nocheckout 0.1.3 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9db06290291d396f599cd4480858528a842f818be68f58e154ad7e5f5f8b6299
-  data.tar.gz: '06974973a6ac44a4c909e48bc82737c3f16639981016d3ee9e4b815c74b38203'
+  metadata.gz: 36cc99edab4e1790d54150c8528af4a8909e9894c08716ee9d6893a4966772da
+  data.tar.gz: e909fba5b3d5dff31373ef0f268fabf3fa53297ea77d1fd09f7f13ad5147e541
 SHA512:
-  metadata.gz: 4d900112610418b2b15882d3e2b58ba13bd6ced82e6fa01dbcfa84442436a941fb1454a754c8e2b5e76d2ef861bf7abf3653f3b02a4f6ecfc297d5d9e7ab8995
-  data.tar.gz: 44e17d5ff40f48f7744711871cbb68ef9522248e521a2e0743b66486458f4ae4be6a15b41ab5bc0826b16534c168566234aa94a77d633db91bbb5e7ec7ebd38b
+  metadata.gz: b03567f074c779298ed5d3ae1b2e3bf81146b169f7002ce81ab6b8a75e399dd26c8b54833cdc3469cbe636c368365d5225c30d191341a317b22beee1f411018a
+  data.tar.gz: 05e63b688befdcf2f12274e7b5daac3d9ff07cf8f90749d86e08cc952947d98773d5bc9e3019f3d44d902bcbe9eb0be441430952a8101dd0cbc6ac93a394b67c

data/CHANGELOG.md

@@ -1,5 +1,18 @@
 ## [Unreleased]
 
+### Changed
+- **BREAKING**: Refactored `CheckoutSessionsController` from a base class to a composable module
+  - `NoCheckout::Stripe::CheckoutSession` is now a concern/module that you include in your controllers
+  - Controllers no longer need to inherit from `NoCheckout::Stripe::CheckoutSessionsController`
+  - Provides more flexibility - controllers can inherit from any base class in your app
+  - All protected methods (`create_checkout_session`, `retrieve_checkout_session`, `callback_url`, etc.) remain the same
+  - `@checkout_session` is still automatically assigned via before_action callbacks
+  - See README for migration examples
+
+### Added
+- Comprehensive test suite for `CheckoutSession` module and `CheckoutSessionsController`
+- Architecture documentation in README explaining the module-based design pattern
+
 ## [0.1.0] - 2023-09-08
 
