Best practice to create a django user connected to a stripe customer
I'm trying to create a simple website for selling a digital good. Frontend is html/js, backend is django (using allauth, with simple email registration and a Custom User model) and I'm using stripe to handle payments. I've implemented a checkout workflow where a (anonymous) user can order via the hosted stripe checkout.
However in order to properly handle the user's access to the digital goods, I need to somehow sync the stripe customer to a django user. The workflow, respectively best practice for this is unclear to me.
- Should I create a checkout session for the anonymous user and then use the stripe webhook confirmation to create a user (maybe sending the user a login link)? (What if the email has a typo?)
- Should I create a local user first, then via strip API a stripe customer (mapping the id as meta-data) and include the customer_id in the checkout? (seems clunky with multiple steps for the user, when they don't have an account yet)
- Something else from the stripe API (PaymentIntent)?
- ...?
What are best practices for this? What are advantages / disadvantages of the respective approaches?
I'm aware that this is a bit vague and will depend on the nature of the business however as a general pattern "User-pays, User-downloads" I hope it is a viable question - also when using other payment providers. I did not find a best practice or discussion of such a pattern, for example with respect to security, email validation etc.