我使用stripe作为我的支付提供商,并在从stripe返回的数据库中存储加密的信用卡ID。
我的问题是,从GUI客户可以再次添加相同的卡。我看到条纹不会阻止为同一个客户多次添加同一张卡。由于条带始终为同一张卡生成不同的加密卡ID,因此我无法使用它来验证是否再次添加相同的卡。
如何阻止客户再次添加相同的卡片。
答案 0 :(得分:10)
看起来我知道了。我可以使用json响应中返回的指纹。我看到条纹仪表板,发现同一张卡的指纹总是一样的,我再次添加了。
这是json请求和确认响应
请求
{
"source": {
"number": "378282246310005",
"cvc": "123",
"address_line2": "4th Floor",
"address_line1": "140 2nd Street",
"address_country": "USA",
"name": "VIAY KUMAR",
"address_state": "CA",
"exp_month": 12,
"exp_year": 2015,
"address_zip": "94105",
"address_city": "San Francisco",
"object": "card"
}
}
响应
{
"id": "card_166H9rC8Y8JrMFgBh9GVsmNG",
"object": "card",
"status": null,
"exp_month": 12,
"exp_year": 2015,
"last4": "0005",
"country": "US",
"type": null,
"name": "VIAY KUMAR",
"customer": "cus_6IrxhfwXNyD1Uw",
"recipient": null,
"address_line1": "140 2nd Street",
"address_line2": "4th Floor",
"address_zip": "94105",
"address_city": "San Francisco",
"address_state": "CA",
"address_country": "USA",
"address_zip_check": "pass",
"address_line1_check": "pass",
"cvc_check": "pass",
"fingerprint": "TwjSA2KqPDhSMUvQ",
"brand": "American Express",
"funding": "credit"
}
再次添加了相同的卡片并获得了不同的卡片ID但是同样的指纹: - )
请求
{
"source": {
"number": "378282246310005",
"cvc": "123",
"address_line2": "4th Floor",
"address_line1": "140 2nd Street",
"address_country": "USA",
"name": "VIAY KUMAR",
"address_state": "CA",
"exp_month": 12,
"exp_year": 2015,
"address_zip": "94105",
"address_city": "San Francisco",
"object": "card"
}
}
响应
{
"id": "card_166HKVC8Y8JrMFgBfvbHPgk2",
"object": "card",
"status": null,
"exp_month": 12,
"exp_year": 2015,
"last4": "0005",
"country": "US",
"type": null,
"name": "VIAY KUMAR",
"customer": "cus_6IrxhfwXNyD1Uw",
"recipient": null,
"address_line1": "140 2nd Street",
"address_line2": "4th Floor",
"address_zip": "94105",
"address_city": "San Francisco",
"address_state": "CA",
"address_country": "USA",
"address_zip_check": "pass",
"address_line1_check": "pass",
"cvc_check": "pass",
"fingerprint": "TwjSA2KqPDhSMUvQ",
"brand": "American Express",
"funding": "credit"
}
答案 1 :(得分:2)
感谢Vijay的上述答案。
我在我的Rails应用程序中编写了以下Ruby代码来检查这一点。
将相关的# Retrieve the customer we're adding this token to
customer = Stripe::Customer.retrieve(@user.stripe_customer_id)
# Retrieve the token
token = Stripe::Token.retrieve(params[:stripeToken])
# The fingerprint of the card is stored in `card.fingerprint`
card_fingerprint = token.card.fingerprint
# Check if the card fingerprint submitted matches one of the customer's current sources
fingerprint_already_exists = customer.sources.any? {|source| source[:fingerprint] == card_fingerprint}
if fingerprint_already_exists
# You can do whatever you want here. I've personally set a flash message to let the user know this card is already on their account
flash[:warning] = "That card already exists on your account."
redirect_to user_path(@user) and return
end
# Continue adding the source as normal
customer.sources.create(source: params[:stripeToken])
# Anything else you want to do...
flash[:success] = "Your account has been updated."
redirect_to user_path(@user) and return
变量替换为您自己的变种。
{{1}}
答案 2 :(得分:2)
Stripe生成的fingerprint对每张卡都是唯一的。取自文档:
指纹字符串
唯一标识此特定卡号。例如,您可以使用此属性来检查与您注册的两位客户是否使用相同的卡号。
假设您此时已有customer个对象(要么是新的或要更新的对象),这将允许您添加一张卡并将其设为默认值,而不会重复:
// $customer = \Stripe\Customer::retrieve( $clicker->customer );
/**
* Add the card, but only if it does not exist. Make it default in any case.
**/
$token = \Stripe\Token::retrieve( $_POST['stripeToken'] );
$card = null;
/** Does this customer already have this card? If so, find it. **/
foreach ( $customer->sources['data'] as $source ) {
if ( $source['fingerprint'] == $token['card']->fingerprint ) {
$card = $source;
}
}
/** If not, add the new card to the customer **/
if ( is_null( $card ) ) {
$card = $customer->sources->create( array( 'source' => $_POST['stripeToken'] ) );
}
$customer->default_source = $card->id;
$customer->save();
您可以将其包含在通常的try / catch中,如文档所示。
话虽如此,从用户的角度来看,如果可能的话,最好向他们展示他们的卡片列表(last4 +过期日期)并让他们选择他们喜欢的卡片。收费 - 而不是不必要地询问他们的信息。