Sometimes getting duplicate orders in checkout

Jon_Myrstad · July 26, 2017, 1:33pm

Hi,

We’ve just gone live with our Magento2 installation that uses your Stripe extension. And out of the 60 first orders we’ve had four cases where a customer has managed to get two orders and two transactions through Stripe for one quote.

Looking at apache logs I can see the following as a pattern with all of them, I’ve removed sensitive information like IPs and key’s used in the URL. But I can assure you that they are identical.

{Customer_ip} - - [25/Jul/2017:14:11:45 +0200] "POST /rest/default/V1/df-payment/{Identical_Key}/place-order HTTP/1.1" 200 314 "https://example.com/checkout/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) ..."

{Customer_ip} - - [25/Jul/2017:14:11:45 +0200] "POST /rest/default/V1/df-payment/{Identical_key}/place-order HTTP/1.1" 200 314 "https://example.com/checkout/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) ..."

The two transactions related to the orders has unique order id’s at this point, but everything else is identical. Where the first is XXXX35 and the second is XXXX36. Incremented by 1. In the responses from Stripe there’s unique “id”'s.

Looking at the “quote” database table, the “reserved_order_id” column has been set to the id of the second order (XXXX46) with no traces of the first (XXXX35)

This is a probably a problem that the customer is causing by clicking “Place order” multiple times, but one would kind of think that some validation was being done serverside to prevent something like this, especially if it has already happened in 4/60 checkouts.

Hope you might know of a solution to this.

dmitry_fedyuk · July 26, 2017, 3:01pm

It would be nice if you were able to reproduce it yourself.
If you are unable to do so, then please provide me an access to your server, and I will investigate it.

Jon_Myrstad · July 26, 2017, 3:15pm

I have already left work for today and don’t want to give anyone access to the servers without myself being available at the same time, as we’re in production. Is there a specific time tomorrow that would work for you?

dmitry_fedyuk · July 26, 2017, 3:24pm

I do not provide a real-time support service.
Just send me credentials, and I will investigate your problem when I will have time to do so.

dmitry_fedyuk · July 26, 2017, 9:27pm

I have just implemented an improvement in the 2.9.10 version of the mage2pro/core package: now I disable the «Place Order» button completely while Magento server and Stripe server process the payment.
So please upgrade your extension using the standard procedure (it should upgrade the mage2pro/core package automatically) and let’s wait a week or two to see whether it resolves the problem.

Jon_Myrstad · July 26, 2017, 11:20pm

Great Dmitry!

Thanks for the quick follow up. I’ll update tomorrow and wait and see if we get any more duplicates. If the problem persists I’ll setup permissions so that you can have a look if it proves to not fix the problem.

Thanks,
Jon

Jon_Myrstad · August 8, 2017, 11:26am

This seems to have fixed the problem as we’ve not have any new cases of this since the update.