 - Initial release

data/Gemfile.lock

@@ -1,95 +1,108 @@
 PATH
   remote: .
   specs:
-    nocheckout (0.1.2)
-      rails (~> 7.0)
+    nocheckout (0.1.4)
+      rails (>= 7.0)
       stripe (>= 7.0)
       zeitwerk (~> 2.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (7.0.8)
-      actionpack (= 7.0.8)
-      activesupport (= 7.0.8)
+    actioncable (7.2.1)
+      actionpack (= 7.2.1)
+      activesupport (= 7.2.1)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (7.0.8)
-      actionpack (= 7.0.8)
-      activejob (= 7.0.8)
-      activerecord (= 7.0.8)
-      activestorage (= 7.0.8)
-      activesupport (= 7.0.8)
-      mail (>= 2.7.1)
-      net-imap
-      net-pop
-      net-smtp
-    actionmailer (7.0.8)
-      actionpack (= 7.0.8)
-      actionview (= 7.0.8)
-      activejob (= 7.0.8)
-      activesupport (= 7.0.8)
-      mail (~> 2.5, >= 2.5.4)
-      net-imap
-      net-pop
-      net-smtp
-      rails-dom-testing (~> 2.0)
-    actionpack (7.0.8)
-      actionview (= 7.0.8)
-      activesupport (= 7.0.8)
-      rack (~> 2.0, >= 2.2.4)
+      zeitwerk (~> 2.6)
+    actionmailbox (7.2.1)
+      actionpack (= 7.2.1)
+      activejob (= 7.2.1)
+      activerecord (= 7.2.1)
+      activestorage (= 7.2.1)
+      activesupport (= 7.2.1)
+      mail (>= 2.8.0)
+    actionmailer (7.2.1)
+      actionpack (= 7.2.1)
+      actionview (= 7.2.1)
+      activejob (= 7.2.1)
+      activesupport (= 7.2.1)
+      mail (>= 2.8.0)
+      rails-dom-testing (~> 2.2)
+    actionpack (7.2.1)
+      actionview (= 7.2.1)
+      activesupport (= 7.2.1)
+      nokogiri (>= 1.8.5)
+      racc
+      rack (>= 2.2.4, < 3.2)
+      rack-session (>= 1.0.1)
       rack-test (>= 0.6.3)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (7.0.8)
-      actionpack (= 7.0.8)
-      activerecord (= 7.0.8)
-      activestorage (= 7.0.8)
-      activesupport (= 7.0.8)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+      useragent (~> 0.16)
+    actiontext (7.2.1)
+      actionpack (= 7.2.1)
+      activerecord (= 7.2.1)
+      activestorage (= 7.2.1)
+      activesupport (= 7.2.1)
       globalid (>= 0.6.0)
       nokogiri (>= 1.8.5)
-    actionview (7.0.8)
-      activesupport (= 7.0.8)
+    actionview (7.2.1)
+      activesupport (= 7.2.1)
       builder (~> 3.1)
-      erubi (~> 1.4)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (7.0.8)
-      activesupport (= 7.0.8)
+      erubi (~> 1.11)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+    activejob (7.2.1)
+      activesupport (= 7.2.1)
       globalid (>= 0.3.6)
-    activemodel (7.0.8)
-      activesupport (= 7.0.8)
-    activerecord (7.0.8)
-      activemodel (= 7.0.8)
-      activesupport (= 7.0.8)
-    activestorage (7.0.8)
-      actionpack (= 7.0.8)
-      activejob (= 7.0.8)
-      activerecord (= 7.0.8)
-      activesupport (= 7.0.8)
+    activemodel (7.2.1)
+      activesupport (= 7.2.1)
+    activerecord (7.2.1)
+      activemodel (= 7.2.1)
+      activesupport (= 7.2.1)
+      timeout (>= 0.4.0)
+    activestorage (7.2.1)
+      actionpack (= 7.2.1)
+      activejob (= 7.2.1)
+      activerecord (= 7.2.1)
+      activesupport (= 7.2.1)
       marcel (~> 1.0)
