Session 8: Frontend Stripe cutover, soccer pages, sport selector, grade result cards, beta badge

src/services/stripeService.js

@@ -57,13 +57,21 @@ async function createCheckoutSession(userId, email, tier, founderCode) {
       .eq('id', userId);
   }
 
-  const baseUrl = process.env.BASE_URL || 'http://localhost:3001';
+  // Stripe sends the user to a FRONTEND URL after checkout — not the
+  // Express API. NEXT_PUBLIC_SITE_URL is the canonical frontend origin
+  // (defaults to https://vyndr.app per the email templates), with
+  // BASE_URL as a fallback for legacy deploys that only set the API
+  // origin. localhost:3000 is the Next dev server default; Express
+  // dev runs on 3001 so we never want to send users there.
+  const frontendUrl = process.env.NEXT_PUBLIC_SITE_URL
+    || process.env.BASE_URL
+    || 'http://localhost:3000';
   const session = await getStripe().checkout.sessions.create({
     customer: customerId,
     line_items: [{ price: priceId, quantity: 1 }],
     mode: 'subscription',
-    success_url: `${baseUrl}/scan?upgraded=true`,
-    cancel_url: `${baseUrl}/#pricing`,
+    success_url: `${frontendUrl}/upgrade/success?session_id={CHECKOUT_SESSION_ID}`,
+    cancel_url: `${frontendUrl}/upgrade/cancel`,
     metadata: { user_id: userId, tier, is_founder: String(isFounder) },
   });