4

I'm trying to create a subscription package using Stripe.. Here what I have so far

My controller method.

     def subscription_one
        session[:tab] = "$1.99/Month"
        @subscription = Subscription.where(user_id:current_user.id)
      end
     def create
      @subscription = Subscription.new(params[:subscription])
      if @subscription.save_with_payment
        redirect_to @subscription, :notice => "Thank you for subscribing!"
      else
        render :new
      end
    end

subscription_one.html.erb

<% if @subscription.present? %>
    CREDIT CARD DETAILS PRESENT
<% else %>
    <form action="/membership/apply" method="POST" id="payment-form">
        <article>
            <label class="amount"> <span>Amount: $5.00</span> </label>
        </article>

        <script src="https://checkout.stripe.com/checkout.js" class="stripe-button"
        data-key="<%= Rails.configuration.stripe[:publishable_key] %>"
        data-description="A month's subscription"
        data-amount="500"></script>

<% end %>

After I give all values in fields that appear, when I submit I get an error

ActionController::InvalidAuthenticityToken in MembershipController#create

Any ideas?

Peter Souter
  • 5,110
  • 1
  • 33
  • 62
Nidhin S G
  • 1,685
  • 2
  • 15
  • 45

2 Answers2

4

Several issues:

--

Form

The form you've included is hard coded

The problem you have is, as stated by Philidor Green, this form won't have the correct authenticity token provided by Rails. As a rule of thumb, Rails provides helpers for most HTML elements, allowing you to create consistent code for your app:

<%= form_tag path do %>
<% end %>

You should use form_tag for this

--

Subscription

Subscription.new(params[:subscription])

Should be:

def subscribed_one
    Subscription.new(subscription_params)
end

private

def subscription_params
    params.require(:subscription).permit(:params, :attributes)
end

--

Update

To handle this, I'd do this:

#view
<% if @subscription.present? %>
    Credit Card Details Present
<% else %>
   <%= form_tag membership_apply_path, id: "payment-form" do %>
        <%= content_tag :article do %>
            <%= label_tag class: "amount" %>
            <%= content_tag :span, "Amount: $5.00" %>
        <% end %>
        <% submit_tag "Susbcribe" %>
   <% end %>
<% end %>

#app/views/layouts/application.html.erb
<script src="https://checkout.stripe.com/checkout.js" class="stripe-button"
        data-key="<%= Rails.configuration.stripe[:publishable_key] %>"
        data-description="A month's subscription"
        data-amount="500">
</script>

#app/controllers/subscriptions_controller.rb
 def subscription_one
      session[:tab] = "$1.99/Month"
      @subscription = Subscription.where(user_id:current_user.id)
 end

 def create
    @subscription = Subscription.new(params[:subscription])
    if @subscription.save_with_payment
      redirect_to @subscription, :notice => "Thank you for subscribing!"
    else
      render :new
    end
end
Community
  • 1
  • 1
Richard Peck
  • 76,116
  • 9
  • 93
  • 147
2

I found a workaround, maybe to simple to be honest, it's the standard stripe checkout, replacing standart Form element by for_path. It seems working :

 <%= form_tag stripe_user_standart_charge_checkout_path do %>
  <script
    src="https://checkout.stripe.com/checkout.js" class="stripe-button"
    data-key="..."
    data-amount="999"
    data-name="Grégoire Mulliez"
    data-description="Timee"
    data-zip-code="true"
    data-image="https://stripe.com/img/documentation/checkout/marketplace.png"
    data-locale="auto"
    data-currency="eur">
  </script>
<% end %>

stripe_user_standart_charge_checkout_path is whatever route you want, don't forget to define it as POST (not get) in your routes.rb

Edit : you can retrieve hour transaction token using this method, also I added some html hidden fields to revrieve and the same time my transaction details , it's working like a charme

Gregoire Mulliez
  • 1,132
  • 12
  • 20