-      mini_mime (>= 1.1.0)
-    activesupport (7.0.8)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
+    activesupport (7.2.1)
+      base64
+      bigdecimal
+      concurrent-ruby (~> 1.0, >= 1.3.1)
+      connection_pool (>= 2.2.5)
+      drb
       i18n (>= 1.6, < 2)
+      logger (>= 1.4.2)
       minitest (>= 5.1)
-      tzinfo (~> 2.0)
+      securerandom (>= 0.3)
+      tzinfo (~> 2.0, >= 2.0.5)
     ast (2.4.2)
-    base64 (0.1.1)
-    builder (3.2.4)
-    concurrent-ruby (1.2.2)
+    base64 (0.2.0)
+    bigdecimal (3.1.8)
+    builder (3.3.0)
+    concurrent-ruby (1.3.4)
+    connection_pool (2.4.1)
     crass (1.0.6)
-    date (3.3.3)
-    diff-lcs (1.5.0)
-    erubi (1.12.0)
+    date (3.3.4)
+    diff-lcs (1.5.1)
+    drb (2.2.1)
+    erubi (1.13.0)
     globalid (1.2.1)
       activesupport (>= 6.1)
-    i18n (1.14.1)
+    i18n (1.14.6)
       concurrent-ruby (~> 1.0)
-    json (2.6.3)
+    io-console (0.7.2)
+    irb (1.14.1)
+      rdoc (>= 4.0.0)
+      reline (>= 0.4.2)
+    json (2.7.2)
     language_server-protocol (3.17.0.3)
     lint_roller (1.1.0)
-    loofah (2.21.3)
+    logger (1.6.1)
+    loofah (2.22.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
     mail (2.8.1)
@@ -97,46 +110,56 @@ GEM
       net-imap
       net-pop
       net-smtp
-    marcel (1.0.2)
-    method_source (1.0.0)
+    marcel (1.0.4)
     mini_mime (1.1.5)
-    minitest (5.20.0)
-    net-imap (0.3.7)
+    mini_portile2 (2.8.9)
+    minitest (5.25.1)
+    net-imap (0.4.16)
       date
       net-protocol
     net-pop (0.1.2)
       net-protocol
-    net-protocol (0.2.1)
+    net-protocol (0.2.2)
       timeout
-    net-smtp (0.3.3)
+    net-smtp (0.5.0)
       net-protocol
-    nio4r (2.5.9)
-    nokogiri (1.15.4-arm64-darwin)
+    nio4r (2.7.3)
+    nokogiri (1.16.7)
+      mini_portile2 (~> 2.8.2)
+      racc (~> 1.4)
+    nokogiri (1.16.7-arm64-darwin)
       racc (~> 1.4)
-    nokogiri (1.15.4-x86_64-linux)
+    nokogiri (1.16.7-x86_64-linux)
       racc (~> 1.4)
-    parallel (1.23.0)
-    parser (3.2.2.3)
+    parallel (1.26.3)
+    parser (3.3.5.0)
       ast (~> 2.4.1)
       racc
-    racc (1.7.1)
-    rack (2.2.8)
+    psych (5.1.2)
+      stringio
+    racc (1.8.1)
+    rack (3.1.7)
+    rack-session (2.0.0)
+      rack (>= 3.0.0)
     rack-test (2.1.0)
       rack (>= 1.3)
-    rails (7.0.8)
-      actioncable (= 7.0.8)
-      actionmailbox (= 7.0.8)
-      actionmailer (= 7.0.8)
-      actionpack (= 7.0.8)
-      actiontext (= 7.0.8)
-      actionview (= 7.0.8)
-      activejob (= 7.0.8)
-      activemodel (= 7.0.8)
-      activerecord (= 7.0.8)
-      activestorage (= 7.0.8)
-      activesupport (= 7.0.8)
+    rackup (2.1.0)
+      rack (>= 3)
+      webrick (~> 1.8)
+    rails (7.2.1)
+      actioncable (= 7.2.1)
+      actionmailbox (= 7.2.1)
+      actionmailer (= 7.2.1)
+      actionpack (= 7.2.1)
+      actiontext (= 7.2.1)
+      actionview (= 7.2.1)
+      activejob (= 7.2.1)
+      activemodel (= 7.2.1)
+      activerecord (= 7.2.1)
+      activestorage (= 7.2.1)
+      activesupport (= 7.2.1)
       bundler (>= 1.15.0)
-      railties (= 7.0.8)
+      railties (= 7.2.1)
     rails-dom-testing (2.2.0)
