This example demonstrates card payment processing using Express.js and the Global Payments SDK.
- Node.js 14.x or later
- npm (Node Package Manager)
- Global Payments account and API credentials
server.js- Main application file containing server setup and payment processingindex.html- Client-side payment formpackage.json- Project dependencies and scripts.env.sample- Template for environment variablesrun.sh- Convenience script to run the application
- Clone this repository
- Copy
.env.sampleto.env - Update
.envwith your Global Payments credentials:PUBLIC_API_KEY=pk_test_xxx SECRET_API_KEY=sk_test_xxx - Install dependencies:
npm install
- Run the application:
Or manually:
./run.sh
node server.js
The application uses Express.js to create a web server that:
- Serves static files
- Processes payment requests
- Provides configuration endpoint for client-side SDK
- Handles JSON and form-encoded requests
Global Payments SDK configuration using environment variables:
- Loads credentials from .env file
- Sets up service URL for API communication
- Configures developer identification
Payment processing flow:
- Client submits payment token and billing zip
- Server creates CreditCardData with token
- Creates Address with postal code
- Processes $10 USD charge
- Returns success/error response
Implements comprehensive error handling:
- Catches and processes API exceptions
- Differentiates between API and general errors
- Returns appropriate error messages
Returns public API key for client-side SDK initialization.
Response:
{
"publicApiKey": "pk_test_xxx"
}Processes a payment using the provided token and billing information.
Request Parameters:
payment_token(string, required) - Token from client-side SDKbilling_zip(string, required) - Billing postal code
Response (Success):
Payment successful! Transaction ID: xxx
Response (Error):
API Error: [error message]
or
Error: [error message]
This example demonstrates basic implementation. For production use, consider:
- Implementing additional input validation
- Adding request rate limiting
- Including security headers
- Implementing proper logging
- Adding payment fraud prevention measures
- Using HTTPS in production
- Configuring Cross-Origin Resource Sharing (CORS) appropriately