How to Integrate Stripe Checkout in a Web Application

Incorporating CI/CD best practices does not only involve the adoption of any new tools but also a culture change that prioritizes teamwork, efficiency, and high quality. Whether you’re engaged in software development for a startup or a large enterprise, it may be advantageous to work with an experienced technology leader like iFlair to explore the full capabilities of continuous delivery. With the appropriate CI/CD practices in mind, your team will be able to go through the code-to-deployment process fast, reliably, and accurately, which will help you stay on top of the continuously changing environment of software development.

Why Choose Stripe Checkout?

Stripe Checkout is a powerful, prebuilt solution that handles all the complexity of online payments. Here’s what makes it a great choice: 

• Prebuilt, Hosted Payment Page
  No need to build your own — Stripe provides a fully designed and optimized payment page. 
• Optimized for Conversion
  Designed with best practices to increase successful checkouts. 
• Secure & PCI-Compliant
  Stripe handles sensitive data securely, so you stay compliant with PCI requirements. 
• Mobile-Responsive Design
  Works seamlessly on any device — desktop, tablet, or mobile. 
• Supports One-Time Payments & Subscriptions
  Flexible for different business models and pricing structures. 
• Multiple Payment Methods
  Accept cards, wallets (Apple Pay, Google Pay), and bank debits with ease. 
• Automatic Tax Calculation
  Stripe can automatically calculate and apply tax based on location. 
• Built-in Promotion Code Support
  Easily offer and validate discount codes. 
• 3D Secure Authentication
  Enhanced security for card payments to reduce fraud
• Validation & Error Handling
  Built-in features to help users correct issues and complete payments smoothly.

Project Overview 

Before integrating Stripe Checkout, make sure you have the following ready: 

• A Stripe account 
• A basic web application with both frontend and backend 
• Node.js and npm are installed on your system 
• A development environment (like VS Code or any web server)
• Your Stripe Publishable Key and Secret Key from the Stripe Dashboard 
• An .env file to securely store your Stripe Secret Key 
• Basic understanding of HTML and JavaScript

Project Structure 

Here’s a basic layout: 
stripe-checkout-integration/ 
├── public/ 
│   └── index.html 
├── server.js 
├── .env 
└── package.json 

Step-by-Step Integration of Stripe Checkout

1. Create a Stripe Account

• Go to Stripe Dashboard 

• Navigate to Developers > API keys 

• Copy your Publishable key and Secret key 

• Your Stripe Publishable Key and Secret Key from the Stripe Dashboard 

• Add them to your .env file: 

STRIPE_SECRET_KEY=sk_test_xxxxxxxxxxxxx 

STRIPE_PUBLISHABLE_KEY=pk_test_xxxxxxxxxxxxx

Step 2: Backend Setup (Node.js + Express)

1. Install dependencies

npm init -y 

npm install express stripe dotenv cors

2. Create server.js

const express = require(‘express’); 
const Stripe = require(‘stripe’); 
const cors = require(‘cors’); 
require(‘dotenv’).config(); 
const app = express(); 
const stripe = require(‘stripe’)(process.env.STRIPE_SECRET_KEY); 
app.use(cors()); 
app.use(express.json()); 
app.post(‘/create-checkout-session’, async (req, res) => { 
  try { 
const session = await stripe.checkout.sessions.create({ 
   payment_method_types: [‘card’], 
   mode: ‘payment’, 
   line_items: [ 
     { 
       price_data: { 
         currency: ‘usd’, 
         product_data: { 
           name: ‘Awesome Product’, 
         }, 
         unit_amount: 2000, // $20.00 
       }, 
       quantity: 1, 
     }, 
   ], 
   success_url: ‘https://yourdomain.com/success’, 
   cancel_url: ‘https://yourdomain.com/cancel’, 
}); 
res.json({ id: session.id }); 
  } catch (err) { 
res.status(500).json({ error: err.message }); 
  } 
}); 
const PORT = process.env.PORT || 3000; 
app.listen(PORT, () => console.log(`Server running on port ${PORT}`));

Step 3: Frontend Setup

Create public/index.html 
<!DOCTYPE html> 
<html lang=”en”> 
<head> 
  <meta charset=”UTF-8″ /> 
  <title>Stripe Checkout Example</title> 
</head> 
<body> 
  <h1>Buy a T-Shirt</h1> 
  <button id=”checkout-button”>Checkout</button> 
  <script src=”https://js.stripe.com/v3/”></script> 
  <script> 
const stripe = Stripe(‘pk_test_xxxxxxxxxxxxx’); // Use your publishable key 
document.getElementById(‘checkout-button’).addEventListener(‘click’, async () => { 
   const response = await fetch(‘/create-checkout-session’, { method: ‘POST’ }); 
   const session = await response.json(); 
   await stripe.redirectToCheckout({ sessionId: session.id }); 
}); 
  </script> 
</body> 
</html>

Step 4: Add Success and Cancel Pages 

public/success.html 
<h1>Payment Successful </h1> 
<p>Thank you for your purchase!</p> 
public/cancel.html 
<h1>Payment Cancelled </h1> 
<p>You canceled the checkout. Please try again later.</p> 

Step 5: Run the App 

Start your server: 
node server.js 
Visit http://localhost:4242 in your browser and click “Checkout” to test the payment flow.

Testing Payments 
Card Number: 4242 4242 4242 4242   
Expiry: Any future date   
CVC: Any 3 digits   
ZIP: Any 
More test cards: Stripe Test Cards
Use any future expiry date, CVC, and ZIP. 

Success! What Happens Next?
Once the payment is successful: 

• Stripe will redirect the user to your success_url.  
• You can configure webhooks to capture events like payment_intent.succeeded for order fulfillment. 
• You can also use Stripe’s Test Mode to simulate payments without real money.

Webhook Integration (Optional but Recommended) 

To verify and handle events like successful payments on the server, use Stripe Webhooks. 

1. Use the Stripe CLI to forward webhooks: 

stripe listen –forward-to localhost:4242/webhook
  .catch(err => {
console.error(“Error connecting to database:”, err);
  }); 

2. Handle webhook events: 

app.post(‘/webhook’, express.raw({ type: ‘application/json’ }), (request, response) => { 
  const sig = request.headers[‘stripe-signature’]; 
  let event; 
  try { 
event = stripe.webhooks.constructEvent(request.body, sig, process.env.STRIPE_WEBHOOK_SECRET); 
  } catch (err) { 
return response.status(400).send(`Webhook Error: ${err.message}`); 
  } 
  // Handle the event 
  if (event.type === ‘checkout.session.completed’) { 
const session = event.data.object; 
console.log(‘Payment received!’, session); 
  } 
  response.status(200).end(); 
});

Security Tips 

• Use HTTPS in production. 

• Never expose your Secret Key on the frontend. 

• Validate all webhook events from Stripe for authenticity.