       activesupport (>= 5.0.0)
       minitest
@@ -144,73 +167,83 @@ GEM
     rails-html-sanitizer (1.6.0)
       loofah (~> 2.21)
       nokogiri (~> 1.14)
-    railties (7.0.8)
-      actionpack (= 7.0.8)
-      activesupport (= 7.0.8)
-      method_source
+    railties (7.2.1)
+      actionpack (= 7.2.1)
+      activesupport (= 7.2.1)
+      irb (~> 1.13)
+      rackup (>= 1.0.0)
       rake (>= 12.2)
-      thor (~> 1.0)
-      zeitwerk (~> 2.5)
+      thor (~> 1.0, >= 1.2.2)
+      zeitwerk (~> 2.6)
     rainbow (3.1.1)
-    rake (13.0.6)
-    regexp_parser (2.8.1)
-    rexml (3.2.6)
-    rspec (3.12.0)
-      rspec-core (~> 3.12.0)
-      rspec-expectations (~> 3.12.0)
-      rspec-mocks (~> 3.12.0)
-    rspec-core (3.12.2)
-      rspec-support (~> 3.12.0)
-    rspec-expectations (3.12.3)
+    rake (13.2.1)
+    rdoc (6.7.0)
+      psych (>= 4.0.0)
+    regexp_parser (2.9.2)
+    reline (0.5.10)
+      io-console (~> 0.5)
+    rexml (3.3.8)
+    rspec (3.13.0)
+      rspec-core (~> 3.13.0)
+      rspec-expectations (~> 3.13.0)
+      rspec-mocks (~> 3.13.0)
+    rspec-core (3.13.1)
+      rspec-support (~> 3.13.0)
+    rspec-expectations (3.13.3)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.6)
+      rspec-support (~> 3.13.0)
+    rspec-mocks (3.13.2)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.12.0)
-    rspec-support (3.12.1)
-    rubocop (1.56.3)
-      base64 (~> 0.1.1)
+      rspec-support (~> 3.13.0)
+    rspec-support (3.13.1)
+    rubocop (1.65.1)
       json (~> 2.3)
       language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
-      parser (>= 3.2.2.3)
+      parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
+      regexp_parser (>= 2.4, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.28.1, < 2.0)
+      rubocop-ast (>= 1.31.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.29.0)
-      parser (>= 3.2.1.0)
-    rubocop-performance (1.19.0)
-      rubocop (>= 1.7.0, < 2.0)
-      rubocop-ast (>= 0.4.0)
+    rubocop-ast (1.32.3)
+      parser (>= 3.3.1.0)
+    rubocop-performance (1.21.1)
+      rubocop (>= 1.48.1, < 2.0)
+      rubocop-ast (>= 1.31.1, < 2.0)
     ruby-progressbar (1.13.0)
-    standard (1.31.1)
+    securerandom (0.3.1)
+    standard (1.40.1)
       language_server-protocol (~> 3.17.0.2)
       lint_roller (~> 1.0)
-      rubocop (~> 1.56.2)
+      rubocop (~> 1.65.0)
       standard-custom (~> 1.0.0)
-      standard-performance (~> 1.2)
+      standard-performance (~> 1.4)
     standard-custom (1.0.2)
       lint_roller (~> 1.0)
       rubocop (~> 1.50)
-    standard-performance (1.2.0)
+    standard-performance (1.4.0)
       lint_roller (~> 1.1)
-      rubocop-performance (~> 1.19.0)
-    stripe (9.2.0)
-    thor (1.2.2)
-    timeout (0.4.0)
+      rubocop-performance (~> 1.21.0)
+    stringio (3.1.1)
+    stripe (13.0.0)
+    thor (1.3.2)
+    timeout (0.4.1)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    unicode-display_width (2.4.2)
+    unicode-display_width (2.6.0)
+    useragent (0.16.10)
+    webrick (1.8.2)
     websocket-driver (0.7.6)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
-    zeitwerk (2.6.11)
+    zeitwerk (2.6.18)
 
