nocheckout 0.1.0 → 0.1.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4970cdc6cb5b9329d5a228bef45e87df83cf5669fd734173e847bb0902a60cb7
-  data.tar.gz: b58e0b5fc1677cf3b10e9928f4d1bfd468952fb913686193d9eb54efd3aeb328
+  metadata.gz: 9db06290291d396f599cd4480858528a842f818be68f58e154ad7e5f5f8b6299
+  data.tar.gz: '06974973a6ac44a4c909e48bc82737c3f16639981016d3ee9e4b815c74b38203'
 SHA512:
-  metadata.gz: 124cd374f126fb03beacaf993a8302fe50f8a288caff2463d3f0fd9fa49a8f5c43724b7c1130497928c1679feab4717a7d792740b0e57bfe1a03c04bfa2f5fdc
-  data.tar.gz: c55bfc77908c605070ab463ca3a4bd91966a808f26725fe3bf2bdcf6589444dd35443c9cd4dcedd9d8848930bc8adcda81adb82b1d7b94421cf61b7ed6a4b092
+  metadata.gz: 4d900112610418b2b15882d3e2b58ba13bd6ced82e6fa01dbcfa84442436a941fb1454a754c8e2b5e76d2ef861bf7abf3653f3b02a4f6ecfc297d5d9e7ab8995
+  data.tar.gz: 44e17d5ff40f48f7744711871cbb68ef9522248e521a2e0743b66486458f4ae4be6a15b41ab5bc0826b16534c168566234aa94a77d633db91bbb5e7ec7ebd38b

