Overview
Stripe payment integration in Plainform with checkout sessions, webhooks, and manual capture support
Plainform uses Stripe for payment processing, providing secure checkout, subscription management, and webhook integration out of the box.
What is Stripe?
Stripe is a complete payment platform that handles:
- One-time payments and subscriptions
- Checkout sessions with hosted payment pages
- Webhook events for payment status updates
- Manual payment capture for order verification
- Automatic tax calculation
- Coupon and promotion codes
- Customer portal for subscription management
Stripe integration saves ~8 hours of development time by providing pre-configured payment flows and security compliance.
How Plainform Uses Stripe
Plainform integrates Stripe at three key points:
- Checkout Flow (
app/api/stripe/checkout/) - Creates Stripe checkout sessions with manual capture - Webhooks (
app/api/stripe/webhook/) - Processes payment events and updates database - Product Display (
lib/stripe/) - Fetches products, prices, and coupons for pricing section
For detailed information about Stripe's payment processing, security features, and advanced capabilities, see the official Stripe documentation.
Key Features in Plainform
Checkout Sessions
Pre-configured checkout with:
- Hosted payment page (no PCI compliance needed)
- Automatic tax calculation
- Manual capture for order verification
- Success/cancel URL redirects
Manual Payment Capture
Plainform uses manual capture mode for one-time payments:
- Payment is authorized but not charged immediately
- Allows order verification before capturing funds
- Can cancel authorization if order is invalid
- Capture or cancel via Stripe Dashboard or API
Webhook Integration
Real-time payment event processing:
checkout.session.completed- Order createdpayment_intent.succeeded- Payment capturedcustomer.subscription.created- Subscription started- Cache revalidation for products and coupons
Product & Pricing Display
Dynamic pricing section:
- Fetches products from Stripe API
- Displays prices with currency formatting
- Shows active coupons and discounts
- Cached with Next.js revalidation tags
Subscription Support
Full subscription lifecycle:
- Create subscription plans in Stripe Dashboard
- Automatic recurring billing
- Customer portal for plan management
- Webhook events for subscription changes
Environment Variables
Required Stripe configuration in .env:
# Public key (client-side)
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=pk_test_...
# Secret key (server-side only)
STRIPE_SECRET_KEY=sk_test_...
# Webhook secret (for signature verification)
STRIPE_WEBHOOK_SECRET=whsec_...Never expose STRIPE_SECRET_KEY or STRIPE_WEBHOOK_SECRET in client-side code. These are server-only secrets.
Payment Flow
One-Time Payment
User clicks "Buy Now"
↓
POST /api/stripe/checkout
↓
Stripe Checkout Session created (manual capture)
↓
User completes payment
↓
Webhook: checkout.session.completed
↓
Order saved to database (payment authorized)
↓
Manual review/verification
↓
Capture payment via Stripe Dashboard
↓
Webhook: payment_intent.succeeded
↓
Order marked as paidSubscription Payment
User selects subscription plan
↓
POST /api/stripe/checkout (mode: subscription)
↓
Stripe Checkout Session created
↓
User completes payment
↓
Webhook: customer.subscription.created
↓
Subscription saved to database
↓
Automatic recurring billingSecurity Features
- PCI Compliance - Stripe handles all payment data
- Webhook Signature Verification - Validates webhook authenticity
- Rate Limiting - Prevents checkout abuse (5 requests per 10 seconds)
- Manual Capture - Review orders before charging
- HTTPS Only - All API calls over secure connection
Performance Considerations
- Cached Product Data - Products fetched with
force-cacheand revalidation tags - Server-Side Only - Stripe client initialized with
'server-only'directive - Webhook Optimization - Fast event processing with targeted cache invalidation
- Minimal Client JS - Checkout redirects to Stripe-hosted page
Related Resources
How is this guide ?
Last updated on