 PLATFORMS
   arm64-darwin-22
+  arm64-darwin-23
+  arm64-darwin-24
   x86_64-linux
 
 DEPENDENCIES
@@ -220,4 +253,4 @@ DEPENDENCIES
   standard (~> 1.3)
 
 BUNDLED WITH
-   2.4.8
+   2.6.5

data/README.md

@@ -1,5 +1,7 @@
 # NoCheckout
 
+[![Gem Version](https://badge.fury.io/rb/nocheckout.svg)](https://badge.fury.io/rb/nocheckout) [![Tests](https://github.com/rubymonolith/nocheckout/actions/workflows/main.yml/badge.svg)](https://github.com/rubymonolith/nocheckout/actions/workflows/main.yml)
+
 > [!IMPORTANT]
 > This project is a work in progress. This README was written to better understand the implementation for developers. **Some of the APIs may not have yet been implemented, renamed, or removed**. When the API settles down and is running in production for a while, a 1.0 release will be cut and this notice removed.
 
@@ -28,54 +30,222 @@ Before you do anything you'll need to go to https://dashboard.stripe.com/test/ap
 Stripe.api_key = Rails.configuration.stripe[:secret_key]
 ```
 
-## Usage
+## Checkout Sessions Controller
 
-This library comes with two controllers, both map closely to their respective Stripe docs.
+[Stripe Checkout Sessions](https://stripe.com/docs/api/checkout/sessions) send users from your website to a branded stripe.com page where they can enter their credit card details and complete the purchase. Once the purchase is complete, the user is redirected back to your website.
 
-### Checkout Sessions Controller
+NoCheckout provides a `CheckoutSession` module that you can include in your controllers to handle the interface between Stripe and your Rails application. The module is designed to be minimal and flexible.
 
-[Stripe Checkout Sessions](https://stripe.com/docs/api/checkout/sessions) send users from your website to a branded stripe.com page where they can enter their credit card details and complete the purchase. Once the purchase is complete, the user is redirected back to your website.
+To get started, create a controller and include the `NoCheckout::Stripe::CheckoutSession` module. The module provides:
+
+- **`#new` action**: Creates a Checkout Session and redirects users to Stripe
+- **`#show` action**: Handles the callback when users return from Stripe
+- **Protected methods**: `create_checkout_session`, `retrieve_checkout_session`, `callback_url`, `success_url`, `cancel_url`
+
+The module automatically sets up `before_action` callbacks that:
+- Call `create_checkout_session` and assign it to `@checkout_session` before the `new` action
+- Call `retrieve_checkout_session` and assign it to `@checkout_session` before the `show` action
 
-The NoCheckout::CheckoutSessionsController handles the interface between Stripe and your Rails application and tries to be as small as possible.
+### Create user record after checkout is complete
 
-To get started, create a base CheckoutSessionsController that maps the Users from your application with [Stripe Customers](https://stripe.com/docs/api/customers).
+This approach creates a new user record after the checkout is complete with the name and email they give during the Stripe checkout process.
 
 ```ruby
-class CheckoutSessionsController < NoCheckout::Stripe::CheckoutSessionsController
-  protected
-    def customer_id
-      user.id
-    end
+class PaymentsController < ApplicationController
+  include NoCheckout::Stripe::CheckoutSession
+
+  STRIPE_PRICE = "price_..."
 
-    def create_customer
-      Stripe::Customer.create(
-        id: customer_id,
-        name: user.name,
-        email: user.email
-      )
+  def show
+    # @checkout_session is automatically assigned by the module
+    customer = Stripe::Customer.retrieve @checkout_session.customer
+    subscription = Stripe::Subscription.retrieve @checkout_session.subscription
+
+    # Do stuff with Stripe info
+    user = User.find_or_create_by email: customer.email
+    customer.metadata.user_id = user.id
+    customer.save
+    user.name = customer.name
+    user.save!
+
+    # In this example we set the current user to stripe info. This likely
+    # doesn't make sense for your security context, so be careful...
+    self.current_user = user
+    redirect_to root_url
+  end
+
+  protected
+    def create_checkout_session
+      super \
+        mode: "subscription",
+        line_items: [{
+          price: self.class::STRIPE_PRICE,
+          quantity: 1
+        }]
     end
 end
 ```
 
-Then, for each product you want to offer, create a controller and inherit the `CheckoutSessionsController`.
+Then, for each product you want to offer, create a controller and include the `CheckoutSession` module. You can also inherit from a base controller:
 
