported from the /pages directory. The rest of your components should be located in your /components directory. You can then run your app locally with the npm run start command.

• Setup a Node (Express.js) serverGet the code

  This stack requires server logic, so we'll be setting up a Node (Express.js) server that we can query from our React front-end. We suggest defining your Express.js routes in a file located at /api/index.js and then creating a file for each route handler in the/api directory. Next make sure all requests to /api/* get routed to your Express server port by defining a proxy in your package.json. Lastly, run your server with the node api command in a new terminal window.

• Extend the Auth0 libraryGet the code

  Create a file that wraps the auth0-js library and abstracts away the storage and retrieval of the user's access token. Auth functions, such as auth0.signupAndAuthorize() and auth0.client.login(), should store the access token in memory or local storage after executing. Add a function called getCurrentUser() that fetches the current user by passing the stored access token to auth0.client.userInfo(). Our auth logic in subsequent tasks can call this function to get the current user.

• Create an Auth0 AuthProvider and useAuth hookGet the code

  Create an AuthProvider component that fetches the current user from Auth0, subscribes to changes, stores the user in state, and then makes all this data available to child components using Context.Provider. Make sure to update your App component so that AuthProvider wraps all your pages. You'll then create a useAuth hook that reads the user with useContext and returns its value. This will enable any component to call useAuthto get the current user and re-render when it changes.

• ‍Protect pages with an Auth0 requireAuth HOCGet the code

  Create a requireAuth higher order component for pages that should only be viewable by authenticated users. It should call your useAuth hook internally to get the current user, show a loading indicator while waiting on the response, and then either render the page or redirect to /signin depending on whether the user is authenticated.

• Build your authentication UIGet the code

  Create an authentication UI using your component library of choice and Auth0 functions. You'll want routes for user sign-up, sign-in, forgot password, and change password. Make sure you properly validate inputs and display any errors returned by Auth0. You may also want to use a library, such as React Hook Form, for managing form state.

• Link user to analytics sessionGet the code

  You can connect Google Analytics sessions to the current authenticated user with the User ID feature. This allows you to see what your users are doing across sessions and devices. You'll need to update your useAuth hook to set the user_id property whenever the user changes.

• Enable Auth0 email and password updatingGet the code

  To allow users to update their email and password you'll need to setup an API endpoint. Create an Express.js route at /api/auth-user that uses the auth0 library and calls Auth0.ManagementClient.updateUser() to change this info. Make sure that Auth0.ManagementClient is instantiated with the credentials for a "Machine to Machine" app, instead of your client-side app credentials. You can then create an updateUser function in the Auth0 wrapper you previously setup that makes a request to this endpoint.

• ‍Create an Auth0 callback pageGet the code

  In order to support social login via OAuth you'll need to setup an Auth0 callback page and specify it's path as the redirectUri value when calling auth0.popup.authorize(). This page should use the auth0-js library and call auth0.popup.callback() on load. This is what enables your app to get the authentication results after the OAuth flow has completed.

• ‍Integrate with Stripe CheckoutGet the code

  Create an Express.js route at /api/stripe-checkout that receives a planId value, creates a new Stripe Checkout session for the given plan using stripe.checkout.sessions.create(), and then returns the session object. Next you'll create a /purchase/[planId] page that initiates the checkout flow. This page should automatically make a request to /api/stripe-checkout to get a new Checkout session and and then redirect to Checkout by calling stripe.redirectToCheckout(session.id). Finally, you'll design your plan selection UI using your component library of choice and link each plan to the /purchase/[planId] page you've setup above.

• ‍Integrate with Stripe Customer PortalGet the code

  Create an Express.js route at /api/stripe-portal that creates a new Stripe Customer Portal session using stripe.billingPortal.sessions.create() and then returns thesession object. Next you'll create a /settings/billing page that initiates the Customer Portal flow. This page should automatically make a request to /api/stripe-portal to get a new session and then redirect to the Customer Portal using the session.url value. Next you'll create a settings UI using your component library of choice and link to the /settings/billing page you setup above. Now your users can easily manage billing info and change payment methods.

• ‍Create a Stripe webhookGet the code

  In order to handle Stripe payment events you'll need to setup a webhook server endpoint. Create an Express.js route at /api/stripe-webhook that uses the stripe library to parse data from the request body, validate the event using stripe.webhooks.constructEvent(), and then call a handler function for each of the following events: checkout.session.completed, invoice.payment_succeeded, invoice.payment_failed, customer.subscription.updated, and customer.subscription.deleted. Your event handlers should update the user in the database so that your database contains their current plan and subscription status. When running your app locally, Stripe won't be able to ping your webhook endpoint, so you'll want to make sure to use the Stripe CLI to listen to events and route them to your local /api/stripe-webhook endpoint.

Get the code

You can get the code for this guide with our React, Auth0, and Stripe Boilerplate. You'll get a complete React codebase with Auth0 and Stripe integration, all the tasks listed above done for you, and a responsive multi-page template. It should save you about two weeks of development time.

Get the boilerplate