In https://anvil.works/blog/stripe and the docs, the Stripe popup authorization/charge box includes a checkbox named “Remember Me”. Obviously, this checkbox has some meaning, to Stripe, Anvil, the App, or all three, or there would be no reason to include it.
So, what is the meaning, at the program/database level? What are the differences in behavior
In the spirit of adventure (and with everything set to Test Mode), I tried it.
Stripe’s explanation is here. If you check the box, and enter a mobile phone number, Stripe does send a text message to the phone.
However, Stripe’s explanation is for the end-user. It states only what is expected to be accomplished, on the user’s behalf. How much of this vaguely-specified work is Anvil and Stripe already doing, and how much is left for me to do?
There are three behind-the-scenes actors here:
Each has the opportunity to do some/all of the barely-hinted-at steps. But precisely which behind-the-scenes steps, are to be carried out, in what order, is unspecified. Likewise, which actor is responsible for which steps, is also unspecified.
Anvil’s and Stripe’s documentation on these matters is great for telling me what I might program, in a wide variety of cases; but not what I should program, in this particular case, to satisfy the expected behavior. A search for “remember me” on Stripe’s documentation site finds essentially nothing. Google hasn’t been much help so far, either.
I’ve started digging through Stack Overflow to find some answers. I doubt I’ll find out much about Anvil’s Stripe integration there, but I may learn how “Remember Me” is supposed to be implemented.
If there’s a way to turn OFF the display of the “Remember Me” checkbox, that would probably simplify things.
This “remember me” functionality is entirely part of Stripe Checkout. (It handles actual credit card numbers etc, which never touch our servers.)
It’s essentially a shortcut for the “enter your credit card number” part of the process – as far as you (or we) are concerned, there’s no difference between a user entering a credit card manually or recalling a saved one.
Thanks, @meredydd. This is a start towards the specification of which party is responsible for doing what.
For design purposes, I’m trying to identify responsibilities and consequences here.
That sounds right to me!
Then this is a HUGE plus for Anvil, and as such it should be added to Anvil’s Stripe documentation.
Ultimately, you may want/need to add a GDPR topic, if only to help reassure developers that they’re not diving into a hornet’s nest by enabling that check-box.
If I wanted to hide or disable that check-box, how would I do that? Because whatever the actual responsibilities may be, it’s going to look to the end-user like it’s our responsibility. And I’d rather just nip that confusion in the bud.