 ```ruby
 class PlusCheckoutSessionsController < PaymentsController
   STRIPE_PRICE = "price_..."
+end
+```
+
+Or include the module directly:
+
+```ruby
+class ProCheckoutSessionsController < ApplicationController
+  include NoCheckout::Stripe::CheckoutSession
+  
+  STRIPE_PRICE = "price_..."
+
+  def show
+    # Handle callback after successful checkout
+    redirect_to dashboard_url, notice: "Welcome to Pro!"
+  end
 
   protected
     def create_checkout_session
-      create_stripe_checkout_session line_items: [{
-        price: STRIPE_PRICE,
-        quantity: 1
-      }]
+      super \
+        mode: "subscription",
+        line_items: [{price: self.class::STRIPE_PRICE, quantity: 1}]
     end
 end
 ```
 
 There's a lot of different ways you can wire up the controllers depending on how many Stripe prices are in your application. This README assumes you're selling just a few products, so the prices are hard coded as constants in the controller. This could easily be populated from a database.
 
-### Webhooks Controller
+### Create a user record before checkout is complete
+
+```ruby
+class PaymentsController < ApplicationController
+  include NoCheckout::Stripe::CheckoutSession
+  
+  before_action :authenticate_user! # Loads a current_user
+
+  STRIPE_PRICE = "price_..."
+
+  def show
+    # @checkout_session is automatically assigned by the module
+    customer = Stripe::Customer.retrieve @checkout_session.customer
+    subscription = Stripe::Subscription.retrieve @checkout_session.subscription
+
+    # Update user with subscription info
+    current_user.update!(
+      stripe_customer_id: customer.id,
+      stripe_subscription_id: subscription.id
+    )
+
+    redirect_to root_url, notice: "Subscription activated!"
+  end
+
+  protected
+    def create_checkout_session
+      # Find or create a Stripe customer for the current user
+      customer = if current_user.stripe_customer_id.present?
+        Stripe::Customer.retrieve(current_user.stripe_customer_id)
+      else
+        Stripe::Customer.create(
+          email: current_user.email,
+          name: current_user.name,
+          metadata: {user_id: current_user.id}
+        )
+      end
+
+      super \
+        mode: "subscription",
+        customer: customer.id,
+        line_items: [{
+          price: self.class::STRIPE_PRICE,
+          quantity: 1
+        }]
+    end
+end
+```
+
+### Customizing callback URLs
+
+By default, the module uses the same URL for both `success_url` and `cancel_url`, pointing to the `show` action with the Checkout Session ID. You can override these methods to customize the behavior:
+
+```ruby
+class PaymentsController < ApplicationController
+  include NoCheckout::Stripe::CheckoutSession
+
+  protected
+    def success_url
+      # Custom success URL
+      callback_url(status: "success")
+    end
+
+    def cancel_url
+      # Custom cancel URL - could point to a different action or controller
+      pricing_url
+    end
+end
+```
+
+### Routes
+
+Don't forget to add routes for your checkout controllers:
+
+```ruby
+# config/routes.rb
+Rails.application.routes.draw do
+  resources :payments, controller: "payments", only: [:new, :show]
+  
+  # Or for multiple products:
+  resource :plus_checkout, controller: "plus_checkout_sessions", only: [:new, :show]
+  resource :pro_checkout, controller: "pro_checkout_sessions", only: [:new, :show]
+end
+```
+
+## Architecture
+
+The `CheckoutSession` module is designed as a Rails concern that provides a minimal, composable interface for Stripe Checkout Sessions. Here's how it works:
+
+### Module-Based Design
+
+Instead of inheriting from a base controller class, you **include** the `CheckoutSession` module into your own controllers. This gives you maximum flexibility:
+
+- **No forced inheritance**: Your controllers can inherit from any base controller in your app
+- **Composable**: Mix and match with other concerns and modules
+- **Customizable**: Override any method to change behavior
+- **Testable**: Each piece can be tested independently
+
+### What the Module Provides
+
+1. **Before Actions**: Automatically sets up `@checkout_session` for `new` and `show` actions
