英文:
Encrypting Stripe customer and firebase user ids
问题
在NextJS环境中是否需要加密Stripe客户ID?我有一个NextJS API路由,它根据Firestore数据库中的Stripe客户ID(用于Firebase的Stripe扩展)更新客户的电子邮件地址:
const {
email = '',
name = '',
customerId = ''
} = req.body;
const customer = await stripe.customers.update(
customerId, {
email,
name
}
);
这看起来像一个线程,因为其他人可能会猜测Stripe客户ID并更新其值。是否更好将所有与Stripe付款相关的功能迁移到Firebase Functions,或者将其公开是安全的?考虑一下“Setup Intents”...它们有多不同?
更新:
useEffect(() => {
const { stripeId } = authUser || {};
if (stripeId) {
fetch('/api/setup_intent', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ customerId: stripeId })
})
.then((res) => res.json())
.then((data) => setClientSecret(data.clientSecret));
}
}, [authUser]);
英文:
Is there a need for encrypting the Stripe customer ID within the NextJS environment? I have a NextJS API route which updates the customer email address based on the Stripe Customer ID from the Firestore database (Stripe extension for Firebase):
const {
email = '',
name = '',
customerId = ''
} = req.body;
const customer = await stripe.customers.update(
customerId, {
email,
name
}
);
This looks like a thread, as others who might guess the Stripe customer ID can update the value. Should all Stripe payment-related functionality better be migrated to Firebase Functions, or is it safe to expose it? Think about the Setup Intents... how different are they?
Update:
useEffect(() => {
const { stripeId } = authUser || {};
if (stripeId) {
fetch('/api/setup_intent', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ customerId: stripeId })
})
.then((res) => res.json())
.then((data) => setClientSecret(data.clientSecret));
}
}, [authUser]);
答案1
得分: 1
将此作为社区维基帮助其他可能遇到此问题的会员发布:
正如 @toby 所述:
客户 ID 本质上不是敏感信息,因为除非还有访问该帐户的 API 密钥,否则不能使用 Stripe API 来执行任何操作,因此我的初步印象是公开这些 ID 不会造成安全风险。尽管如此,如果您所依赖的客户 ID 是由您的客户端代码提供的,那么我认为熟练的用户可能会调整客户端请求中提供的值,这可能是一个问题。
英文:
Posting this as community wiki to help other members that will encounter this issue:
As stated by @toby:
> Customer IDs are not inherently sensitive, as no action can be taken
> using the Stripe API with that ID unless there is also access to an
> API key for that account, so my initial impression is that exposing
> those is not a security risk. That being said, if the Customer ID
> you're relying on is being provided by your client-side code, then I
> believe it would be possible for a savvy user to adjust the value that
> is being provided in your client-side requests, and that could be a
> concern.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论