data/Gemfile.lock

@@ -1,23 +1,156 @@
 PATH
   remote: .
   specs:
-    nocheckout (0.1.0)
+    nocheckout (0.1.2)
+      rails (~> 7.0)
       stripe (>= 7.0)
       zeitwerk (~> 2.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
+    actioncable (7.0.8)
+      actionpack (= 7.0.8)
+      activesupport (= 7.0.8)
+      nio4r (~> 2.0)
+      websocket-driver (>= 0.6.1)
+    actionmailbox (7.0.8)
+      actionpack (= 7.0.8)
+      activejob (= 7.0.8)
+      activerecord (= 7.0.8)
+      activestorage (= 7.0.8)
+      activesupport (= 7.0.8)
+      mail (>= 2.7.1)
+      net-imap
+      net-pop
+      net-smtp
+    actionmailer (7.0.8)
+      actionpack (= 7.0.8)
+      actionview (= 7.0.8)
+      activejob (= 7.0.8)
+      activesupport (= 7.0.8)
+      mail (~> 2.5, >= 2.5.4)
+      net-imap
+      net-pop
+      net-smtp
+      rails-dom-testing (~> 2.0)
+    actionpack (7.0.8)
+      actionview (= 7.0.8)
+      activesupport (= 7.0.8)
+      rack (~> 2.0, >= 2.2.4)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.2.0)
+    actiontext (7.0.8)
+      actionpack (= 7.0.8)
+      activerecord (= 7.0.8)
+      activestorage (= 7.0.8)
+      activesupport (= 7.0.8)
+      globalid (>= 0.6.0)
+      nokogiri (>= 1.8.5)
+    actionview (7.0.8)
+      activesupport (= 7.0.8)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.1, >= 1.2.0)
+    activejob (7.0.8)
+      activesupport (= 7.0.8)
+      globalid (>= 0.3.6)
+    activemodel (7.0.8)
+      activesupport (= 7.0.8)
+    activerecord (7.0.8)
+      activemodel (= 7.0.8)
+      activesupport (= 7.0.8)
+    activestorage (7.0.8)
+      actionpack (= 7.0.8)
+      activejob (= 7.0.8)
+      activerecord (= 7.0.8)
+      activesupport (= 7.0.8)
+      marcel (~> 1.0)
+      mini_mime (>= 1.1.0)
+    activesupport (7.0.8)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
     ast (2.4.2)
+    base64 (0.1.1)
+    builder (3.2.4)
+    concurrent-ruby (1.2.2)
+    crass (1.0.6)
+    date (3.3.3)
     diff-lcs (1.5.0)
+    erubi (1.12.0)
+    globalid (1.2.1)
+      activesupport (>= 6.1)
+    i18n (1.14.1)
+      concurrent-ruby (~> 1.0)
     json (2.6.3)
     language_server-protocol (3.17.0.3)
     lint_roller (1.1.0)
+    loofah (2.21.3)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.12.0)
+    mail (2.8.1)
+      mini_mime (>= 0.1.1)
+      net-imap
+      net-pop
+      net-smtp
+    marcel (1.0.2)
+    method_source (1.0.0)
+    mini_mime (1.1.5)
+    minitest (5.20.0)
+    net-imap (0.3.7)
+      date
+      net-protocol
+    net-pop (0.1.2)
+      net-protocol
+    net-protocol (0.2.1)
+      timeout
+    net-smtp (0.3.3)
+      net-protocol
+    nio4r (2.5.9)
+    nokogiri (1.15.4-arm64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.15.4-x86_64-linux)
+      racc (~> 1.4)
     parallel (1.23.0)
     parser (3.2.2.3)
       ast (~> 2.4.1)
       racc
     racc (1.7.1)
+    rack (2.2.8)
+    rack-test (2.1.0)
+      rack (>= 1.3)
+    rails (7.0.8)
+      actioncable (= 7.0.8)
+      actionmailbox (= 7.0.8)
+      actionmailer (= 7.0.8)
+      actionpack (= 7.0.8)
+      actiontext (= 7.0.8)
+      actionview (= 7.0.8)
+      activejob (= 7.0.8)
+      activemodel (= 7.0.8)
+      activerecord (= 7.0.8)
+      activestorage (= 7.0.8)
+      activesupport (= 7.0.8)
+      bundler (>= 1.15.0)
+      railties (= 7.0.8)
+    rails-dom-testing (2.2.0)
+      activesupport (>= 5.0.0)
+      minitest
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.6.0)
+      loofah (~> 2.21)
+      nokogiri (~> 1.14)
+    railties (7.0.8)
+      actionpack (= 7.0.8)
+      activesupport (= 7.0.8)
+      method_source
+      rake (>= 12.2)
+      thor (~> 1.0)
+      zeitwerk (~> 2.5)
     rainbow (3.1.1)
     rake (13.0.6)
     regexp_parser (2.8.1)
@@ -35,36 +168,45 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
     rspec-support (3.12.1)
-    rubocop (1.52.1)
+    rubocop (1.56.3)
+      base64 (~> 0.1.1)
       json (~> 2.3)
+      language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
       parser (>= 3.2.2.3)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.28.0, < 2.0)
+      rubocop-ast (>= 1.28.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
     rubocop-ast (1.29.0)
       parser (>= 3.2.1.0)
-    rubocop-performance (1.18.0)
+    rubocop-performance (1.19.0)
       rubocop (>= 1.7.0, < 2.0)
       rubocop-ast (>= 0.4.0)
     ruby-progressbar (1.13.0)
-    standard (1.30.1)
+    standard (1.31.1)
       language_server-protocol (~> 3.17.0.2)
       lint_roller (~> 1.0)
-      rubocop (~> 1.52.0)
+      rubocop (~> 1.56.2)
       standard-custom (~> 1.0.0)
-      standard-performance (~> 1.1.0)
+      standard-performance (~> 1.2)
     standard-custom (1.0.2)
       lint_roller (~> 1.0)
       rubocop (~> 1.50)
-    standard-performance (1.1.2)
+    standard-performance (1.2.0)
       lint_roller (~> 1.1)
-      rubocop-performance (~> 1.18.0)
+      rubocop-performance (~> 1.19.0)
     stripe (9.2.0)
+    thor (1.2.2)
+    timeout (0.4.0)
+    tzinfo (2.0.6)
+      concurrent-ruby (~> 1.0)
     unicode-display_width (2.4.2)
+    websocket-driver (0.7.6)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.5)
     zeitwerk (2.6.11)
 
 PLATFORMS

data/README.md

@@ -1,10 +1,13 @@
 # NoCheckout
 
-NoCheckout is a set of Rails controllers that does the least amount possible to integrate with Stripe. That might sound lazy at first, but when you read between the lines it means less stuff you have to maintain and less stuff that breaks.
+> [!IMPORTANT]
+> This project is a work in progress. This README was written to better understand the implementation for developers. **Some of the APIs may not have yet been implemented, renamed, or removed**. When the API settles down and is running in production for a while, a 1.0 release will be cut and this notice removed.
 
