MyVideoGameList/myvideogamelist.com
MyVideoGameList/myvideogamelist.com
3
0
Fork 0
Code Issues 45 Pull requests Projects 3 Releases Activity Actions

Rebuild Stripe payment processing foundation in Laravel #1

New issue
Closed
opened 2024-01-14 14:09:05 -06:00 by jimmyb · 3 comments
jimmyb commented 2024-01-14 14:09:05 -06:00
Owner
Copy link

Stripe payment processing needs to be rebuilt in Laravel so MyVideoGameList can support donations now and paid account features later.

The current Laravel checkout does not have Stripe routes, controllers, configuration, SDK dependencies, checkout handling, webhook handling, or payment views wired up yet. Users do have a legacy stripe_id field, and the donation rebuild issue will depend on a safe Stripe foundation. This issue tracks establishing the Stripe integration pattern, configuration, checkout/session flow, webhook handling, and test coverage needed for donations and future subscriptions.

Scope

  • Stripe configuration and environment variables.
  • Stripe SDK or approved Laravel payment package setup.
  • Server-side Checkout Session creation for one-time payments.
  • Future subscription support using Stripe Billing and Checkout Sessions.
  • Stripe customer association for authenticated users where applicable.
  • Success, cancellation, and failure return handling.
  • Webhook handling for completed, failed, cancelled, and subscription-related events.
  • Receipt/confirmation messaging for successful payments or subscriptions.
  • Secure test coverage for payment creation, returns, webhooks, and secret handling.

Acceptance Criteria

  • Stripe keys, webhook secrets, price IDs, and mode settings are read from config/env and are never hard-coded.
  • The app uses Stripe Checkout Sessions for one-time payments such as donations.
  • Future recurring paid-account support is designed around Stripe Billing, Prices, Checkout Sessions, and Customer Portal rather than manual renewal logic.
  • Authenticated users can be associated with a Stripe customer ID without exposing Stripe internals publicly.
  • Guests can complete allowed one-time payments without creating an account unless a feature-specific issue says otherwise.
  • Successful checkout returns show a clear confirmation/thank-you state.
  • Cancelled checkout returns show a clear cancellation state.
  • Failed or invalid payment states show a safe error message without leaking provider details.
  • Stripe webhooks verify signatures before processing events.
  • Duplicate webhook delivery is handled idempotently.
  • Payment success/failure state is recorded or made available to feature-specific flows such as donations or paid accounts.
  • User-facing UI supports light/dark mode and follows existing Laravel/Tailwind site layout patterns.

Test Coverage Required

  • Feature/unit tests for Stripe configuration loading and missing-config failure behavior.
  • Feature tests for checkout/session creation using a fake or mocked Stripe client.
  • Feature tests confirming trusted server-side amounts/price IDs are used instead of client-submitted payment data.
  • Feature tests for success, cancel, and failure return routes.
  • Webhook tests for valid signature, invalid signature, duplicate event, payment success, payment failure, and subscription-related events where implemented.
  • Regression tests confirming Stripe secrets and webhook secrets are never rendered in HTML.
  • Tests confirming authenticated-user Stripe customer association where applicable.
  • Tests should use Pest and focused feature/unit coverage.
  • Run the focused affected tests, then run vendor/bin/pint --dirty before closing the issue.

