Stripe.com Credit Card Integration code review request


(system) #1

juggernautsei wrote on Monday, September 21, 2015:

We have a working model that has been beta tested. Can we get a code review please?

We have made updates to the wiki page also.


(system) #2

bradymiller wrote on Monday, September 21, 2015:

Hi Sherwin,

Looks like a good start. I noted Terry reviewed some of the code and I placed some comments there. As an aside, how secure do the hashes/etc that are being placed in globals need to be?

-brady
OpenEMR


(system) #3

juggernautsei wrote on Sunday, September 27, 2015:

I think I understand your question to mean should it be visible to anyone with admin privileges.
I thought about it and placed the keys there because other applications have exposed names passwords and account ID stored in the globals even the lab exchange has it’s token ID there.

It is up to the administrator to keep a reign on anyone accessing this area of the program. So for ease of use and not to have the user have to dig through code to get this information into the system. I put them accessable.

I will see if there is a way to make this a password field that would obscure the information once it is in the box.

Sherwin
OMP


(system) #4

bradymiller wrote on Monday, September 28, 2015:

Sounds good. Was just trying to get an idea of how secure they needed to be (for example, should it be stored in it’s own table etc.). Sounds like globals should suffice and could always migrate it if there were concerns later on.
-brady


(system) #5

juggernautsei wrote on Monday, September 28, 2015:

Just for those that happen by this discussion. Stripe has an answer that goes beyond OEMR.
See their answer to this question.

In this link, they show how to roll the key. So new keys are readily available to change out at a moments notice. They can be changed every 30 60 90 days for a good secure system.

But even if the keys are stolen, no credit card information can be access ever, says stripe.


(system) #6

arnabnaha wrote on Monday, October 12, 2015:

Hi Sherwin,
Can you please share the full code in github. I cant find the full code for stripe.

Thanks


(system) #7

juggernautsei wrote on Monday, January 18, 2016:

Arnab,

I am revisiting this module. Are you still interested in the code?


(system) #8

arnabnaha wrote on Monday, January 18, 2016:

Hi Sherwin,
Thanks for the reply…Stripe doesnot work in India…So stripe integration will not be useful…I was asking for the code to checkout whether using the mechanisms I could integrate PAYUMONEY pathway into openemr…This is used in India

Thanks and regards,
Arnab Naha

P.S. I would love to get the document template module of yours integrated into official codebase


(system) #9

juggernautsei wrote on Monday, January 18, 2016:

The code is specific to Stripe. The coding for PAYUMONEY would have to come from them. They should have a developers pack that would be used to integrate the functions.

I found their API


(system) #10

arnabnaha wrote on Monday, January 18, 2016:

yes Sherwin…I have their API and the Merchant coe, salt etc which is required for payment processing


(system) #11

juggernautsei wrote on Monday, January 18, 2016:

Have you started developing?


(system) #12

arnabnaha wrote on Tuesday, January 19, 2016:

No, I havent started it yet…I need to see the integration process from your codes and then only I can try to get it in…

Thanks
Arnab Naha


(albanyeye) #13

Hello,
Is there Stripe integration in 5.01?
I see that 5.02 has that choice in Globals
Thanks


(ViSolve) #14

@albanyeye,
Look a glance on the below link.

Hope it helps.

Thanks,
ViSolve