-How does it do the least amount possible? It sends your users down the [Stripe Checkout](https://stripe.com/docs/api/checkout/sessions) path for buying stuff, then sends them back to your site. There's also a StripeWebhooks controller that handles Stripe's callbacks.
+NoCheckout is a set of Rails controllers that does the least amount possible to integrate with Stripe. That might sound lazy at first, and it is, but if you try to roll your own signup and payment form and keep your Rails database sync'ed with your payment info, you'll quickly find out there's better things in life to worry about. Its best to delegate as much payment collection, processing, and reporting to your payment processor as you can. Fortunately Stripe does a great job sweating all the details in checkout UX and reporting that I'm OK delegating everything out to them.
 
-That's it! You don't even have to include the `stripe.js` file on your website, which means your users get a faster more private browsing session.
+This gem does that--it sends your users down the [Stripe Checkout](https://stripe.com/docs/payments/checkout/how-checkout-works) path for buying stuff, then sends them back to your site via the CheckoutSessions controller. There's also a StripeWebhooks controller that handles Stripe's callbacks in a plain 'ol controller. You don't even have to include the `stripe.js` file on your website, which means your users experience a faster, more private browsing session.
+
+That's it! There's not much to it and that's the point.
 
 ## Installation
 
@@ -16,13 +19,65 @@ If bundler is not being used to manage dependencies, install the gem by executin
 
     $ gem install nocheckout
 
+## Get a Stripe API key
+
+Before you do anything you'll need to go to https://dashboard.stripe.com/test/apikeys and get the "Secret Key". You can set the `STRIPE_SECRET_KEY` environment variable or create an initializer using your configuration manager of choice:
+
+```ruby
+# Set the API key in ./config/initializers/stripe.rb
+Stripe.api_key = Rails.configuration.stripe[:secret_key]
+```
+
 ## Usage
 
 This library comes with two controllers, both map closely to their respective Stripe docs.
 
+### Checkout Sessions Controller
+
+[Stripe Checkout Sessions](https://stripe.com/docs/api/checkout/sessions) send users from your website to a branded stripe.com page where they can enter their credit card details and complete the purchase. Once the purchase is complete, the user is redirected back to your website.
+
+The NoCheckout::CheckoutSessionsController handles the interface between Stripe and your Rails application and tries to be as small as possible.
+
+To get started, create a base CheckoutSessionsController that maps the Users from your application with [Stripe Customers](https://stripe.com/docs/api/customers).
+
+```ruby
+class CheckoutSessionsController < NoCheckout::Stripe::CheckoutSessionsController
+  protected
+    def customer_id
+      user.id
+    end
+
+    def create_customer
+      Stripe::Customer.create(
+        id: customer_id,
+        name: user.name,
+        email: user.email
+      )
+    end
+end
+```
+
+Then, for each product you want to offer, create a controller and inherit the `CheckoutSessionsController`.
+
+```ruby
+class PlusCheckoutSessionsController < PaymentsController
+  STRIPE_PRICE = "price_..."
+
+  protected
+    def create_checkout_session
+      create_stripe_checkout_session line_items: [{
+        price: STRIPE_PRICE,
+        quantity: 1
+      }]
+    end
+end
+```
+
+There's a lot of different ways you can wire up the controllers depending on how many Stripe prices are in your application. This README assumes you're selling just a few products, so the prices are hard coded as constants in the controller. This could easily be populated from a database.
+
 ### Webhooks Controller
 
