This post jumps ahead of the previous ones a little bit and is more like a scribbled memo than a post. The reason for it is to note how, when the time comes, the Stellar API would be implemented as a checkout system.
CryptoCurrency payments aren't taken but received
If you wanted a user to checkout in the old-fashioned way by taking a payment from them on your website, this would technically be possible from Stellar's Payment API if they were to enter their Secret Key. BUT DON'T DO THIS. The CryptoCurrency payment flow involves receiving payments from customers, not taking those payments from them.
How a payment is sent to you
The payment flow for CryptoCurrency is a payment sent from a user's wallet to an address (public key). You then listen for the payment coming in.
How this works as part of an automated payment system
Typically a user is shown a QR code that can be scanned with their phone. They'll either do this from inside an app like Coinbase or the QR code will open an app that can handle the request when the link is tapped. If you have the Lobstr wallet installed, for example, this will open when a Stellar QR encode is encountered.
There doesn't need to be a QR code, it could just be a hyperlink. However, if the user's wallet is on a phone and this is the most convenient way for them to make the payment, then copying and sending the link between devices can be cumbersome.
Building the URI
Stellar have a standard for this (as does Bitcoin), using a custom URI with the scheme name web+stellar. For further explanation see also here.
For generation of URLs using Node.js, see Node SEP-0007 URL. (For QR code generation there is a suggested Node.js package or you might want to experiment with Google's QR code offering.)
Making a refund
When it comes to refunding a payment or making a payment from your website to someone else, you won't be in a position to scan their QR code, so instead you would ask for their public key and then use the Stellar API to make the payment or refund.
To make things easier for the user you might consider using the Freighter extension (Chrome and Firefox) as a means to retrieve the user's public key in an automated but transparent way.
For further help
You can make contact with me on twitter under the handle @sketchytech if you need further assistance. I'll always be happy to help and would be delighted to hear about any projects you might want me to be involved in.