条带令牌未转移到控制器导轨 4

Posted 2023-03-03

【中文标题】条带令牌未转移到控制器导轨 4

【英文标题】：Stripe token not carrying over to controller rails 4

【发布时间】：2014-01-30 15:47:16

【问题描述】：

问题

我已经测试了 CoffeeScript，并且表单调用了 Stripe，使用正确的响应令牌设置了隐藏字段并提交了表单。我的问题是，一旦提交，控制器似乎没有正确获取令牌并引发此错误：Stripe::InvalidRequestError - 您必须提供卡或客户 ID。

接下来，我厌倦了将生成的令牌硬编码到控制器中，看看这是否可行。我提交了表格，该表格有效，并且在 Stripes 端收到了付款。我几乎不知道下一步该尝试什么。我想知道我是否忘记了什么或遗漏了什么，因为付款嵌套在分配下。

宝石版本

红宝石：2.1.0 导轨：4.0.1 条纹：1.9.9

文件

/payment/new.html.erb

<%= form_for([@assignment, @payment]) do |f| %>
  <% if @payment.errors.any? %>
    <div class="error_messages">
      <h2><%= pluralize(@payment.errors.count, "error") %> prohibited this subscription from being saved:</h2>
      <ul>
        <% @payment.errors.full_messages.each do |msg| %>
          <li><%= msg %></li>
        <% end %>
      </ul>
    </div>
  <% end %>

  <%= f.hidden_field :stripe_customer_token %>

  <% if @payment.stripe_customer_token.present? %>
    <p>This assignment has already been paid for.</p>
  <% else %>

    <div class="field">
      <%= label_tag :card_number, "Credit Card Number" %>
      <%= text_field_tag :card_number, nil, name: nil, placeholder: "00000000000000" %>
    </div>
    <div class="row">
      <div class="field card__dates">
        <%= label_tag :card_month, "Card Expiration" %>
        <%= select_month nil, add_month_numbers: true, name: nil, id: "card_month" %>
        <%= select_year nil, start_year: Date.today.year, end_year: Date.today.year+15, name: nil, id: "card_year" %>
      </div>
      <div class="field card__cvv">
        <%= label_tag :card_code, "CVV" %>
        <%= text_field_tag :card_code, nil, name: nil, placeholder: "003", required: true, maxlength: 4, minlength: 3 %>
      </div>
    </div>

  <% end %>
  <div id="stripe_error">
    <noscript>javascript is not enabled and is required for this form. First enable it in your web browser settings.</noscript>
  </div>
  <div class="actions">
    <%= f.submit "Pay " + number_to_currency(@assignment.price.to_s), class: 'btn btn__primary btn__large btn--fill' %>
  </div>

payment_controller.rb

class PaymentsController < ApplicationController
  def new
    set_assignment
    @payment = @assignment.build_payment
    @price = @assignment.price
  end

  def create
    set_assignment
    @payment = @assignment.build_payment(payment_params)

    if save_with_payment
      redirect_to assignments_path, :notice => "Payment received, Thank you!"

      # since payment was successful, set assignment paid to true
      Assignment.update(@assignment, assignment_paid: true, project_status: "In Progress")
    else
      render :new
    end
  end

  private

    def save_with_payment

      # Set your secret key: remember to change this to your live secret key in production
      # See your keys here https://manage.stripe.com/account
      Stripe.api_key = Rails.configuration.stripe[:secret_key]

      # Get the credit card details submitted by the form
      token = params[:stripe_customer_token]

      # How much the assignment costs, which must be converted to cents
      @amount = (@price * 100)

      # Create the charge on Stripe's servers - this will charge the user's card
      begin
        charge = Stripe::Charge.create(
          :amount => @amount,
          :currency => "cad",
          :card => token,
          :description => "some description of the product"
        )
      rescue Stripe::CardError => e
        redirect_to @assignment, :notice => "The card has been declined"
      end
    end

    def set_assignment
      @assignment = Assignment.friendly.find(params[:assignment_id])
    end

    def payment_params
      params.require(:payment).permit(
        :stripe_customer_token
      )
    end
end

payment.js.coffee

$ ->
  Stripe.setPublishableKey($('meta[name="stripe-key"]').attr('content'))
  payment.setupForm()

payment =
  setupForm: ->
    $('#new_payment').submit ->
      $('input[type=submit]').attr('disabled', true)
      if $('#card_number').length
        payment.processCard()
        false
      else
        true

  processCard: ->
    card =
      number: $('#card_number').val()
      cvc: $('#card_code').val()
      expMonth: $('#card_month').val()
      expYear: $('#card_year').val()
    Stripe.createToken(card, payment.handleStripeResponse)

  handleStripeResponse: (status, response) ->
    if status == 200
      console.log response
      $('#payment_stripe_customer_token').val(response.id)
      $('#new_payment')[0].submit()
    else
      $('#stripe_error').text(response.error.message)
      $('input[type=submit]').attr('disabled', false)

payment.rb

class Payment < ActiveRecord::Base
  belongs_to :assignment
end

【参考方案1】：

至少我看到了两个问题。而且我猜在进步之后可能还会有更多。

您无权访问#save_with_payment 内的params

问题发生在这一行：

# Get the credit card details submitted by the form
token = params[:stripe_customer_token]

参数受 strong_params 保护，您无权访问它。

解决方法是允许 payment_params 中所有需要的参数，并在此方法中重用它。

其实#create中没有@price

这个问题与问题没有直接关系，但确实存在。

此实例变量@price 在#new 中。而#create 是另一个实例，所以你不能再拥有它了。

解决方法是从payment_params获取它

【讨论】：

感谢您的回复！我已经用您的解决方案更新了价格，这似乎解决了另一个问题。我确实设法通过将付款添加到参数 token = params[:payment][:stripe_customer_token]

来解决第一个问题