import fetch from 'isomorphic-unfetch';

export default async (_, res) => {
  let url = '/v2/sales';
  const allSales = [];
  const API_KEY = process.env.GUMROAD_API_KEY;

  while (url) {
    const response = await fetch(`https://api.gumroad.com${url}`, {
      headers: {
        Authorization: `Bearer ${API_KEY}`,
        'Content-Type': 'application/json'
      },
      method: 'GET'
    });

    const { sales, next_page_url: nextPageUrl } = await response.json();

    allSales.push(sales);

    if (nextPageUrl) {
      url = nextPageUrl;
    } else {
      break;
    }
  }

  return res.status(200).json({ sales });
};

Usage

First, create a Gumroad account. Then, navigate to the Applications tab and create a new app.

Make note of your "Application Secret". Since we're communicating server to server, we only need the secret.

To securely access the API, we need to include the secret with each request.

Remember: never commit secrets to git. Thus, we should use an environment variable.