We are building an e-commerce application using react native. Now we need to integrate Stripe payment gateway in it. We already have the web version of the application is available.
So is it possible to reuse the payment gateway integration of the website?
By using the webview?
Like, we will be load a webpage(our site's page) in webview which basically collects the information from user and process the payment. Everything is done by the webpage.
Does this approach have any security issues?
Will it make an issue while publishing the app to playstore or appstore?
Stripe's web components all use iframes which by design cannot be accessed by 3rd parties, so from a security point of view using a webview with Stripe Elements is just as secure as using them on your website.
As for whether this is an issue with the various app stores, that depends on your business model and what your product is. I suggest you reach out to Google and Apple directly on what you're trying to do, as they both have draconian rules on when you can use a payment processor like Stripe and when you have to use their in-app purchases systems.
Related
I have a website and app(iOS/Android) where people can come and register and use my product.
We are now launching eCommerce on shopify and want that
existing users should be able to use their credential on shopify
If user is already logged in on the platform and navigate to shop then they should not required to login again.
If user directly come on shop and login then the same should be continue while using the platform.
Now I am looking for the following
Best plugin or third party integration
If anyone has built their own SSO or if there is any code available to implement the same without plugin.
I'm creating an app using React Native (using Expo, for what it's worth) and would like the app to be able to support donations via Apple Pay.
Expo's Stripe documentation includes a Snack that demonstrates how to support Apple Pay, and the documentation mentions that the Snack uses a Glitch server.
Furthermore, the Stripe documentation also seems to suggest that I need to create a web service to make things work ("For security reasons, your app can’t create these objects. Instead, add an endpoint on your server that...").
I had assumed that Apple Pay took care of these sorts of things behind the scenes and that payments would be processed by Apple's own servers. Do I really need to create a web service to support donations via Apple Pay?
Yes, absolutely, without doubt, you need a server for that. The payment intent is created with a secret key and your secret key needs to stay secret on your server.
Anything you put on the client is insecure and can be manipulated by those with bad intent.
If you wanted to have a client side only way to collect payments you can use Stripe Checkout, but from what I hear, it's fairly limited Related Question
I have made a simple React Native shopping app with CodeIgniter backend.
Then I am new to the payment integration. How to integrate payment in React-Native?
Is it possible to integrate paypal without backend? Backend is inevitable or can it be done without backend? In only frontend, such as calling payment webview.
Any reference link or help will be appreciate. Thank you.
Without server-side coding, it cannot be done.
Even though it is just a web view with transaction details, we need to maintain the value as an encrypted format while sending to the service URL and receiving the response from them and this encryption should be done on the server-side.
Also for security reason, we need to maintain database in the server-side to store the basic data of the transaction to make your system trustable one. And there are a lot more other parameters.
Without these kinds of basic security implementations, payment service guys will not allow your app to live.
For paypal integration, follow this link to get some basic understanding.
paypal integration
Thanks
I am building the backend for our company's mobile app and we need to send notifications to users from API based on some events. I need some advice on how I can implement this. I am looking for a platform where I can send notifications for both IOS and Android. I recently came across Firebase and got some info that the mobile-app will send a device token to the server, then we will handle the push notification using this token. My assumption here is, I need to save this device token for all the users in a database and send the notification as necessary. Is this the best approach or are there any other good approaches for this? I am pretty sure there will a lot of solutions where I do not have to handle this myself (in database)
I was also looking into Azure Notification Hub for this, but the cons I felt here is that my UI guy (outsourced) is developing the application in React Native and I have not seen any good examples of React Native using Azure Notification Hub.
I am expecting around 1000 users for my application and I am developing my backend in ASP.NET WebAPI. Mostly I will have 2 types of notification
Push notification to specific user.
Push Notification regarding new installations to all the users
Well, according to my experience the best way and the easiest way is using firebase. You will have a lots of option there. In fact according to their comment, whether you're a beginner, intermediate or advanced React Native developer you can be up and running with React Native Firebase in no time.
https://www.npmjs.com/package/react-native-firebase
For more information and adding a project:
https://rnfirebase.io
Firebase getting start:
https://github.com/invertase/react-native-firebase-starter
How does it work?
Firebase Cloud Messaging architecture diagram
An FCM implementation includes two main components for sending and receiving:
A trusted environment such as Cloud Functions for Firebase or an app server on which to build, target, and send messages.
An iOS, Android, or web (JavaScript) client app that receives messages.
You can send messages via the Admin SDK or the HTTP and XMPP APIs. For testing or for sending marketing or engagement messages with powerful built-in targeting and analytics, you can also use the Notifications composer.
last comment copy-right: https://firebase.google.com/docs/cloud-messaging/
I'm adding a login page for my mobile app, so that it integrates with Bluemix Single Sign On. I'm at the step to configure the Node.js app following the Bluemix Doc at Configuring a Node.js app. The example here about callback is for a web app. In the mobile app context, I don't have a redirect URL. So this code for example:
app.get('/auth/sso/callback',function(req,res,next) {...}
On the mobile client side, do I do a GET to /login?
I already have a login implemented using Mobile Client Access service. Is it something I can build up upon? For example,
app.post('/apps/:tenantId/:realmName/handleChallengeAnswer', function(req, res {...}
Can I call the Single Sign On API in here?
Thanks a lot for your help!
Jen
Is your mobile application based on nodejs? If so and you use a webview on your mobile application you could leave to the webview component to manage your authentication flow like working with a browser.
You instead have to manage authentication if your application is integrating with Rest APIs, in this case you could use SSO but your application has to manage cookies like a browser.
Bluemix Single Sign On so far has only been tested on web applications. I have no knowledge on whether Single Sign On would work smoothly on mobile applications.
Also, the Bluemix Single Sign On follows the OIDC protocol. So the redirect URL is a mandatory parameter when using the service, unfortunately.
Regarding building upon your login implementation, to my knowledge, it is not possible to include your implemented login in place of what is provided with the Single Sign On service. But you can choose to add the login implementation in addition to the login needed when using Single Sign On.
Hope that addresses your questions.