**What I’m trying to do:**I am trying to use stripe to charge my clients.
**What I’ve tried and what’s not working:**Everything is working fine, the problem I see is that I have a variable to keep track of the credits the user has and that variable is updated after the stripe validates my result in the client code. Then I have to add the new credits to a table but the user may be able to hack that variable and add any credits he wants. It does not matter if I do it in the server side since I still have to send the amount in a variable because the stripe communication happens in the client side.
You just collect the charge information from the customer on the client side, it creates a token.
You pass that token to a server side callable function and do the charge there.
When you are passing the information to the callable function in the server you can pass the amount to charge, and the items that the payment is for. This means you can re-validate on the server side (where no client has access to change variables) that the amount of the cost of the items purchased is covered by the amount to be charged.
This should be easy, since you should probably be pulling the cost of the items from a data table anyway, so you have a single source of truth for pricing.
You put the charge in a try / except block because stripe will raise an exception if the charge does not go through, so you want to return the error to the client if it fails.
Only if the charge goes through, do you change the amount of tokens the customer paid for in your data table, which should not be editable from the client.
For others reading this later, the token goes to stripe and gets authorization and gives you back that encrypted token. The token does not contain any of the customers information, but stripe knows the customer information and stored the ephemeral token for the transaction.
When you go to your own back-end using your same stripe credentials and the token, you are able to tell stripe you would like to charge the customer for up-to the amount authorized by the token.
(sometimes you can charge less, I am unsure if stripe supports this)
That’s how you can keep things secure since it goes like:
Sensitive customer info from customer browser → Stripe → Obscured info Token
Obscured info token → You → Internal Server under your control → Stripe → Response that you have money
In ecommerce, the less sensitive info from the customer you can get away with not having, the better.
If you have never had to learn what PCI compliance is, consider yourself lucky.