Go to main content

Textpattern CMS support forum

You are not logged in. Register | Login | Help

#1 2021-08-10 20:37:56

giz
Member
From: New Zealand
Registered: 2004-07-26
Posts: 221
Website

How to prevent duplicate purchases upon checkout, idempotency

I have a payment system set up using Stripe API on the Robin Gibson Gallery website (thanks Bloke for your advice in unpicking the bits).

Each artwork is represented by an image id in Textpattern; there are extra image fields for price, stocked, etc.

Upon clicking on a ‘buy now’ button for an artwork, ?f=stripe_create&artworkid=1234 is called. This form initiates a checkout session with Stripe, and redirects the buyer to a Stripe-hosted checkout page. Upon successful payment, a webhook triggers so that the artwork can be assigned as ‘sold’ back in Textpattern.

The issue I’m trying to solve is duplicate purchases of the same artwork; two visitors click on the same ‘buy now’ link within seconds of each other, and both transactions are successful.

Stripe allow for idempotent keys in their checkout session, but these apply to the transaction session itself, and can’t be used to discriminate between sessions.

I need to generate a different idempotency key for each customer, and need advice on how best to approach this.

All I can come up with feels like a kludge: for each checkout session instantiation,

if artworkid => stocked = busy
  tell client to try again in a bit
else
  set artworkid => stocked = busy
  set timer so that stocked can be reset to null in say 60 seconds
  start checkout session

Visitors often click on a buy now link to see what happens, and then cancel within a number of seconds. If they return to the site, artworkid => stocked = null.

Is there a better way?

Last edited by giz (2021-08-10 20:51:42)

Offline

Board footer

Powered by FluxBB