+2. **Action Methods**: Provides `#new` action that redirects to Stripe
+3. **Protected Methods**: Gives you `create_checkout_session`, `retrieve_checkout_session`, `callback_url`, `success_url`, and `cancel_url` to override as needed
+4. **Constants**: Includes helper constants for handling Stripe's callback parameter
+
+### Customization Pattern
+
+The module follows a simple pattern:
+
+```ruby
+class YourController < ApplicationController
+  include NoCheckout::Stripe::CheckoutSession
+  
+  # 1. Override protected methods to customize Stripe session creation
+  protected
+    def create_checkout_session
+      super(mode: "payment", line_items: [...])
+    end
+  
+  # 2. Implement show action to handle the callback
+  def show
+    # Access @checkout_session that was automatically retrieved
+    # Do your business logic
+    # Redirect user
+  end
+end
+```
+
+## Webhooks Controller
 
 [Stripe Webhooks](https://stripe.com/docs/webhooks) are extensive and keep your application up-to-date with what Stripe. In this example, we'll look at how to handle a subscription that's expiring and update a User record in our database.
 
@@ -83,8 +253,6 @@ There's a lot of different ways you can wire up the controllers depending on how
 class StripesController < NoCheckout::Stripe::WebhooksController
   STRIPE_SIGNING_SECRET = ENV["STRIPE_SIGNING_SECRET"]
 
-  protected
-
   def customer_subscription_created
     user.subscription_expires_at data.current_period_end
   end

data/app/controllers/nocheckout/stripe/checkout_session.rb

@@ -0,0 +1,57 @@
+module NoCheckout::Stripe
+  module CheckoutSession
+    extend ActiveSupport::Concern
+
+    # Unescaped placeholder for Stripe to insert the Checkout Session ID.
+    STRIPE_CALLBACK_PARAMETER = "{CHECKOUT_SESSION_ID}".freeze
+
+    # Escaped version that Rails will emit.
+    ESCAPED_STRIPE_CALLBACK_PARAMETER = CGI.escape(STRIPE_CALLBACK_PARAMETER).freeze
+
+    # Hoist the Stripe constant for easier access.
+    Stripe = ::Stripe
+
+    included do
+      before_action def assign_created_checkout_session
+        @checkout_session = create_checkout_session
+      end, only: :new
+
+      before_action def assign_retrieved_checkout_session
+        @checkout_session = retrieve_checkout_session
+      end, only: :show
+    end
+
+    # Creates a new Checkout Session and redirects to it.
+    def new
+      redirect_to @checkout_session.url, allow_other_host: true
+    end
+
+    protected
+
+    # Creates a Stripe Checkout Session with callback URLs appended.
+    def create_checkout_session(**)
+      Stripe::Checkout::Session.create(success_url:, cancel_url:, **)
+    end
+
+    # Retrieves an existing Stripe Checkout Session by ID.
+    def retrieve_checkout_session(*, **)
+      Stripe::Checkout::Session.retrieve params.fetch(:id), *, **
+    end
+
+    def unescape_stripe_callback_parameter(url)
+      url.gsub(ESCAPED_STRIPE_CALLBACK_PARAMETER, STRIPE_CALLBACK_PARAMETER)
+    end
+
+    # Default success URL. Override for custom behavior.
+    def callback_url(**)
+      unescape_stripe_callback_parameter url_for(
+        action: :show,
+        id: STRIPE_CALLBACK_PARAMETER,
+        only_path: false,
+        **
+      )
+    end
+    alias :success_url :callback_url
+    alias :cancel_url :callback_url
+  end
+end

data/app/controllers/nocheckout/stripe/checkout_sessions_controller.rb

@@ -1,99 +1,5 @@
 module NoCheckout::Stripe
   class CheckoutSessionsController < ApplicationController
-    def new
-      redirect_to checkout_session.url, allow_other_host: true
-    end
-
-    protected
-      def checkout_session
-        @checkout_session ||= find_or_create_checkout_session
-      end
-
-      def create_checkout_session
-        raise "Implement a method here that returns a Stripe::Checkout::Session"
-      end
-
-      def customer_id
-        current_user.id
-      end
-
-      # Actually creates a Stripe checkout session. The reason I had to create
-      # this method is so I could "curry" the values within so the `create_checkout_session`
-      # could be a bit more readable and work better with inheritance.
