Skip to content

Add custom create_checkout_session options (like success_url) to credit pack purchases #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rameerez merged 4 commits into from
Jan 14, 2026
Merged

Add custom create_checkout_session options (like success_url) to credit pack purchases #5

rameerez merged 4 commits into from
Jan 14, 2026

Conversation

@yshmarov
Copy link
Contributor

@yshmarov yshmarov commented Apr 4, 2025
edited by cursor bot
Loading

with **options now you can pass additional params to the checkout session.

session = credit_pack.create_checkout_session(
  current_organization,
  allow_promotion_codes: true,
  success_url: organization_credits_url(current_organization),
  cancel_url: organization_credits_url(current_organization)
)

fixes #3

Note

Adds flexible checkout customization while preserving fulfillment safety and backward compatibility.

  • Update create_checkout_session(user, **options) to pass through common Stripe options (success_url, cancel_url, allow_promotion_codes, locale, customer_email, etc.)
  • Safely merge custom metadata and payment_intent_data[:metadata] with base_metadata; base fields take precedence
  • Strip protected params (mode, line_items) to prevent overriding; always uses mode: "payment" and pack-defined line items
  • Avoid mutating caller-provided hashes by duping payment_intent_data
  • Extensive tests cover option passthrough, metadata precedence, protected parameters, edge cases (nil/empty options), non-mutation, and backward compatibility

Written by Cursor Bugbot for commit ca3ab89. This will update automatically on new commits. Configure here.

@yshmarov yshmarov mentioned this pull request Apr 5, 2025
Draft
8 tasks
@claude claude bot mentioned this pull request Dec 27, 2025
Merged
@onurozer
Copy link

onurozer commented Jan 10, 2026

@rameerez any chance you can merge this? It allows specifying a success_url (among other params) when creating a checkout session. Thanks!

yshmarov and others added 3 commits January 14, 2026 17:12
@yshmarov @rameerez
credit packs - allow custom payment processor options
0e007d9
@rameerez @claude
Add safe metadata merging and parameter protection
8be2b43 
Building on the initial **options implementation:
- Merge custom metadata with base_metadata (preserves credit fulfillment data)
- Merge payment_intent_data metadata similarly
- Protect mode and line_items from being overridden
- Add comprehensive YARD documentation with examples

This ensures users can customize checkout sessions (success_url, cancel_url,
allow_promotion_codes, locale, etc.) without accidentally breaking the
credit fulfillment flow by overriding critical metadata.

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@rameerez @claude
Add comprehensive tests for custom checkout options
8ec892b 
Tests cover:
- Pass-through options (success_url, cancel_url, allow_promotion_codes, locale, etc.)
- Metadata merging (custom metadata + base_metadata preserved)
- payment_intent_data metadata merging
- Protected parameters (mode, line_items cannot be overridden)
- Backward compatibility (no options = works as before)
- Edge cases (empty options, nil metadata, nil payment_intent_data)

17 new tests ensuring credit fulfillment data is always preserved
while allowing flexible checkout customization.

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@rameerez rameerez force-pushed the credit-packs---allow-custom-payment-processor-options branch from e938c47 to 8ec892b Compare January 14, 2026 17:15
@rameerez
Copy link
Owner

rameerez commented Jan 14, 2026
edited
Loading

Thanks for the PR @yshmarov!

I asked Claude to make sure this wouldn't break anything and it came up with this:

What was added

1. Safe metadata merging and parameter protection

The original **options splat could allow accidental override of critical data needed for credit fulfillment. The improved implementation:

  • Merges metadata instead of replacing it - custom metadata is added while base_metadata (purchase_type, pack_name, credits, etc.) is always preserved
  • Protects critical parameters - mode and line_items cannot be overridden (they're stripped from options before passing through)
  • Handles payment_intent_data specially - its metadata is also merged to preserve fulfillment data

2. Comprehensive test coverage

Added 17 new tests covering:

  • ✅ Pass-through options (success_url, cancel_url, allow_promotion_codes, locale, customer_email, etc.)
  • ✅ Metadata merging (custom + base preserved)
  • ✅ payment_intent_data metadata merging
  • ✅ Protected parameters cannot be overridden
  • ✅ Backward compatibility
  • ✅ Edge cases (nil values, empty hashes)

Usage example

# All these options work safely:
session = credit_pack.create_checkout_session(current_user,
  success_url: credits_url,
  cancel_url: pricing_url,
  allow_promotion_codes: true,
  locale: I18n.locale,
  metadata: { organization_id: org.id }  # Merged with base_metadata
)

cursor[bot]
cursor bot reviewed Jan 14, 2026
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR is being reviewed by Cursor Bugbot

Details

You are on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle.

To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.

Repository owner deleted a comment from claude bot Jan 14, 2026
@rameerez @claude
Fix mutation of caller's payment_intent_data hash
ca3ab89 
The method was mutating the caller's hash by calling .delete(:metadata)
directly on the passed payment_intent_data. This caused unexpected side
effects when callers reused their hash for multiple checkout sessions.

Fix: Use .dup to create a copy before mutating.

Added regression tests:
- Verify caller's hash is not mutated after call
- Verify hash can be reused for multiple checkout sessions

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@rameerez rameerez merged commit fdc4278 into rameerez:main Jan 14, 2026
23 of 24 checks passed
@rameerez rameerez changed the title credit packs - allow custom payment processor options Add custom create_checkout_session options (like success_url) to credit pack purchases Jan 15, 2026
@rameerez
Copy link
Owner

rameerez commented Jan 15, 2026

Merged and shipped in v0.2.1 🎉 @onurozer @yshmarov

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

credit_pack.create_checkout_session should support checkout_session_params

3 participants

@yshmarov @onurozer @rameerez