@dylanmurzello/vendure-plugin-square
Version:
Square payment integration plugin for Vendure e-commerce. Supports payment authorization, settlement, and refunds with PCI-compliant card tokenization.
336 lines (230 loc) โข 8.12 kB
Markdown
# ๐ณ Vendure Square Payment Plugin
**Official Square payment integration for Vendure e-commerce platform**
Process real payments through Square with full PCI compliance, automatic tokenization, and support for authorization, settlement, and refunds.
[](https://www.npmjs.com/package/vendure-plugin-square)
[](https://opensource.org/licenses/MIT)
## โจ Features
- ๐ณ **Full Payment Lifecycle** - Authorization, settlement, and refunds
- ๐ **PCI Compliant** - Card data never touches your server
- ๐ **Multi-Currency Support** - All Square-supported currencies
- ๐งช **Sandbox Testing** - Complete test environment with Square test cards
- ๐ **Transaction Metadata** - Full Square transaction details stored
- ๐ **Idempotent Operations** - Prevents duplicate charges
- โก **TypeScript** - Full type safety with TypeScript definitions
- ๐ก๏ธ **Error Handling** - Comprehensive error states and messages
## ๐ฆ Installation
```bash
npm install vendure-plugin-square square
```
**Peer Dependencies:**
- `@vendure/core`: ^3.0.0
- `square`: ^43.0.0
## ๐ Quick Start
### 1. Get Square Credentials
1. Create a Square Developer account at https://developer.squareup.com
2. Create a new application
3. Get your credentials:
- **Application ID** (for Web Payments SDK)
- **Access Token** (for backend API)
- **Location ID** (from your Square locations)
### 2. Configure Backend
Add to your `vendure-config.ts`:
```typescript
import { SquarePlugin, squarePaymentHandler } from 'vendure-plugin-square';
export const config: VendureConfig = {
// ... other config
paymentOptions: {
paymentMethodHandlers: [squarePaymentHandler],
},
plugins: [
SquarePlugin.init({
accessToken: process.env.SQUARE_ACCESS_TOKEN!,
environment: process.env.SQUARE_ENVIRONMENT as 'sandbox' | 'production',
locationId: process.env.SQUARE_LOCATION_ID!,
}),
// ... other plugins
],
};
```
### 3. Environment Variables
Add to your `.env`:
```bash
# Square Configuration
SQUARE_ACCESS_TOKEN=your_square_access_token
SQUARE_ENVIRONMENT=sandbox # or 'production'
SQUARE_LOCATION_ID=your_location_id
```
### 4. Create Payment Method in Admin
1. Login to Vendure Admin UI
2. Go to **Settings โ Payment methods**
3. Click **"Create new payment method"**
4. Configure:
- **Code:** `square-payment`
- **Handler:** Select "Square Payment"
- **Enabled:** ON
5. Save
## ๐จ Frontend Integration
### Install Square Web Payments SDK
Add the Square SDK to your storefront:
```typescript
import { useEffect, useState } from 'react';
// Load Square SDK
useEffect(() => {
const script = document.createElement('script');
script.src = 'https://sandbox.web.squarecdn.com/v1/square.js'; // or production URL
script.async = true;
document.body.appendChild(script);
}, []);
```
### Initialize Payment Form
```typescript
const payments = Square.payments(
process.env.NEXT_PUBLIC_SQUARE_APPLICATION_ID,
process.env.NEXT_PUBLIC_SQUARE_LOCATION_ID
);
const card = await payments.card();
await card.attach('#card-container');
// Tokenize card when submitting
const result = await card.tokenize();
const token = result.token;
```
### Submit Payment
```typescript
import { addPaymentToOrder } from '@vendure/core';
const paymentResult = await addPaymentToOrder({
method: 'square-payment',
metadata: {
sourceId: token, // Square payment token
},
});
```
## ๐ Payment Flow
### Authorization Flow (Two-Step)
By default, payments are **authorized** but not captured:
1. Customer submits payment
2. Square authorizes payment (reserves funds)
3. Order state: **PaymentAuthorized**
4. Admin settles payment in Vendure Admin
5. Square captures funds
6. Order state: **PaymentSettled**
**Benefits:**
- Verify inventory before capturing
- Cancel without refunding
- Better fraud protection
### Auto-Settlement (One-Step)
To automatically capture payments, modify the handler:
```typescript
// In square-payment-handler.ts, line ~92
autocomplete: true, // Change from false to true
```
## ๐งช Testing
### Sandbox Mode
Use Square's test card numbers:
| Card Number | Scenario |
|-------------|----------|
| `4111 1111 1111 1111` | Successful charge |
| `4000 0000 0000 0002` | Card declined |
| `4000 0000 0000 0341` | Insufficient funds |
**Test Card Details:**
- **CVV:** Any 3 digits (e.g., `111`)
- **Expiration:** Any future date (e.g., `12/25`)
- **ZIP Code:** Any 5 digits (e.g., `90210`)
More test values: https://developer.squareup.com/docs/devtools/sandbox/payments
## ๐ ๏ธ API Reference
### SquarePlugin.init(options)
Initialize the plugin with Square credentials.
