Introduce
Stripe code consists of two parts: front-end and back-end. The front end tokenizes customer information and uses stripe elements to collect sensitive information.
General flow
All payments need to go through the backend server. When the user is ready to pay, the backend server will send a request to set whether to create a session or a payment intend. The Stripe Api will respond with an object containing the session id or client secret. After that, they will be sent back to the front-end app, and they will be used to complete the payment.
Whether it’s a one-time payment or a subscription, this is the process.
The backend is the core and also connects to the stripe api.
Payment gateway
Handle payments at a global scale;
PCI Compliance;
Encrypt credit card data;
Store credit card data securely;
Method to realize
- Stripe hosted checkout
- Customized checkout
Create stripe account
Public key & Secret key. In Dashboard, you can see that stripe has test mode and live mode. The secret key is used in the backend and should be placed in the .env file and cannot be exposed.
Stripe dashboard
Key points:
- View API keys: Public key and Secret key.
- View statistics of all payments, specific information for each payment.
- Check Stripe’s error message.
- View and deploy webhooks, locally/online.
- View customer information.
- Set 3D secure (More - Radar - Fraud & risk - Rules)