-      def create_stripe_checkout_session(**attributes)
-        Stripe::Checkout::Session.create \
-          mode: "subscription",
-          customer: stripe_customer,
-          success_url: success_url,
-          cancel_url: cancel_url,
-          **attributes
-      end
-
-      def callback_url(**kwargs)
-        # Yuck! I have to do the append at the end because rails params escape the `{CHECKOUT_SESSION_ID}` values
-        # to `session_id=%7BCHECKOUT_SESSION_ID%7D`. This will work though, but its def not pretty and feels a tad
-        # dangerous.
-        concat_unescaped_stripe_checkout_session_id url_for(action: :show, only_path: false, **kwargs)
-      end
-
-      STRIPE_CALLBACK_PARAMETER = "checkout_session_id={CHECKOUT_SESSION_ID}"
-
-      # For some reason Stripe decided to not escape the `{CHECKOUT_SESSION_ID}`, if we try to
-      # pass it through Rails URL builders or the URI object, it will URL encode the value and
-      # not work with stripe. Consequently, we have to do some weirdness here to append the callback.
-      #
-      # More information at https://stripe.com/docs/payments/checkout/custom-success-page#modify-success-url
-      def concat_unescaped_stripe_checkout_session_id(url)
-        if URI(url).query
-          url.concat("&#{STRIPE_CALLBACK_PARAMETER}")
-        else
-          url.concat("?#{STRIPE_CALLBACK_PARAMETER}")
-        end
-      end
-
-      def success_url
-        callback_url(state: :success)
-      end
-
-      def cancel_url
-        callback_url(state: :cancel)
-      end
-
-      def stripe_customer
-        @stripe_customer ||= find_or_create_customer
-      end
-
-      def create_customer
-        Stripe::Customer.create(
-          id: String(customer_id),
-          name: current_user.name,
-          email: current_user.email
-        )
-      end
-
-      def find_or_create_checkout_session
-        if params.key? :checkout_session_id
-          Stripe::Checkout::Session.retrieve params.fetch(:checkout_session_id)
-        else
-          create_checkout_session
-        end
-      end
-
-      def find_or_create_customer
-        return nil if customer_id.blank?
-
-        begin
-          Stripe::Customer.retrieve(String(customer_id))
-        # Blurg ... wish Stripe just returned a response object that's not an exception.
-        rescue Stripe::InvalidRequestError => e
-          case e.response.data
-            in error: { code: "resource_missing" }
-              create_customer
-            else
-              raise
-          end
-        end
-      end
-
+    include CheckoutSession
   end
 end

data/lib/nocheckout/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module NoCheckout
-  VERSION = "0.1.3"
+  VERSION = "0.2.0"
 end

metadata

@@ -1,14 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: nocheckout
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.2.0
 platform: ruby
 authors:
 - Brad Gessler
-autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-09-13 00:00:00.000000000 Z
+date: 2025-10-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: zeitwerk
@@ -42,14 +41,14 @@ dependencies:
   name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '7.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '7.0'
 description: Rails controllers for Stripe Checkout Sessions and Webhooks
@@ -69,6 +68,7 @@ files:
 - README.md
 - Rakefile
 - app/controllers/nocheckout/stripe.rb
+- app/controllers/nocheckout/stripe/checkout_session.rb
 - app/controllers/nocheckout/stripe/checkout_sessions_controller.rb
 - app/controllers/nocheckout/stripe/webhooks_controller.rb
 - app/controllers/nocheckout/webhooks_controller.rb
@@ -87,7 +87,6 @@ metadata:
   homepage_uri: https://github.com/rubymonolith/nocheckout
   source_code_uri: https://github.com/rubymonolith/nocheckout
   changelog_uri: https://github.com/rubymonolith/nocheckout
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -102,8 +101,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.6
-signing_key:
+rubygems_version: 3.6.2
 specification_version: 4
 summary: Rails controllers for Stripe Checkout Sessions and Webhooks
 test_files: []