Adding a new tutorial for Turnstile [Developer Spotlight program]

[hideokamoto-stripe]

Summary

Here is a part of the content of Cloudflare Developer Spotlight program.
We're going to introduce the use case based tutorial using Cloudflare Turnstile.

Post address in the local env:
http://localhost:1111/turnstile/tutorials/protecting-your-payment-form-from-attackers-bots-using-turnstile

If you have any question, feedback, or concern, please feel free let us know.

Thanks.

Screenshots (optional)

Documentation checklist

• The documentation style guide has been adhered to.

[db-cloudflare]

Amazing work! Left come small suggestions throughout. Once both the style guide review and technical review have been complete we can merge this PR.

[patriciasantaana]

Suggested change

	This tutorial shows how you can build a more secure payment form using Turnstile. You can learn how to block bot access on the checkout page and trigger additional authentication flows by integrating Turnstile with Stripe
	This tutorial shows how you can build a more secure payment form using Turnstile. You can learn how to block bot access on the checkout page and trigger additional authentication flows by integrating Turnstile with Stripe.

[patriciasantaana]

Suggested change

	To efficiently create and manage multiple APIs, let's use [`Hono`](https://hono.dev). Hono is an open-source application framework released by a Cloudflare Developer Advocate. It is lightweight and allows for the creation of multiple API paths, as well as efficient request and response handling.
	Open your command line interface (CLI) and run the following command:
	To efficiently create and manage multiple APIs, let's use [`Hono`](https://hono.dev). Hono is an open-source application framework released by a Cloudflare Developer Advocate. It is lightweight and allows for the creation of multiple API paths, as well as efficient request and response handling.
	Open your command line interface (CLI) and run the following command:

[patriciasantaana]

Suggested change

	And place each keys into the `.dev.vars` file like the following:
	Then, place each key into the `.dev.vars` file like the following:

[patriciasantaana]

Suggested change

	After that, you can generate TypeScript type definition by running the `npm run cf-typegen` command.
	```sh
	After that, you can generate TypeScript type definition by running the `npm run cf-typegen` command.
	```sh

[patriciasantaana]

Suggested change

	Now we're ready for application development. In the next steps, we'll develop a payment form using Turnstile and Stripe.
	Now we are ready for application development. In the next steps, we will develop a payment form using Turnstile and Stripe.

[patriciasantaana]

Suggested change

	If you restart the application now, you'll notice that you can't submit the payment form.
	If you restart the application now, you will notice that you cannot submit the payment form.

[patriciasantaana]

Suggested change

	Then, add the process to call the created API.
	By executing this before calling Stripe's JavaScript SDK in the form's submit event, we can decide whether to proceed with the payment based on the server-side validation result:
	Then, add the process to call the created API.
	By executing this before calling Stripe's JavaScript SDK in the form's submit event, we can decide whether to proceed with the payment based on the server-side validation result:

[patriciasantaana]

Suggested change

	By adding this step, we now perform a two-stage check using Turnstile before the payment process.
	Since we're saving the Turnstile authentication result in the Stripe data, it's also easier to investigate if a user reports a payment failure.
	By adding this step, we now perform a two-stage check using Turnstile before the payment process.
	Since we are saving the Turnstile authentication result in the Stripe data, it is also easier to investigate if a user reports a payment failure.

[patriciasantaana]

Suggested change

	In online payments, it's necessary to protect applications from bot attacks such as card testing and DDoS.
	In online payments, it is necessary to protect applications from bot attacks such as card testing and DDoS attacks.

[patriciasantaana]

Added a few edits!

[db-cloudflare]

Suggested change

	So far, we've covered how to create a Cloudflare Worker project and introduced tools and open-source projects like the `C3` command and the `Hono` framework that streamline development with Cloudflare. Leveraging these features will help you develop applications on Cloudflare Workers more smoothly.
	So far, we've covered how to create a Worker project using `C3` and introduced the open source `Hono` framework that streamlines web-application development with Workers.

[hideokamoto-stripe]

Thank you @db-cloudflare and @patriciasantaana for reviewing!
I updated this draft 👍

[megaconfidence]

I shared some suggestions, but otherwise this article looks good to me.

[megaconfidence]

Suggested change

	To efficiently create and manage multiple APIs, let's use [`Hono`](https://hono.dev). Hono is an open-source application framework released by a Cloudflare Developer Advocate. It is lightweight and allows for the creation of multiple API paths, as well as efficient request and response handling.
	To efficiently create and manage multiple APIs, let's use [`Hono`](https://hono.dev). It is lightweight and allows for the creation of multiple API paths, as well as efficient request and response handling.

[megaconfidence]

Suggested change

	Get the publishable key and secret key for Stripe from the [Stripe dashboard].(https://dashboard.stripe.com/test/apikeys)
	Get the publishable key and secret key for Stripe from the [Stripe dashboard](https://dashboard.stripe.com/test/apikeys).

[megaconfidence]

Suggested change

	```diff
	```diff lang="ts"

[megaconfidence]

Suggested change

	```diff
	```diff lang="ts"

[megaconfidence]

Suggested change

	```diff
	```diff lang="ts"

[megaconfidence]

Suggested change

	```diff
	```diff lang="ts"

[megaconfidence]

Suggested change

	In online payments, it ss necessary to protect applications from bot attacks such as card testing and DDoS attacks.
	In online payments, it is necessary to protect applications from bot attacks such as card testing and DDoS attacks.

[hideokamoto-stripe]

@megaconfidence
Thanks you for reviewing my post!
I updated this draft.

Best.

[megaconfidence]

Thanks!

[holopin-bot]

Congratulations @hideokamoto-stripe, the maintainer of this repository has issued you a holobyte! Here it is: https://holopin.io/holobyte/cm4sobh0f71550cl4l290iw8n

This badge can only be claimed by you, so make sure that your GitHub account is linked to your Holopin account. You can manage those preferences here: https://holopin.io/account.
Or if you're new to Holopin, you can simply sign up with GitHub, which will do the trick!

[punkeel]

Thanks for the tutorial @hideokamoto-stripe! Do you think it would be interesting to record metadata.ephemeral_id (see server side validation docs) as a Stripe metadata, if returned by the /siteverify endpoint?