How to Build a Payment Gateway API with Stripe and Node.js

Building a payment gateway API with Stripe and Node.js can provide a seamless and secure way to accept online payments in web applications. By integrating Stripe’s powerful payment processing capabilities with the flexibility and ease of Node.js, developers can create a reliable and efficient payment solution. In this guide, we will explore how to build a payment gateway API with Stripe and Node.js, focusing on API design, handling payment transactions, ensuring security, and optimizing performance. Join me in this journey to leverage APIs and web services to enhance your payment processing capabilities.

In the rapidly evolving world of online commerce, integrating a payment gateway is a fundamental aspect of any e-commerce application. This guide provides a comprehensive overview of building a payment gateway API using Stripe and Node.js. With Stripe, developers can easily accept online payments while ensuring security and reliability. Let’s dive into the steps required to create your own payment gateway.

Table of Contents

Requirements

To follow this tutorial, you will need:

Basic knowledge of JavaScript and Node.js.
An account on Stripe.
Node.js and npm installed on your machine.
A code editor like Visual Studio Code.

Setting Up the Environment

Start by creating a new directory for your project and initializing it as a Node.js application.

mkdir stripe-payment-gateway
cd stripe-payment-gateway
npm init -y

Installing Required Packages

Install the required Node.js packages. We will need the following:

express – for handling HTTP requests.
body-parser – to parse incoming request bodies.
stripe – the official Stripe library for Node.js.

Run the following command to install these packages:

npm install express body-parser stripe

Creating Your Payment Gateway

1. Set Up Express Server

Create a new file called server.js in your project directory and set up a basic Express server:

const express = require('express');
const bodyParser = require('body-parser');
const stripe = require('stripe')('your_stripe_secret_key');

const app = express();
const PORT = process.env.PORT || 3000;

app.use(bodyParser.json());
app.listen(PORT, () => {
    console.log(`Server is running on http://localhost:${PORT}`);
});

Make sure to replace your_stripe_secret_key with your actual Stripe secret key, which you can find in your Stripe dashboard.

2. Create Payment API Endpoint

Next, you need to create an endpoint to handle payment requests. Add the following code to your server.js file:

app.post('/create-payment-intent', async (req, res) => {
    const { amount } = req.body;

    try {
        // Create a PaymentIntent with the order amount and currency
        const paymentIntent = await stripe.paymentIntents.create({
            amount: amount, // Amount should be in cents
            currency: 'usd',
        });

        res.status(200).send({
            clientSecret: paymentIntent.client_secret,
        });
    } catch (error) {
        res.status(500).send({
            error: error.message,
        });
    }
});

This endpoint will accept a payment amount in cents and create a PaymentIntent with https://stripe.com/docs/api/payment_intents.

3. Testing Your Payment API

To test your Payment API, you can use a tool like Postman or cURL. Send a POST request to http://localhost:3000/create-payment-intent with a JSON body:

{
    "amount": 5000 // This is $50.00
}

You should receive a response containing the client_secret, which will be used on the client-side to complete the payment flow.

Integrating Stripe on the Frontend

1. Setting Up HTML & JavaScript

Create a simple HTML file called index.html in your project directory:

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Payment Integration</title>
    <script src="https://js.stripe.com/v3/"></script>
</head>
<body>
    <h1>Stripe Payment Gateway</h1>
    <form id="payment-form">
        <div id="card-element"></div>
        <button id="submit">Pay</button>
        <div id="payment-result"></div>
    </form>

    <script>
        const stripe = Stripe('your_stripe_publishable_key');
        const elements = stripe.elements();
        const cardElement = elements.create('card');
        cardElement.mount('#card-element');

        const form = document.getElementById('payment-form');
        form.addEventListener('submit', async (event) => {
            event.preventDefault();
            const { clientSecret } = await fetch('/create-payment-intent', {
                method: 'POST',
                headers: { 'Content-Type': 'application/json' },
                body: JSON.stringify({ amount: 5000 }),
            }).then(r => r.json());
            const { error, paymentIntent } = await stripe.confirmCardPayment(clientSecret, {
                payment_method: { card: cardElement }
            });
            if (error) {
                document.getElementById('payment-result').textContent = error.message;
            } else {
                document.getElementById('payment-result').textContent = 'Payment successful!';
            }
        });
    </script>
</body>
</html>

Replace your_stripe_publishable_key with your Stripe publishable key from your Stripe dashboard.

2. Running Your Application

To run your Node.js application, execute:

node server.js

Now, open your browser and navigate to http://localhost:3000/index.html to access your payment form. You can test the payment process by entering a test card number from Stripe’s documentation.

Security Considerations

When building a payment gateway API, it’s essential to consider security:

Always use HTTPS in production environments to secure data transmission.
Do not expose your secret API keys on the client side.
Implement proper error handling and logging to monitor transactions.
Use webhooks to listen for events such as successful payments or payment failures, enhancing transaction reliability.

Using Webhooks for Payment Confirmation

To handle asynchronous events like payment status, you need to set up a webhook endpoint. Add the following code to your server.js file:

app.post('/webhook', express.raw({ type: 'application/json' }), (req, res) => {
    const sig = req.headers['stripe-signature'];

    let event;

    try {
        event = stripe.webhooks.constructEvent(req.body, sig, 'your_webhook_secret');
    } catch (err) {
        console.log(`Webhook Error: ${err.message}`);
        return res.status(400).send(`Webhook Error: ${err.message}`);
    }

    if (event.type === 'payment_intent.succeeded') {
        const paymentIntent = event.data.object;
        console.log('PaymentIntent was successful!');
    } else {
        console.log(`Unhandled event type ${event.type}`);
    }

    res.json({ received: true });
});

Make sure to replace your_webhook_secret with your actual Stripe webhook secret.

Conclusion

Building a payment gateway API using Stripe and Node.js enables you to securely process payments online. By following the above steps, you can create a robust payment integration that meets your application’s needs. Remember to focus on security and user experience as you continue developing your application.

Building a Payment Gateway API with Stripe and Node.js offers a powerful solution for processing online payments securely and efficiently. By leveraging the robust functionalities of Stripe and the flexibility of Node.js, developers can create a seamless payment experience for users, integrate with various platforms, and streamline transaction processes. This integration showcases the potential of APIs and web services to enhance e-commerce operations and drive business growth through innovation and user-friendly solutions.