Great article. I have some doubts about allowing updates to the payment table from the react app. A malicious user may use that endpoint to update payments records in your db.
I think the payment table should be updated in the backend based on events received by stripe via the webhook.
I might be entirely wrong, but that's my current understanding.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Great article. I have some doubts about allowing updates to the payment table from the react app. A malicious user may use that endpoint to update payments records in your db.
I think the payment table should be updated in the backend based on events received by stripe via the webhook.
I might be entirely wrong, but that's my current understanding.