Skip to content

shanewas/payflow

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

70 Commits
.github/workflows
.github/workflows
Β 
Β 
client
client
Β 
Β 
migrations
migrations
Β 
Β 
scripts
scripts
Β 
Β 
src
src
Β 
Β 
tests
tests
Β 
Β 
.env.example
.env.example
Β 
Β 
.gitignore
.gitignore
Β 
Β 
Dockerfile
Dockerfile
Β 
Β 
README.md
README.md
Β 
Β 
docker-compose.yml
docker-compose.yml
Β 
Β 
package-lock.json
package-lock.json
Β 
Β 
package.json
package.json
Β 
Β 

Repository files navigation

πŸ’³ PayFlow

A full-stack payment integration system built with Node.js, Stripe, PostgreSQL, and React.

Node.js Express React PostgreSQL Stripe Docker

πŸ“‹ Table of Contents

Overview

PayFlow is a production-ready payment processing backend and frontend that demonstrates a real-world Stripe integration. It handles the full payment lifecycle β€” from user registration and order creation, through payment intent generation and webhook processing, to refunds and admin reporting.

Architecture

+-----------------+      +-----------------+      +----------------+
|   React Client  | ---> |   Node.js API   | ---> |   PostgreSQL   |
| (localhost:3001)|      | (localhost:8080)|      |      (db)      |
+-----------------+      +-----------------+      +----------------+
                                 |
                                 v
                        +-----------------+
                        |   Stripe API    |
                        |  + Webhooks     |
                        +-----------------+
Service Port Description
API 8080 Node.js / Express REST API
Client 3001 React frontend
Database 5432 PostgreSQL 12
PgAdmin 5050 Database UI (dev only)

Features

  • πŸ” JWT Authentication β€” Register, login, access + refresh tokens
  • πŸ’³ Stripe Payments β€” PaymentIntents with SCA compliance
  • πŸ”” Webhooks β€” Real-time payment status updates from Stripe
  • ↩️ Refunds β€” Full and partial refund support
  • πŸ“¦ Order Management β€” Orders linked to payments
  • πŸ›‘οΈ Security β€” Helmet, CORS, rate limiting, input validation, idempotency keys
  • πŸ‘‘ Admin API β€” Revenue stats, full payment history, admin refunds
  • πŸ“„ Swagger Docs β€” Interactive API docs at /docs
  • 🐳 Docker β€” Full stack with one command
  • βœ… Tests β€” Unit and integration test suite with Jest

Quick Start

Option A β€” Docker (Recommended)

# 1. Clone the repo
git clone https://github.com/shanewas/payflow.git
cd payflow

# 2. Set up environment
cp .env.example .env
# Edit .env and fill in your Stripe keys and JWT secrets

# 3. Start everything
docker-compose up --build -d

# 4. Run migrations
docker-compose exec api node scripts/migrate.js

API available at http://localhost:8080
Client available at http://localhost:3001
PgAdmin available at http://localhost:5050

Option B β€” Local Setup

Backend:

npm install
cp .env.example .env
# Edit .env with your values
npm run migrate
npm start

Frontend:

cd client
npm install
# Create client/.env with REACT_APP_STRIPE_PUBLISHABLE_KEY=pk_test_...
npm start

Environment Variables

Copy .env.example to .env and fill in the values:

Variable Description Example
PORT API server port 8080
NODE_ENV Environment development
DATABASE_URL PostgreSQL connection string postgres://user:pass@localhost:5432/payflow
STRIPE_SECRET_KEY Stripe secret key sk_test_...
STRIPE_WEBHOOK_SECRET Stripe webhook signing secret whsec_...
JWT_ACCESS_TOKEN_SECRET JWT access token secret random-secret
JWT_ACCESS_TOKEN_EXPIRATION Access token expiry 15m
JWT_REFRESH_TOKEN_SECRET JWT refresh token secret random-secret-2
JWT_REFRESH_TOKEN_EXPIRATION Refresh token expiry 7d
CORS_ORIGIN Allowed CORS origin http://localhost:3001
REACT_APP_STRIPE_PUBLISHABLE_KEY Stripe publishable key (frontend) pk_test_...

Get your Stripe keys at dashboard.stripe.com/apikeys

API Reference

Full interactive docs available at GET /docs when the server is running.

Auth

Method Endpoint Description Auth
POST /auth/register Register a new user β€”
POST /auth/login Login and get tokens β€”

Payments

Method Endpoint Description Auth
POST /payments/intent Create a payment intent βœ…
GET /payments Get payment history βœ…
GET /payments/:id Get payment details βœ…
POST /payments/:id/refund Refund a payment βœ…

Orders & Checkout

Method Endpoint Description Auth
POST /orders Create an order βœ…
POST /checkout Start checkout for an order βœ…

Webhooks

Method Endpoint Description Auth
POST /webhooks/stripe Stripe webhook receiver Signature

Admin

Method Endpoint Description Auth
GET /admin/payments All payments with filters βœ… Admin
GET /admin/stats Revenue and status stats βœ… Admin
POST /admin/refund/:id Refund any payment βœ… Admin

Testing

# Run all tests
npm test

# Run with coverage
npm run test:coverage

# Run only unit tests
npm run test:unit

# Run only integration tests
npm run test:integration

Integration tests require a running PostgreSQL instance. Set DATABASE_URL to a test database before running.

Stripe Test Cards

Use these in the payment form with any future expiry and any 3-digit CVC:

Scenario Card Number
βœ… Payment succeeds 4242 4242 4242 4242
❌ Payment declined 4000 0000 0000 0002
πŸ” Requires 3D Secure 4000 0025 0000 3155
⚠️ Insufficient funds 4000 0000 0000 9995

Deployment

  1. Set NODE_ENV=production in your environment
  2. Use a process manager like PM2 for the Node.js app
  3. Configure your Stripe webhook in the Stripe Dashboard to point to https://yourdomain.com/webhooks/stripe
  4. Ensure your PostgreSQL database is secured, backed up, and accessible only from the API server
  5. Set all secrets to strong random values β€” never commit .env to git

License

MIT

About

A full-stack payment integration system built with Node.js, Express, Stripe API, PostgreSQL and React. Features JWT auth, webhooks, refunds, and Docker support.

Topics

react nodejs docker jwt stripe rest-api postgresql expressjs payments

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages