I am trying to allow my users to pay for their booking (for an event) on my website using Stripe. I've got most of the processing working well but I don't know how to connect the response I get from Stripe which indicates that the payment has been successful to my database so that it knows all the details required to make the booking.
In the standard situation of "buying X number of products", I know that I can create an order on the server which contains those details. Then I can put that order ID into the Stripe request and I can use that when the payment is successful to go and fulfil that order.
But in my case, I have to accept a load more information than that. Each booking can have multiple attendees attached to it - each attendee will have a name and load more information about them which needs to be used when the booking is created.
Is the only way to do this to add ALL of this attendee information in to the request to Stripe so that it can be used when the payment succeeds? Or is there another way?
If it helps to answer this question, I'm using Django on the backend.
The main way to achieve this is to:
Store the information related to the order in your own database with the corresponding payment intent ID (or checkout session ID).
Listen to the webhook event payment_intent.succeeded (or checkout.session.completed) to know when the payment is successful.
In the webhook event, get the payment ID with event.data.object.id and use that to look into your database to retrieve the information needed to fulfill the order.
You can learn more on how to fulfill orders in the Stripe documentation here.
Another option would be to use the metadata field of your payment intent (or checkout session) to directly store all the information related to the order. But I wouldn’t recommend this since it has some limitations (number of keys, length of values, etc.).
Related
We occasionally allow our customers to purchase our product and delay the payment until a pre-determined date. In order to do this, we need to collect the payment information at the time the order is placed. We are using the iframe method of collecting payment information.
I imagine I can use ARB to set up a one-time payment that will be billed at a specific date. However, that only works if I have the payment information stored away in a profile to begin with.
How can I collect the user's payment information without an initial charge, so that I can set up a payment at a later date?
As mentioned by John Conde, there is a hosted form that will allow you to collect payment information. It supports iFrame. You can create a customer profile first and then initiate this form. There are options to verify the card information or defer it to later, depending on your requirements.
You can find documentation in the link below. Search for "GetHostedProfilePage"
https://www.authorize.net/content/dam/anet-redesign/documents/CIM_SOAP_guide.pdf
I am working on a beta-stage writing tool SaaS that is built with NextJS, React, and Django REST. As I’m gaining some user base, I am starting to research on introducing a premium plan to the mix using Stripe.
As most other SaaSs, I will have a subscription-based premium plan which grants access to premium-only features. However, even after days of research, I am still lost how this is commonly implemented in Django/Backend. Here is what I’ve thought of so far, but again, I am not sure if it’s the best/common way to accomplish this.
User model has a ‘premium’ field which is either True or False
Whenever user clicks on a premium-only API call, Django will check if user is premium or not to decide whether to make the actual API call. I currently have a '/user/me/' route which returns basic user information as API GET call.
Upon successful stripe payment, stripe redirects user to the success_url. Then, somehow I will detect when user lands on success_url and then set that user’s premium field to True.
I know this is not the ideal way, because I already see lots of issues/hurdles:
How will I set ‘premium’ field back to False after user’s payment stops
How can I ‘detect’ stripe’s payment to set user’s premium field
Is this feature supposed to be implemented with Stripe customer objects instead? I would appreciate any guidance on where I should be looking for solutions.
If you use subscription on Checkout Session (low code solution), you can add additional key-value pair data such as premium: true in metadata and subscription_data.metadata fields when creating a subscription.
Once the payment is completed, those metadata will appear in checkout.session.completed and customer.subscription.updated webhook events, which you can then set the user as premium in your own database.
A customer object in Stripe can have multiple subscriptions, so this feature will be implemented on subscription object instead.
Can anyone provide me with working example how to show analytics (Visits, Page views, Page views per visit, etc) for logged users? As I understand there is no OOB solution, so I've tried to implement flexible dimensions, but didn't find any good examples and failed.
First of all you have to identify your logged in contact by calling the Sitecore.Analytics.Tracker.Current.Session.IdentifyAs() method, see more details here. When the contact logs in you can use their username to identify them upon the successful login.
Note, that the identification and authentication are separate unrelated events. Contacts are identified against the xDB and authenticated against the authentication mechanism used by the website.
When the contact identifies, it is saved to xConnect with a known identifier based on the information passed into theIdentifyAs() method: Identifier, Source and
IdentifierType will be set to ContactIdentifierType.Known (it is set to ContactIdentifierType.Anonymous for anonymous contacts). Then you can use IsKnown property on the Sitecore.XConnect.Contact that returns true if a contact has any known identifiers.