Progress Checklist

  • Legacy users.stripe_id field exists
  • Choose the Stripe integration package/pattern for Laravel
  • Add Stripe configuration and required env keys
  • Add server-side Stripe Checkout Session creation
  • Add payment success, cancel, and failure routes/views
  • Add Stripe webhook endpoint with signature verification
  • Add idempotent webhook event handling
  • Add authenticated-user Stripe customer association where needed
  • Add donation-compatible one-time payment support
  • Document or prepare subscription-compatible Billing/Price/Customer Portal support
  • Add tests for config, checkout creation, returns, webhooks, idempotency, secret safety, and user association
  • Confirm Stripe foundation is ready for donation and paid-account feature issues
Stripe payment processing needs to be rebuilt in Laravel so MyVideoGameList can support donations now and paid account features later. The current Laravel checkout does not have Stripe routes, controllers, configuration, SDK dependencies, checkout handling, webhook handling, or payment views wired up yet. Users do have a legacy `stripe_id` field, and the donation rebuild issue will depend on a safe Stripe foundation. This issue tracks establishing the Stripe integration pattern, configuration, checkout/session flow, webhook handling, and test coverage needed for donations and future subscriptions. ## Scope - Stripe configuration and environment variables. - Stripe SDK or approved Laravel payment package setup. - Server-side Checkout Session creation for one-time payments. - Future subscription support using Stripe Billing and Checkout Sessions. - Stripe customer association for authenticated users where applicable. - Success, cancellation, and failure return handling. - Webhook handling for completed, failed, cancelled, and subscription-related events. - Receipt/confirmation messaging for successful payments or subscriptions. - Secure test coverage for payment creation, returns, webhooks, and secret handling. ## Acceptance Criteria - Stripe keys, webhook secrets, price IDs, and mode settings are read from config/env and are never hard-coded. - The app uses Stripe Checkout Sessions for one-time payments such as donations. - Future recurring paid-account support is designed around Stripe Billing, Prices, Checkout Sessions, and Customer Portal rather than manual renewal logic. - Authenticated users can be associated with a Stripe customer ID without exposing Stripe internals publicly. - Guests can complete allowed one-time payments without creating an account unless a feature-specific issue says otherwise. - Successful checkout returns show a clear confirmation/thank-you state. - Cancelled checkout returns show a clear cancellation state. - Failed or invalid payment states show a safe error message without leaking provider details. - Stripe webhooks verify signatures before processing events. - Duplicate webhook delivery is handled idempotently. - Payment success/failure state is recorded or made available to feature-specific flows such as donations or paid accounts. - User-facing UI supports light/dark mode and follows existing Laravel/Tailwind site layout patterns. ## Test Coverage Required - Feature/unit tests for Stripe configuration loading and missing-config failure behavior. - Feature tests for checkout/session creation using a fake or mocked Stripe client. - Feature tests confirming trusted server-side amounts/price IDs are used instead of client-submitted payment data. - Feature tests for success, cancel, and failure return routes. - Webhook tests for valid signature, invalid signature, duplicate event, payment success, payment failure, and subscription-related events where implemented. - Regression tests confirming Stripe secrets and webhook secrets are never rendered in HTML. - Tests confirming authenticated-user Stripe customer association where applicable. - Tests should use Pest and focused feature/unit coverage. - Run the focused affected tests, then run `vendor/bin/pint --dirty` before closing the issue. ## Progress Checklist - [x] Legacy `users.stripe_id` field exists - [x] Choose the Stripe integration package/pattern for Laravel - [x] Add Stripe configuration and required env keys - [x] Add server-side Stripe Checkout Session creation - [x] Add payment success, cancel, and failure routes/views - [x] Add Stripe webhook endpoint with signature verification - [x] Add idempotent webhook event handling - [x] Add authenticated-user Stripe customer association where needed - [x] Add donation-compatible one-time payment support - [x] Document or prepare subscription-compatible Billing/Price/Customer Portal support - [x] Add tests for config, checkout creation, returns, webhooks, idempotency, secret safety, and user association - [x] Confirm Stripe foundation is ready for donation and paid-account feature issues
jimmyb commented 2024-01-14 14:09:11 -06:00
Author
Owner
Copy link

This has been built into our donation system and it's very easy to use! It should be simple to get it integrated with paid accounts. We can likely use multiple buttons with differing amounts.

This has been built into our donation system and it's very easy to use! It should be simple to get it integrated with paid accounts. We can likely use multiple buttons with differing amounts.
jimmyb commented 2024-01-14 14:09:29 -06:00
Author
Owner
Copy link

Somewhat related. I got this when I subscribed to wowhead.com and I liked the "template":

Welcome to the ZAM Premium Service!

