Backend API for Patreon-tiered content-gating
(AWS / Lambda / DynamoDB)
The client's goal was to build an API for his website to filter the website content based on the user's Patreon subscription tier. I provided this as a scalable, robust, and secure serverless solution, that allowed the client to:
- import existing user base
- subscribe to Patreon's webhook for synchronization
- use API endpoint for his website to check if the user authenticated with their Patreon account has access to particular paid content. I also offered the client the ability to host the API under their custom domain and manage it in their AWS account.
Integration with Patreon webhook
Patron offers a webhook that will trigger our API endpoint whenever there is a new or existing user making changes in their subscription to the client's Patreon account.
The endpoint accepts requests only via HTTPS and checks the request's HMAC signature by validating it with a secret stored securely in AWS Secrets Manager.
Patreon webhook integration
API Gateway for client's website content-gating
This involved integration with Patreon API in order to exchange authentication codes to receive Patreon user identities, and then to check whether those belong to tiered users or not.
I used all the available AWS API Gateway capabilities to secure the endpoint from malicious use.
API Gateway for the Client's website
Import existing Client's user base
As long as the client already had plenty of users subscribed to their channel, we provided an ability to ingest this user base by importing CSV that Patreon provides to the channel owner as export capability.
This functionality leverages AWS S3 events to trigger an AWS Lambda function, which inserts or updates the records in the DynamoDB table.
Putting .csv file to S3 bucket triggering import process
Delivery timeline
The solution was designed and scoped during the early days of the project discovery phase. It took one week to develop, deploy to the client's production AWS account, and thoroughly test before the client began using it on their website. I used GitHub Actions and CDK for the CI/CD pipeline, enabling one-click deployment for ease of use. The client was delighted with the solution's flexibility and the development process, especially since I was able to accommodate a few last-minute changes.