-[Stripe Webhooks](https://stripe.com/docs/webhooks) are extensive and keep your application up-to-date with what Stripe sees. In this example, we'll look at how to handle a subscriptioh that's expiring to update a User record in our database.
+[Stripe Webhooks](https://stripe.com/docs/webhooks) are extensive and keep your application up-to-date with what Stripe. In this example, we'll look at how to handle a subscription that's expiring and update a User record in our database.
 
 ```ruby
 class StripesController < NoCheckout::Stripe::WebhooksController
@@ -48,39 +103,6 @@ class StripesController < NoCheckout::Stripe::WebhooksController
 end
 ```
 
-### Checkouts Controller
-
-First you need to create a base Payments controller that includes credentials and how a customer is created.
-
-```ruby
-class PaymentsController < NoCheckout::Stripe::PaymentsController
-  STRIPE_PUBLIC_KEY = ENV["STRIPE_PUBLIC_KEY"]
-  STRIPE_PRIVATE_KEY = ENV["STRIPE_PRIVATE_KEY"]
-
-  protected
-  def customer_id
-    user.id
-  end
-
-  def create_customer
-    Stripe::Customer.create(
-      id: customer_id,
-      name: user.name,
-      email: user.email
-    )
-  end
-end
-```
-
-Then, for each product you want to offer, create a controller and inherit the `PaymentsController`
-
-```ruby
-class PlusPlanPaymentsController < PaymentsController
-  def create_checkout_session
-  end
-end
-
-
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
@@ -89,7 +111,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/nocheckout. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/[USERNAME]/nocheckout/blob/main/CODE_OF_CONDUCT.md).
+Bug reports and pull requests are welcome on GitHub at https://github.com/rubymonolith/nocheckout. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/rubymonolith/nocheckout/blob/main/CODE_OF_CONDUCT.md).
 
 ## License
 
@@ -97,4 +119,4 @@ The gem is available as open source under the terms of the [MIT License](https:/
 
 ## Code of Conduct
 
-Everyone interacting in the NoCheckout project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/nocheckout/blob/main/CODE_OF_CONDUCT.md).
+Everyone interacting in the NoCheckout project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/rubymonolith/nocheckout/blob/main/CODE_OF_CONDUCT.md).

data/Rakefile

@@ -7,4 +7,4 @@ RSpec::Core::RakeTask.new(:spec)
 
 require "standard/rake"
 
-task default: %i[spec standard]
+task default: %i[spec]

data/app/controllers/nocheckout/stripe/checkout_sessions_controller.rb

@@ -0,0 +1,99 @@
+module NoCheckout::Stripe
+  class CheckoutSessionsController < ApplicationController
+    def new
+      redirect_to checkout_session.url, allow_other_host: true
+    end
+
+    protected
+      def checkout_session
+        @checkout_session ||= find_or_create_checkout_session
+      end
+
+      def create_checkout_session
+        raise "Implement a method here that returns a Stripe::Checkout::Session"
+      end
+
+      def customer_id
+        current_user.id
+      end
+
+      # Actually creates a Stripe checkout session. The reason I had to create
+      # this method is so I could "curry" the values within so the `create_checkout_session`
+      # could be a bit more readable and work better with inheritance.
+      def create_stripe_checkout_session(**attributes)
+        Stripe::Checkout::Session.create \
+          mode: "subscription",
+          customer: stripe_customer,
+          success_url: success_url,
+          cancel_url: cancel_url,
+          **attributes
+      end
+
+      def callback_url(**kwargs)
+        # Yuck! I have to do the append at the end because rails params escape the `{CHECKOUT_SESSION_ID}` values
+        # to `session_id=%7BCHECKOUT_SESSION_ID%7D`. This will work though, but its def not pretty and feels a tad
+        # dangerous.
+        concat_unescaped_stripe_checkout_session_id url_for(action: :show, only_path: false, **kwargs)
+      end
+
+      STRIPE_CALLBACK_PARAMETER = "checkout_session_id={CHECKOUT_SESSION_ID}"
+
+      # For some reason Stripe decided to not escape the `{CHECKOUT_SESSION_ID}`, if we try to
+      # pass it through Rails URL builders or the URI object, it will URL encode the value and
+      # not work with stripe. Consequently, we have to do some weirdness here to append the callback.
+      #
+      # More information at https://stripe.com/docs/payments/checkout/custom-success-page#modify-success-url
+      def concat_unescaped_stripe_checkout_session_id(url)
+        if URI(url).query
+          url.concat("&#{STRIPE_CALLBACK_PARAMETER}")
+        else
+          url.concat("?#{STRIPE_CALLBACK_PARAMETER}")
+        end
+      end
+
+      def success_url
+        callback_url(state: :success)
+      end
+
+      def cancel_url
+        callback_url(state: :cancel)
+      end
+
+      def stripe_customer
+        @stripe_customer ||= find_or_create_customer
+      end
+
+      def create_customer
+        Stripe::Customer.create(
+          id: String(customer_id),
+          name: current_user.name,
+          email: current_user.email
+        )
+      end
+
+      def find_or_create_checkout_session
+        if params.key? :checkout_session_id
+          Stripe::Checkout::Session.retrieve params.fetch(:checkout_session_id)
+        else
+          create_checkout_session
+        end
+      end
+
+      def find_or_create_customer
+        return nil if customer_id.blank?
+
+        begin
+          Stripe::Customer.retrieve(String(customer_id))
+        # Blurg ... wish Stripe just returned a response object that's not an exception.
+        rescue Stripe::InvalidRequestError => e
+          case e.response.data
+            in error: { code: "resource_missing" }
+              create_customer
+            else
+              raise
+          end
+        end
+      end
+
+  end
+end