**Parameters:**
| Option | Type | Description |
|--------|------|-------------|
| `accessToken` | `string` | Square API access token (required) |
| `environment` | `'sandbox' \| 'production'` | Square environment (required) |
| `locationId` | `string` | Square location ID (required) |
**Example:**
```typescript
SquarePlugin.init({
accessToken: process.env.SQUARE_ACCESS_TOKEN!,
environment: 'sandbox',
locationId: process.env.SQUARE_LOCATION_ID!,
})
```
### squarePaymentHandler
Payment method handler with code `'square-payment'`.
**Methods:**
- **createPayment**: Authorizes payment with Square
- **settlePayment**: Captures authorized payment
- **createRefund**: Processes full or partial refunds
## ๐ Security
### PCI Compliance
- โ
Card data handled entirely by Square
- โ
Single-use payment tokens
- โ
No sensitive data stored on your server
- โ
HTTPS required for production
### Best Practices
- Store access tokens in environment variables
- Never commit credentials to version control
- Use sandbox for development/testing
- Enable HTTPS on production domains
- Regularly rotate access tokens
## ๐ Troubleshooting
### "Payment method not found"
**Solution:** Create payment method in Vendure Admin with handler code `'square-payment'`
### "Square SDK not loaded"
**Solution:** Ensure Square Web Payments SDK script is loaded before initializing payment form
### "Missing Square payment token"
**Solution:** Card tokenization failed - check card details or Square SDK initialization
### "Authentication failed"
**Solution:** Verify Square access token and environment (sandbox vs production)
## ๐ Documentation
### Square Developer Resources
- [Square Developer Portal](https://developer.squareup.com/)
- [Payments API Guide](https://developer.squareup.com/docs/payments-api/overview)
- [Web Payments SDK](https://developer.squareup.com/docs/web-payments/overview)
- [Testing Guide](https://developer.squareup.com/docs/devtools/sandbox/payments)
### Vendure Resources
- [Vendure Docs](https://docs.vendure.io/)
- [Payment Integration Guide](https://docs.vendure.io/guides/core-concepts/payment/)
- [Plugin Development](https://docs.vendure.io/guides/developer-guide/plugins/)
## ๐ค Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
### Development Setup
```bash
git clone https://github.com/yourusername/vendure-plugin-square.git
cd vendure-plugin-square
npm install
npm run build
```
## ๐ License
MIT License - see [LICENSE](LICENSE) file for details
## ๐ช Credits
Built with โค๏ธ for the Vendure community
**Special Thanks:**
- Vendure team for the amazing e-commerce framework
- Square for their robust payment APIs
- The open-source community
## ๐ Changelog
### v1.0.0 (2025-09-30)
**Initial Release**
- โ
Complete Square payment integration
- โ
Authorization and settlement support
- โ
Refund processing
- โ
PCI-compliant tokenization
- โ
Sandbox and production environments
- โ
Full TypeScript support
- โ
Comprehensive error handling
**Questions or issues?** Open an issue on [GitHub](https://github.com/yourusername/vendure-plugin-square/issues)
**Want to contribute?** PRs are always welcome! ๐