ZAM Network is pleased that you have chosen to support our ever growing community and look forward to providing you with even more exciting and revolutionary online gaming services in the future.
Here is your subscription information:
Transaction ID: 100525613062
Subscription: 1 month $1.00

Your subscription will expire on 2018-03-05.
You can cancel at any time by accessing your account settings and clicking OFF next to the date of renewal or by contacting us at accounts@zam.com.
If you cancel, you still may be charged for the current billing period.
More information about can be found at: FAQ

Thank you for using the ZAM Network for your online gaming needs.
Please keep this email for your records.
If you have any questions, please e-mail us at accounts@zam.com.

Somewhat related. I got this when I subscribed to wowhead.com and I liked the "template": > Welcome to the ZAM Premium Service! > > ZAM Network is pleased that you have chosen to support our ever growing community and look forward to providing you with even more exciting and revolutionary online gaming services in the future. > Here is your subscription information: > Transaction ID: 100525613062 > Subscription: 1 month $1.00 > > Your subscription will expire on 2018-03-05. > You can cancel at any time by accessing your account settings and clicking OFF next to the date of renewal or by contacting us at accounts@zam.com. > If you cancel, you still may be charged for the current billing period. > More information about can be found at: FAQ > > Thank you for using the ZAM Network for your online gaming needs. > Please keep this email for your records. > If you have any questions, please e-mail us at accounts@zam.com.
Codex changed title from Utilize Stripe for Payment Processing to Rebuild Stripe payment processing foundation in Laravel 2026-05-25 23:15:19 -05:00
jimmyb self-assigned this 2026-06-03 22:11:56 -05:00
Codex commented 2026-06-03 23:31:59 -05:00
Member
Copy link

Implemented in 34366de (Build Stripe donation and billing foundation).

Notes for follow-up work:

  • Stripe integration uses Laravel Cashier v16, with App\Models\User using Billable and the legacy users.stripe_id kept as the customer identifier.
  • Config is env-backed through STRIPE_KEY, STRIPE_SECRET, STRIPE_WEBHOOK_SECRET, CASHIER_CURRENCY, donation settings, and STRIPE_PAID_ACCOUNT_PRICE_ID / STRIPE_PAID_ACCOUNT_SUBSCRIPTION_TYPE for future paid accounts.
  • Donations use server-side Stripe Checkout Sessions via a fakeable payment gateway and persist local donation state plus idempotent Stripe webhook event processing.
  • Paid-account groundwork now includes Cashier-compatible customer columns, subscriptions, subscription_items, a fakeable billing gateway, and an authenticated Customer Portal route.
  • Webhooks verify Stripe signatures and handle duplicate delivery before processing.

Verification:

  • php artisan test --compact tests/Feature/BillingFoundationTest.php tests/Feature/DonationTest.php passed: 21 tests, 102 assertions.
  • php artisan test --compact tests/Feature/RecentGamerUpdatesPageTest.php passed: 9 tests, 85 assertions.
  • git diff --check passed.
Implemented in `34366de` (`Build Stripe donation and billing foundation`). Notes for follow-up work: - Stripe integration uses Laravel Cashier v16, with `App\Models\User` using `Billable` and the legacy `users.stripe_id` kept as the customer identifier. - Config is env-backed through `STRIPE_KEY`, `STRIPE_SECRET`, `STRIPE_WEBHOOK_SECRET`, `CASHIER_CURRENCY`, donation settings, and `STRIPE_PAID_ACCOUNT_PRICE_ID` / `STRIPE_PAID_ACCOUNT_SUBSCRIPTION_TYPE` for future paid accounts. - Donations use server-side Stripe Checkout Sessions via a fakeable payment gateway and persist local donation state plus idempotent Stripe webhook event processing. - Paid-account groundwork now includes Cashier-compatible customer columns, subscriptions, subscription_items, a fakeable billing gateway, and an authenticated Customer Portal route. - Webhooks verify Stripe signatures and handle duplicate delivery before processing. Verification: - `php artisan test --compact tests/Feature/BillingFoundationTest.php tests/Feature/DonationTest.php` passed: 21 tests, 102 assertions. - `php artisan test --compact tests/Feature/RecentGamerUpdatesPageTest.php` passed: 9 tests, 85 assertions. - `git diff --check` passed.
Codex closed this issue 2026-06-03 23:33:12 -05:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
dev
No results found.
Labels
Clear labels   
automated

   
code-quality

   
component: admin dashboard
The issue is related to the admin dashboard functionality.

