Get in touch
This website uses cookies to better the user experience of its visitors. Where applicable, this website uses a cookie control system, allowing users to allow or disallow the use of cookies on their computer/device on their first visit to the website. This complies with recent legislative requirements for websites to obtain explicit consent from users before leaving behind or reading files such as cookies on a user’s computer/device. To learn more click Cookie Policy.

Privacy preference center

Cookies are small files saved to a user’s computer/device hard drive that track, save, and store information about the user’s interactions and website use. They allow a website, through its server, to provide users with a tailored experience within the site. Users are advised to take necessary steps within their web browser security settings to block all cookies from this website and its external serving vendors if they wish to deny the use and saving of cookies from this website to their computer’s/device’s hard drive. To learn more click Cookie Policy.

Manage consent preferences

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
Cookies list
Name _rg_session
Provider rubygarage.org
Retention period 2 days
Type First party
Category Necessary
Description The website session cookie is set by the server to maintain the user's session state across different pages of the website. This cookie is essential for functionalities such as login persistence, ensuring a seamless and consistent user experience. The session cookie does not store personal data and is typically deleted when the browser is closed, enhancing privacy and security.
Name m
Provider m.stripe.com
Retention period 1 year 1 month
Type Third party
Category Necessary
Description The m cookie is set by Stripe and is used to help assess the risk associated with attempted transactions on the website. This cookie plays a critical role in fraud detection by identifying and analyzing patterns of behavior to distinguish between legitimate users and potentially fraudulent activity. It enhances the security of online transactions, ensuring that only authorized payments are processed while minimizing the risk of fraud.
Name __cf_bm
Provider .pipedrive.com
Retention period 1 hour
Type Third party
Category Necessary
Description The __cf_bm cookie is set by Cloudflare to support Cloudflare Bot Management. This cookie helps to identify and filter requests from bots, enhancing the security and performance of the website. By distinguishing between legitimate users and automated traffic, it ensures that the site remains protected from malicious bots and potential attacks. This functionality is crucial for maintaining the integrity and reliability of the site's operations.
Name _GRECAPTCHA
Provider .recaptcha.net
Retention period 6 months
Type Third party
Category Necessary
Description The _GRECAPTCHA cookie is set by Google reCAPTCHA to ensure that interactions with the website are from legitimate human users and not automated bots. This cookie helps protect forms, login pages, and other interactive elements from spam and abuse by analyzing user behavior. It is essential for the proper functioning of reCAPTCHA, providing a critical layer of security to maintain the integrity and reliability of the site's interactive features.
Name __cf_bm
Provider .calendly.com
Retention period 30 minutes
Type Third party
Category Necessary
Description The __cf_bm cookie is set by Cloudflare to distinguish between humans and bots. This cookie is beneficial for the website as it helps in making valid reports on the use of the website. By identifying and managing automated traffic, it ensures that analytics and performance metrics accurately reflect human user interactions, thereby enhancing site security and performance.
Name __cfruid
Provider .calendly.com
Retention period During session
Type Third party
Category Necessary
Description The __cfruid cookie is associated with websites using Cloudflare services. This cookie is used to identify trusted web traffic and enhance security. It helps Cloudflare manage and filter legitimate traffic from potentially harmful requests, thereby protecting the website from malicious activities such as DDoS attacks and ensuring reliable performance for genuine users.
Name OptanonConsent
Provider .calendly.com
Retention period 1 year
Type Third party
Category Necessary
Description The OptanonConsent cookie determines whether the visitor has accepted the cookie consent box, ensuring that the consent box will not be presented again upon re-entry to the site. This cookie helps maintain the user's consent preferences and compliance with privacy regulations by storing information about the categories of cookies the user has consented to and preventing unnecessary repetition of consent requests.
Name OptanonAlertBoxClosed
Provider .calendly.com
Retention period 1 year
Type Third party
Category Necessary
Description The OptanonAlertBoxClosed cookie is set after visitors have seen a cookie information notice and, in some cases, only when they actively close the notice. It ensures that the cookie consent message is not shown again to the user, enhancing the user experience by preventing repetitive notifications. This cookie helps manage user preferences and ensures compliance with privacy regulations by recording when the notice has been acknowledged.
Name referrer_user_id
Provider .calendly.com
Retention period 14 days
Type Third party
Category Necessary
Description The referrer_user_id cookie is set by Calendly to support the booking functionality on the website. This cookie helps track the source of referrals to the booking page, enabling Calendly to attribute bookings accurately and enhance the user experience by streamlining the scheduling process. It assists in managing user sessions and preferences during the booking workflow, ensuring efficient and reliable operation.
Name _calendly_session
Provider .calendly.com
Retention period 21 days
Type Third party
Category Necessary
Description The _calendly_session cookie is set by Calendly, a meeting scheduling tool, to enable the meeting scheduler to function within the website. This cookie facilitates the scheduling process by maintaining session information, allowing visitors to book meetings and add events to their calendars seamlessly. It ensures that the scheduling workflow operates smoothly, providing a consistent and reliable user experience.
Name _gat_UA-*
Provider rubygarage.org
Retention period 1 minute
Type First party
Category Analytics
Description The _gat_UA-* cookie is a pattern type cookie set by Google Analytics, where the pattern element in the name contains the unique identity number of the Google Analytics account or website it relates to. This cookie is a variation of the _gat cookie and is used to throttle the request rate, limiting the amount of data collected by Google Analytics on high traffic websites. It helps manage the volume of data recorded, ensuring efficient performance and accurate analytics reporting.
Name _ga
Provider rubygarage.org
Retention period 1 year 1 month 4 days
Type First party
Category Analytics
Description The _ga cookie is set by Google Analytics to calculate visitor, session, and campaign data for the site's analytics reports. It helps track how users interact with the website, providing insights into site usage and performance.
Name _ga_*
Provider rubygarage.org
Retention period 1 year 1 month 4 days
Type First party
Category Analytics
Description The _ga_* cookie is set by Google Analytics to store and count page views on the website. This cookie helps track the number of visits and interactions with the website, providing valuable data for performance and user behavior analysis. It belongs to the analytics category and plays a crucial role in generating detailed usage reports for site optimization.
Name _gid
Provider rubygarage.org
Retention period 1 day
Type First party
Category Analytics
Description The _gid cookie is set by Google Analytics to store information about how visitors use a website and to create an analytics report on the website's performance. This cookie collects data on visitor behavior, including pages visited, duration of the visit, and interactions with the website, helping site owners understand and improve user experience. It is part of the analytics category and typically expires after 24 hours.
Name _dc_gtm_UA-*
Provider rubygarage.org
Retention period 1 minute
Type First party
Category Analytics
Description The _dc_gtm_UA-* cookie is set by Google Analytics to help load the Google Analytics script tag via Google Tag Manager. This cookie facilitates the efficient loading of analytics tools, ensuring that data on user behavior and website performance is accurately collected and reported. It is categorized under analytics and assists in the seamless integration and functioning of Google Analytics on the website.
Get in touch