If you want to track some custom events for the logged in users to then use them for reporting needs you can add user interactions by calling the client.AddInteraction() extension method. I have given an example here.
If you want to extend the contact with your own custom data then you can create custom contact facets, read more here.
In order to implement your custom report with flexible filtering by logged in and not users, of course, you will need to define your custom dimensions and metrics, read more here.
I need to be able to pass identifying information through to Authorize.net's server so I can use this information when the confirmation comes back for logging purposes. We have information such as IDs for the items we sell on our site, and I'd like to have Authorize.net's response include this information to plug into our database along with the rest of the transaction data that Authorize.net's API natively supplies. Sort of like "merchant-private-data" in Google Checkout carts.
The only field I see that doesn't hold some other specific information in Authorize.net's API is x_description. My question is does the data in x_description get displayed to the customer at any point? The information I'd like to include is sensitive and not for customer's eyes. I've been over the API documentation provided by Authorize.net and it's not clear to me what is done with this field.
If this field is not private, is there a better solution to my problem which I am not seeing?
Dig through their list of API fields and see what you can use. If you want to build a list of line items, for example, look at their x_line_item field. If you're using the AIM/CIM SDK and not telling Authorize.net to e-mail a receipt then I don't see how the customer would see anything you submit to Authorize.net besides the charge on their credit card. If your customer does receive an e-mail directly from Authorize.net though, they will most likely see everything you submit. But double-check the docs I linked to be sure.
You have x_description, but also x_invoice_num and x_po_num. These fields are for the internal use of the merchant. The fields x_description and x_invoice_num can be set in the virtual terminal, if you use it to submit transactions, and also via the API. Authorize.net will return them in the response. If you set any of these two fields in an automatic recurring billing subscription, it will be returned in each individual payment response. They might be included in the email receipt also - I never used the authorize.net email receipt to the buyer. You can disable this email receipt and send your own email receipt.
I know x_description gets sent in plain text to the merchant's email, so I wouldn't use it for anything too sensitive. The description does not, however, appear on my credit card statement (as a customer).
There is another field you can use, refId. It's not well documented, but what you pass in refId will be returned in the response object as refId.
Personally, I recommend creating a database table to store your data, and then use refId to keep track of the insert ID.
I have a page where user is asked only for the payment amount, then user will be redirected to another website where the payment will be processed, I want the amount to be set on the redirected page without using querystring,cokkie, etc..
I tried to use web service but here is my challange:
user enters amount on the website.
webservice is called and set the amount to ex:400$
then user is redirected without any query string to another website.
Now:
how this payment website will know that this user is the user entered 400$ on the redirecting page?
I can count on approaches more secure than this also.
thanks
I have made some research on net and asked my experienced friends, the answer is "impossible" this way.
Because redirected website somehow identify that user and there is no solution without querystrings or browser related components,
Here is my friend's advice and i am little bit satisfied, not totally :)
He calls this approach as ticketing,
First create a datetime.now integer, with that number add id and amount of money to be processed.
Then make a complex function to encrypt data. take square of every odd digit then divide to 7 etc.
then on the other website, decrypt data and check datetime if its within 5 minutes for example,
the link is valid.
You have to pass the data to the other website somehow.
Cookies wouldn't work due to domain restrictions.
Query string or form posts could work, but you don't want to use query strings.
Alternatively, if both sites share infrastructure, you could use that to share information - for example if they both have access to the same database, you could use that to share data (though you would still need to identify the specific user to both sites).
The way the service would have to work is to give back some token, probably a GUID, that the site will then look for in the querystring of an HTTP request, to identify the owner of that pre-populated data. You then tack that token onto your redirect, and the client makes a request that causes the payment site to go pull the pre-loaded data for that client.
You still have to use a query string, but now, the query string doesn't contain any human-consumable information; they can't identify their $400 amount in the query string and change it to a different amount of money. If they change the GUID at all, the request will most likely fail as that GUID won't exist in whatever datastore of pre-populated data exists behind the payment site.
Contact the website/web service/gateway. They will provide you the API which will define parameters and methods to accept payment amount. If you are the author of such service, provide mechanism to accept such parameters from your caller application. Communication should be secure, using SSL.
For example for payment gateway Paypal, check this for ideas:
Use of the PayPal payment system in ASP.NET
Have a look on wikipedia.
Shortly the answer is impossible this way, because somehow the redirect website should identify the user, all the ways are browser related or ip ( which can cause many issues later)