I'd like to ask about best approach for integrating Stripe payment for FrontEnd and Backend.
As far as I understand from webpage https://stripe.com/docs/payments/integration-builder we should use following flow:
FrontEnd asks Backend for clientSecret to continue payment. That means that Backend doesn't have to know about credit card and other secured information, but can securely build request from payment and calculate amount to be paid.
Once Stripe payment is finished FrontEnd gets the result of payment and then can send paymentId to the
Backend and Backed receives details from Stripe based on paymentId.
Is it the best and most secured way of payment? What should happend in case of issues with FrontEnd - payment is successfully processed, but because of some issue paymentId was not send to the Backend?
Related
I have integrated the stripe Api in my website to process payments and It is working fine. The only problem is that after the a successfull payment, i don't get any response or an object to know if the payment is successful or not.
Stripe does process the payment and everything is fine but the question is how would I know that it is successful after stripe redirects the client to the success url ?
You can implement webhook in your application. After a payment is completed stripe will call webhook/callback of your application with the payment_status and other details. Have a look at documentation here Triggering actions with webhooks
Using webhooks and events is definitely the right way to go. You can listen for successful payments, failed payments, and other event types, then add some server code to take some action based on those events.
There's a mention of webhooks in Stripe's custom payments quickstart guide: https://stripe.com/docs/payments/quickstart#use-webhook
They also have a standalone webhooks guide: https://stripe.com/docs/webhooks/quickstart
I am currently using paypal-rest-sdk and want to accept payment using the cards.
In both sdk's (paypal rest and paypal checkout), when I create an order, in response there is an approve URL:
{
"href":"https://www.sandbox.paypal.com/checkoutnowtoken=token",
"rel":"approve",
"method":"GET"
}
Which will take you to this page:
The payment with PayPal account (logging in) is working, it correctly redirects to the return URL.
However, the "Pay with Credit or Debit card" option is not working.
After filling the card information when I click on continue button a loading screen appears and nothing happens after that.
I have seen solutions using PayPal smart-buttons, but can it work using "Pay with Credit or Debit card" option?
What do you mean by "paypal-rest-sdk" ? The PayPal-Node-SDK is deprecated, do not use it for anything. Use the current Checkout-NodeJS-SDK.
Follow the Set up standard payments guide and make 2 routes on your server, one for 'Create Order' and one for 'Capture Order', documented here. Both routes should return only JSON data (no HTML or text). Inside the 2nd route, when the capture API is successful you should store its resulting payment details in your database (particularly purchase_units[0].payments.captures[0].id, which is the PayPal transaction ID) and perform any necessary business logic (such as sending confirmation emails or reserving product) immediately before forwarding your return JSON to the frontend caller.
Pair those 2 routes with the frontend approval flow: https://developer.paypal.com/demo/checkout/#/pattern/server
I have set up a Google Pay button on the front end of my website and have tested communicating with the Google Pay API and have successfully received a response.
I have a Laravel project (PHP) so the front end sends this data to the server to be processed.
Once I have this response however I am not sure how to pass the required information to stripe api. From my understanding I need to pass the token received in the response to stripe's api but not sure how to formulate the request to stripe using this token.
Any assistance would be greatly appreciated
On your PHP side, you need to create a Charge on Stripe: https://stripe.com/docs/api/charges/create , using stripe-php library.
The Stripe Token you got from Google Pay, you would pass that under the source: tok_123 parameter.
(recommended) If you are using PaymentIntent/PaymentMethod objects, you would create a PaymentIntent (https://stripe.com/docs/api/payment_intents/create) using the API and pass payment_method: pm_123.
We are using Stripe subscriptions to handle payment for a SaaS application we are building
Currently, our development team has implemented the following logic:
User enters card details into Stripe elements UI as the final step of signup to our app.
If the credit card is deemed valid by Stripe Elements, the signup process to our app completes successfully.
A stripe customer & subscription is created.
Our server processes the webhook from stripe to confirm if the initial payment succeeds/fails
The problem we have is that the customers card isn't being charged until after the signup process to our app is complete. In some cases this results in a poor user experience, where the user is told by our signup process that they have signed up successfully, then they receive a 'payment failed' email from our software if the stripe charge doesn't succeed.
What is the best way to handle this signup flow? Since we are relying on the stripe webhook to tell us if the charge has succeeded - a suggestion has been made that we could monitor for the webhook response (eg. every 1 second, in a loop) and confirm payment has succeeded before completing the user signup for our app. The flow would then become:
User enters card details into Stripe elements UI as the final step of signup to our app.
If the credit card is deemed valid by Stripe Elements, we create the stripe customer / subscription
Monitor (in a loop) for a response from the Stripe webhook to confirm if payment was successful
The signup process to our app completes successfully (if charge is successful), or fails if the charge is unsuccessful.
This also seems like a bandaid solution - what is the best way to handle our issue?
I have noticed there is an option to use 'pre-authorisation' of a card, but I'd prefer not to go down this road if it leads to extra items on a customers bank statement.
This seems like something that would be very common - we would greatly appreciate any advice
Thanks
The most straightforward solution seems to be that your integration isn't waiting for the payment to complete.
With Subscription, you can wait synchronously on your backend for a status: active on your backend, before returning a response to your frontend. You don't even need to poll for the webhook response, cause your backend creates a Customer, creates a Subscription, and returns that response to your frontend, to show an error or success.
(waiting for webhooks is good but when your integration is manually starting the Subscription, you don't necessarily need webhooks)
From the frontend perspective, your user sees a loading spinner, until your backend is able to say "payment successful, you are signed up!"
I need to integrate paypal with node js ( first time ). But node js working as REST server with frontend built on mobile ( Android and iOS ). I think purpose of using return url and cancel url for web based frontend not for mobile.
Previously I implemented Stripe payment gateway which have simple system which generate a auth token on mobile and mobile sent this token to Node Js Rest API. So not node js application have buyer auth token and it process the required payment.
But I am very much confused how Paypal achieve same scenario.
UPDATE : I am using paypal official node js package https://github.com/paypal/PayPal-node-SDK
UPDATE : After more search, I see some steps in payment flow
User paypal payment create API into my REST API to get "payment id" and links.
Hit on approval_url link which used for fullfill buyer information on paypal site. After completion, Paypal hit automatically described return url in first API, along with payment id and payer id params.
In Return API, use payment id and payer id params to paypal payment execute API.
If all above is actual process to generate payment, Then I am assuming that Backend API only needed third Step which API url could be shared with mobile developer in their integration of paypal.
So Mobile will
create payment
Fill Buyer information
While Paypal automatically hit return url where backend API will execute payment.
If this is the recommended ( or only ) way to paypal integration with mobile and rest apis ?
The purpose of return and cancel url is to notify the client(mobile or web) for potential user action, if user completes payment then via return url and if user cancels payments via cancel Url
You can use rest or nvp PayPal will support both, they have rest endpoints which you can use to complete the transaction.
https://github.com/santhoshlfms/Android_PayPal_EC_NodeJs_Server_Sample (Node server)
https://github.com/santhoshlfms/Android_PayPal_EC_CustomTab_Demo (Mobile Front end)
you can follow these repo to figure out how to proceed.