How to Integrate Stripe Checkout in Your Rails App

  • 47741 views
  • 6 min
  • Dec 19, 2016
Herman F.

Herman F.

Ruby/JS Developer

Sviatoslav A.

Sviatoslav A.

Copywriter

Tags:

Ruby Trends
Subscribe

Share

Stripe is a recognized payment gateway that provides a well-documented API for integrating Stripe into Ruby on Rails applications. This article will walk you through the entire process of integrating Stripe with a Rails app.

Stripe is PCI-compliant, which is very convenient. Stripe automatically saves critical payment data on its own servers and implements necessary security standards, such as encryption of credit card data.

To add the Stripe Checkout gateway to your Rails app, follow these steps:

  • Create a developer account on Stripe’s website.
  • Install the Stripe gem in your project using Bundler.
  • Configure Stripe keys.
  • Create routes, the charges controller, and the Stripe charges service object.

We’ll concentrate on the Ruby on Rails backend, so you’ll need to create the payment form manually. For this article, we’ll use Stripe Checkout. But you can also consult the Stripe website for what the standard payment form might look like and create a custom form when needed.

Create a Developer Profile on Stripe

As we mentioned earlier, you’ll need your own profile on Stripe's website to obtain the API keys for development and production. Stripe’s API keys will be necessary to test the integration of the payment gateway.

Once you’ve created a developer account, sign in to Stripe, go to Your Account / Account Settings and click on ‘API Keys.’ Or simply click on this direct link: Stripe Dashboard => API keys to get there.

You’ll see API keys similar to those shown in the screenshot below. The Test Secret Key and Test Publishable Key are what we’ll use in this article – only for the purpose of demonstrating how Stripe integrates with a Rails application. You should employ your Stripe Live keys only when you’re ready to deploy your payment gateway for production.

API keys for Stripe

Create a Stripe Payment Form

You won’t be able to charge your clients without a payment form, so you’ll have to create one. The simplest way to create a payment form to accept Stripe payments is to use Stripe Checkout. Stripe automatically generates a minimally acceptable – yet practical – payment form. You only need to include this code on your payment page to get the basic form:

As we can see, this is just a form with a Stripe Checkout script. You have to include two attributes in the script to make it work. First, provide a link to checkout.js in the source attribute. Second, make sure you insert your API key, more specifically, the Test Publishable key. Copy your key in the data-key attribute.

Once you add this form to your payment page, you’ll see a standard Stripe Checkout payment button. When the client clicks on this button, an automatically generated payment form will appear. Upon submission, Stripe Checkout will validate the payment card details and will generate a token. This token will be added as a hidden element in the payment form and submitted to your server.

At this point you only need to accept the token on your backend – but we’ll do this later in the charges controller. If you want to customize the Stripe Checkout payment form, you can use some attributes such as data-name, data-image, or data-description, as we’ve included in the script tag above. These details are completely optional, however.

