Skip to content

Commit b23da5c

Browse files
committed
Change stripe payments to do server side redirect
It makes little sense to load a separate page, which loads a third party javascript, and then executes it inline just to perform a redirect to an URL that's already in the response from the API. It does lead to one extra (cheap) stripe api call if the user initates the payment at stripe, doesn't complete it, and rstarts the process from the invoice. But in all other (thus, the normal) cases it leads to less calls, and avoiding to load 3rd party javascript inline in general is a good thing.
1 parent 160bef9 commit b23da5c

File tree

3 files changed

+10
-27
lines changed

3 files changed

+10
-27
lines changed

docs/invoices/payment.md

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -257,8 +257,7 @@ This module requires the Python module `braintree` to be installed.
257257
#### Stripe Creditcard
258258

259259
This method uses the Stripe creditcard system. This uses the Stripe
260-
"Checkout" system, which uses a mix of server-side code and hosted
261-
javascript, with the actual payment form entirely hosted by Stripe.
260+
"Checkout" system. This uses hosted payment forms at Stripe.
262261

263262
#### Trustly Banktransfer
264263

postgresqleu/stripepayment/views.py

Lines changed: 9 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -43,8 +43,12 @@ def invoicepayment_secret(request, paymentmethod, invoiceid, secret):
4343
# user has multiple tabs open.
4444
return HttpResponseRedirect("/invoices/{0}/{1}/".format(invoice.id, invoice.recipient_secret))
4545

46-
# Else session exists but is not completed, so send it through back to Stripe
47-
# again.
46+
# Else session exists but is not completed, so fetch the session and send the user
47+
# back to Stripe.
48+
StripeLog(message="Re-fetching session {0} (id {1}) for another try.".format(co.id, co.sessionid),
49+
paymentmethod=method).save()
50+
r = api.secret('checkout/sessions/{}'.format(co.sessionid))
51+
sessionurl = r.json()['url']
4852
except StripeCheckout.DoesNotExist:
4953
# Create a new checkout session
5054
co = StripeCheckout(createdat=timezone.now(),
@@ -76,14 +80,12 @@ def invoicepayment_secret(request, paymentmethod, invoiceid, secret):
7680
return HttpResponse("Unable to create Stripe payment session: {}".format(r.status_code))
7781
j = r.json()
7882
co.sessionid = j['id']
83+
sessionurl = j['url']
7984
co.paymentintent = j['payment_intent']
8085
co.save()
8186

82-
return render(request, 'stripepayment/payment.html', {
83-
'invoice': invoice,
84-
'stripekey': pm.config('published_key'),
85-
'sessionid': co.sessionid,
86-
})
87+
# Redirect to the stripe payment URL
88+
return HttpResponseRedirect(sessionurl)
8789

8890

8991
def invoicepayment_results(request, paymentmethod, invoiceid, secret):

template/stripepayment/payment.html

Lines changed: 0 additions & 18 deletions
This file was deleted.

0 commit comments

Comments
 (0)