Stripe Checkout (Fiat)

Stripe Checkout session that drops a webhook into our token generator right after payment success, minting a bandwidth‑limited token with an explicit expiry timestamp.

See Integration Plan

Flow overview

  1. User clicks “Purchase” on WordPress.
  2. Stripe Checkout session completes.
  3. Webhook hits `/api/payments/stripe/webhook`.
  4. Backend runs generate_vpn_token.sh and returns the token + expiry date on-screen.

Integration steps

Prep the WordPress site and backend so Stripe can mint tokens automatically when payouts activate.

WordPress

Checkout page

Use Stripe’s official plugin or WP-Simple-Pay. Embed the “Purchase VaderVPN Access” button and set the success URL to https://yourdomain/pay/fiat/success.

Webhook

Event listener

Create an endpoint (e.g. `/api/payments/stripe/webhook`) that validates signatures, ensures `checkout.session.completed`, and calls the token generator with plan metadata.

Token delivery

Notify customer

Return JSON to WordPress and send email with the token display value. Offer an instant copy on the success page that warns about one-time visibility.

Webhook payload schema

Use this structure to align the webhook handler with the MariaDB token store (bandwidth tiers only).

{
  "event": "checkout.session.completed",
  "data": {
    "id": "cs_test_a1b2c3",
      "amount_total": 1900,
      "currency": "usd",
      "metadata": {
      "bandwidth_bytes": "53687091200",
      "bandwidth_label": "50GB",
      "token_note": "stripe:cs_test_a1b2c3"
      }
    }
  }

Map `bandwidth_bytes` into generate_vpn_token.sh --rules. The client displays the expiry timestamp returned by the mint response.

Testing plan

Before launch, run these cases in Stripe test mode.