Keep in mind that if you want a fully custom payment form, you’ll have to create a token and a handler for submitting this Stripe token to your server. You’ll also need to add a couple of scripts:

and

Your main script must accept payment data from the payment form and run a callback function – a handler – that will add another input field to your payment form: 

The handler will also submit the form to your server. If you don’t add this input field with the Stripe token, you won’t be able to accept charges on the backend.

To simplify and speed up the integration of Stripe into your Rails application, we recommend using Stripe Checkout. Then, once everything is working fine, you can design your own custom payment form.

Install Stripe in Your Rails Project

Let’s work now on the backend functionality. Open the Gemfile for your Ruby on Rails project and add the following line of code:

Next, install the Stripe gem with the following command:

Finally, create a new controller for Stripe charges via the command line:

Let’s now configure the Stripe API keys.

Configure the Stripe Keys

Log back into your Stripe account and open the API Keys tab. As we mentioned before, the test keys can only be used for your development environment. 

Save your API keys in the secrets.yml file under the config folder. And don't lay open your production keys, as doing so will compromise the security of your application!

The keys we provided above are only examples, and were retrieved from our test account on Stripe. Now you need to open the stripe.rb file, which is created in the initializers folder under config. Add the following code to the file:

You can only write test keys directly into the stripe.rb file. Production keys must be saved in the environmental variables, like this – ENV['STRIPE_PUBLISHABLE_KEY'] and ENV['STRIPE_SECRET_KEY'].

The next step is to configure routes and to create the Stripe charges controller class. You need to write routes for charges in the routes.rb file that is located in the config folder. Add the following code to it:

Write the Stripe Charges Controller and Service Object

Remember when we created the charges controller class? Now you need to add the following code to it:

As we can see, the charges controller only creates a new Stripe charge with several parameters – the ID of an order, a token, and a client email. The Stripe token is the main parameter. And don’t forget to catch errors in your code.

Now let’s write code for our service object. The Stripe charges services class looks like this:

As we can see, with this service class we’re able to charge clients and check whether they’re new or they’ve already registered. Make sure that the default currency is correct.

Test the payment procedure once you’ve completed all of these steps. You can use Stripe's standard test credit card number (4242 4242 4242 4242), CVV (123), and any future date to check if your application gets back the token from Stripe.

Once you’ve completed all the steps described above, you’ve successfully integrated Stripe Checkout into your Rails application. Now you can create a custom payment form and use the live API keys, and you can let clients pay with Stripe on your website.

CONTENTS

Tags:

Ruby Trends

Authors:

Herman F.

Herman F.

Ruby/JS Developer

Sviatoslav A.

Sviatoslav A.

Copywriter

Rate this article!

Nay
So-so
Not bad
Good
Wow
14 rating, average 4.43 out of 5

Share article with

Comments (8)
Anandia Muhammad Yudhistira
Anandia Muhammad Yudhistira over 6 years ago
any source code from this tutorial?
Reply
Maryna Z.
Maryna Z. over 6 years ago
Hey! Unfortunately we can't provide you with a link to the application source code, but you can always check out the manual we've provided for you. Stay tuned! :)
Reply
Mohammed Shariff
Mohammed Shariff over 6 years ago
Hello guys, this blog was very helpful, however at the end, yes I do get the stripe token back, but I get the error, undefined method stripe token for User.... What is this about.
Reply
Maryna Z.
Maryna Z. over 6 years ago
Hi! Could you please provide us with more details of this case since it's quite complicated to find out what's wrong with the method?
Reply
Crystal Williams-Brown
Crystal Williams-Brown over 6 years ago
Currently my app is using stripe to limit access to certain pages, however, I want my admins to retain access. How can this be accomplished?
Reply
Maryna Z.
Maryna Z. over 6 years ago
Hey! It looks like the issue you described is connected with the business logic of your application. Stripe only provides an interface for making payments and creating subscriptions that are further adapted to the application's abstractions. Though you may try the following approach: to grant your admins with an extra access, you can create an additional subscription plan in an app that will be used by your admins.
Reply
Daniel Mockaitis
Daniel Mockaitis over 6 years ago
Hey, how would I be able to do this with a rails API? Is that possible?
Reply
Maryna Z.
Maryna Z. about 6 years ago Daniel Mockaitis
Hi there! Yeap, that is possible and the backend part will remain almost the same as described in the article. Though you'll need to create a custom checkout form depending on your project's frontend. I hope this information is helpful ;)
Reply

Subscribe via email and know it all first!

Recommended Articles
Stripe vs PayPal vs Braintree: How do these payment platforms ...
Stripe vs PayPal vs Braintree: How do these payment platforms compare?
How to Use Live Chat Software for Business
How to Use Live Chat Software for Business
Best Tools for Building Augmented Reality Mobile Apps
Best Tools for Building Augmented Reality Mobile Apps