VaderVPN — Stripe Checkout

Integration steps

Prep the WordPress site and backend so Stripe can mint tokens automatically when payouts activate.

WordPress

Checkout page

Use Stripe’s official plugin or WP-Simple-Pay. Embed the “Purchase VaderVPN Access” button and set the success URL to https://yourdomain/pay/fiat/success.

Webhook

Event listener

Create an endpoint (e.g. `/api/payments/stripe/webhook`) that validates signatures, ensures `checkout.session.completed`, and calls the token generator with plan metadata.

Token delivery

Notify customer

Return JSON to WordPress and send email with the token display value. Offer an instant copy on the success page that warns about one-time visibility.

Webhook payload schema

Use this structure to align the webhook handler with the MariaDB token store.

{
  "event": "checkout.session.completed",
  "data": {
    "id": "cs_test_a1b2c3",
    "customer_email": "you@example.com",
    "amount_total": 1900,
    "currency": "usd",
    "metadata": {
      "plan": "pro",
      "device_limit": "3",
      "token_note": "stripe:cs_test_a1b2c3"
    }
  }
}

Map `metadata` into generate_vpn_token.sh --rules and `token_note` for audit trails.

Testing plan

Before launch, run these cases in Stripe test mode.

Happy path: test card 4242… completes, webhook issues 24h token.
Payment fails: ensure no token minted, customer sees retry instructions.
Duplicate webhook delivery: handler must stay idempotent (check `id` vs DB before minting).
Dispute/refund: script or manual path to set token status to `revoked`.