data/app/controllers/nocheckout/stripe/webhooks_controller.rb

@@ -1,5 +1,5 @@
-module NoCheckout
-  class Stripe::WebhooksController < WebhooksController
+module NoCheckout::Stripe
+  class WebhooksController < NoCheckout::WebhooksController
     STRIPE_SIGNING_SECRET = ENV["STRIPE_SIGNING_SECRET"]
 
     rescue_from JSON::ParserError, with: :invalid_payload

data/app/controllers/nocheckout/stripe.rb

@@ -0,0 +1,8 @@
+require "stripe"
+
+module NoCheckout::Stripe
+  # Include the root Stripe namespace so developers can work
+  # within these controllers without needing to ::Stripe::Customer.create
+  # all over the place.
+  include ::Stripe
+end

data/config/initializers/inflections.rb

@@ -0,0 +1,3 @@
+ActiveSupport::Inflector.inflections(:en) do |inflect|
+  inflect.acronym "NoCheckout"
+end

data/config/initializers/stripe.rb

@@ -0,0 +1,3 @@
+require "stripe"
+
+Stripe.api_key ||= ENV["STRIPE_SECRET_KEY"]

data/config/routes.rb

@@ -0,0 +1,2 @@
+Rails.application.routes.draw do
+end

data/lib/nocheckout/engine.rb

@@ -1,6 +1,8 @@
-require "nopassword"
+require "rails/engine"
+require "nocheckout"
 
 module NoCheckout
   class Engine < ::Rails::Engine
   end
 end
+

data/lib/nocheckout/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module NoCheckout
-  VERSION = "0.1.0"
+  VERSION = "0.1.3"
 end

data/lib/nocheckout.rb

@@ -12,3 +12,5 @@ module NoCheckout
 
   class Error < StandardError; end
 end
+
+require "nocheckout/engine"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: nocheckout
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.3
 platform: ruby
 authors:
 - Brad Gessler
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-09-08 00:00:00.000000000 Z
+date: 2023-09-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: zeitwerk
@@ -38,6 +38,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '7.0'
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '7.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '7.0'
 description: Rails controllers for Stripe Checkout Sessions and Webhooks
 email:
 - bradgessler@gmail.com
@@ -54,8 +68,13 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
+- app/controllers/nocheckout/stripe.rb
+- app/controllers/nocheckout/stripe/checkout_sessions_controller.rb
 - app/controllers/nocheckout/stripe/webhooks_controller.rb
 - app/controllers/nocheckout/webhooks_controller.rb
+- config/initializers/inflections.rb
+- config/initializers/stripe.rb
+- config/routes.rb
 - lib/nocheckout.rb
 - lib/nocheckout/engine.rb
 - lib/nocheckout/version.rb