  
component: backend
The issue is related to the backend code.

  
component: billing
The issue is related to our billing and payment system functionality.

  
component: content management
The issue is related to site content and moderation functionality.

  
component: faqs
The issue relates to our frequency asked questions and their categories.

  
component: game genres
The issue is related to genres in relation to games.

  
component: game lists
The issue is related to user-facing game list functionality.

  
component: game reviews
The issue relates to the game reviews functionality.

  
component: game search
The issue is related to the user-facing game search functionality.

  
component: games
The issue relates to games in our database.

  
component: internal notifications
The issue is related to the functionality of notifications sent for internal usage.

  
component: platforms
The issue is related to platform functionality.

  
component: security
The issue relates to the security issues within the app.

  
component: tests
The issue relates to unit and feature tests.

  
component: user api
The issue relates to the user-facing API.

  
component: user badges
The issue is related to our badge/achievements functionality.

  
component: user blogs
The issue is related to blogging functionality.

  
component: user consoles
The issue is related to user console lists functionality.

  
component: user favorites
This is issue is related to the favorites functionality.

  
component: user friends
The issue relates to the friending functionality.

  
component: user notifications
The issue is related to user-facing notifications functionality.

  
component: user profiles
The issue is related to user profile functionality.

  
component: user site notifications
The issue relates to the functionality of notifications shown to users directly on the website.

  
component: user wishlists
This issue is related to the wishlists functionality.

  
component: web design
This issue is related to the design of the website.

  
dependencies
Pull requests that update a dependency file.

  
php
Pull requests that update PHP code.

  
priority
high
 The issue is considered a high priority.

  
priority
low
 This issue is considered a low priority.

  
priority
medium
 This issue is considered a medium priority.

  
security-hotspot

   
source: codex

   
source: sonarqube
  
status
awaiting feedback
 The issue is awaiting feedback from others.

  
status
backlog
 Issues that are in a backlog status.

  
status
done
 The issue has been completed and closed out.

  
status
in progress
 The issue is in progress and being actively worked on.

  
status
in queue
 The issue is in queue and will be worked on shortly.

  
status
in review
 The issue work has been completed and now the work needs to be reviewed.

  
status
needs codex review
 Use this tag to have Codex spiffy up your issue.

  
status
needs investigation
 The issue describes a problem which needs further investigation.

  
status
wontfix
 This issue will not be worked on.

  
type: bug
The issue describes something working the way it wasn't intended too.

  
type: documentation
Improvements or additions to site documentation.

  
type: feature
A new feature for the website.

  
type: improvement
An improvement on an existing feature.

  
type: regression
The issue describes a function that previously worked and no longer does.

  
type: task
A small-ish task.

No labels
automated
code-quality
component: admin dashboard
component: backend
component: billing
component: content management
component: faqs
component: game genres
component: game lists
component: game reviews
component: game search
component: games
component: internal notifications
component: platforms
component: security
component: tests
component: user api
component: user badges
component: user blogs
component: user consoles
component: user favorites
component: user friends
component: user notifications
component: user profiles
component: user site notifications
component: user wishlists
component: web design
dependencies
php
priority
high
priority
low
priority
medium
security-hotspot
source: codex
source: sonarqube
status
awaiting feedback
status
backlog
status
done
status
in progress
status
in queue
status
in review
status
needs codex review
status
needs investigation
status
wontfix
type: bug
type: documentation
type: feature
type: improvement
type: regression
type: task
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Laravel 13 + TailwindCSS
Assignees
Clear assignees
No assignees
jimmyb
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
MyVideoGameList/myvideogamelist.com#1
No description provided.