Hi Chris. Thanks for sharing this great article. I`d like to suggest one improvement. From a security perspective your initial example could be misleading. The decision about shipment is done in client code and could be easily bypassed by a malicious user. I try to make our devs aware of such design weaknesses. Maybe you add some comments to also doublecheck payment on server side or find another example? Best, Rocco
Hi Chris. Thanks for sharing this great article. I`d like to suggest one improvement. From a security perspective your initial example could be misleading. The decision about shipment is done in client code and could be easily bypassed by a malicious user. I try to make our devs aware of such design weaknesses. Maybe you add some comments to also doublecheck payment on server side or find another example? Best, Rocco
hi Rocco. This is not client code. It's Node.js i.e server side. I can add a comment though cause I agree with you generally, thanks :)