Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

larswoltersdev's avatar

Disallow multiple subscriptions Stripe Checkout URL and Cashier

Hi all,

I've been encountering the following challenge:

In our app, a user is able to subscribe to a premium plan. It is done through the Stripe Checkout page, rather than our own checkout page. The user is redirected to Stripe Checkout through the following code in a function:

if ($request->user()->subscribed($plan)) {
    throw new Exception('You are already subscribed.');
}

return $request->user()->newSubscription($plan, $price)->checkout([
    'success_url' => route('profile.show'),
    'cancel_url' => route('profile.show'),
]);

It works fine: the user can only subscribe if not subscribed, but there is one problem: Let's say we copy the URL of the Stripe Checkout page, and then we proceed to subscribe to the premium plan. When billing is successful, we receive some POST webhooks from Stripe and a subscription is created in our database through Laravel Cashier.

Now here is the thing: when visiting the copied Stripe Checkout URL, the user is able to subscribe again, and no exception would be thrown.

Does anyone know how to solve this problem? Or is it a problem at all?

0 likes
2 replies
kokoshneta's avatar

Unless there is some way within your Stripe setup to specify that a particular subscription type should be limited to one subscription per customer (and I don’t know if there is – I haven’t worked with Stripe subscriptions for about six years, and they’ve completely changed since then), I don’t see how you can fix it from your end, since all the code that actually creates the subscription and charges the client happens on Stripe’s servers.

You could check in your webhook if the subscription being returned from Stripe is a duplicate of an existing one, and if it is then use the Stripe API to remove and refund the newly created subscription and flash a message to the user that they had created a duplicate subscription which has been automatically cancelled. That would give more or less the same end result – but I don’t think you can prevent the subscription from being created in the first place from your end.

1 like
RhysLees's avatar

From reddit: https://www.reddit.com/r/stripe/comments/ktb0zq/comment/gil1vj2/?utm_source=share&utm_medium=web2x&context=3

You must implement the limit on your own system. In the event that a user subscribes twice, you can always cancel the latest subscription. I've never heard of a user wanting to pay for the exact same product twice, so I'm inclined to say the probability of someone opening a window twice and checking out simultaneously is extremely low.

Here is what I do for my membership site:

Require authentication if user not logged in.

If user has an active subscription, display details and provide a link to the customer portal to make adjustments (e.g., update billing info, cancel).

If the user does not have an active subscription, display a form to select the membership level and, when the user clicks submit, generate a Checkout session on the backend and redirect.

The key to preventing multiple subscriptions is that you are generating Checkout sessions server-side. You can always do a subscription check before generating that session, and return an error if the user is already subscribed.
1 like

Please or to participate in this conversation.