cloudflare / production-saas Goto Github PK
View Code? Open in Web Editor NEW(WIP) Example SaaS application built in public on the Cloudflare stack!
Home Page: https://blog.cloudflare.com/production-saas-intro
License: MIT License
(WIP) Example SaaS application built in public on the Cloudflare stack!
Home Page: https://blog.cloudflare.com/production-saas-intro
License: MIT License
Many of the project's dependencies are outdated, they should be bumped to the latest versions where possible. At a later stage, we have to see whether dependencies have been abandoned and need to be replaced
A readme with background information, some explanation and a getting started page
Dispatch calls to the Stripe API for full customer and billing needs.
Note: The API calls will be real, but we'll always be using "test mode" Stripe tokens
User
model changes to Stripe.Customer
updates.Space
, Document
, Schema
, and Member
limits to Stripe.Subscription
updatesOffer this as an add-on product within the SaaS.
Owners of a Space
can "buy" a vanity domain for their space, which then affects their Stripe subscription (#10)
During inspection and testing of several components, I found many holes and bad practices.
If I have time, I will list them all, but the most important one (and the one that really bugs me) is the fact that you create a JWT token containing ALL the information about the user.
This includes his password, salt... everything. Go to: https://www.javainuse.com/decodeJWT and decode the token you obtain when logging in:
{
"uid": "...",
"firstname": "...",
"lastname": "...",
"created_at": 1661322119,
"last_updated": null,
"password": "d5e838175810db5b0a65a8fad510c701cba81f5cdd0b683a445383301bc37499950e2856a2c39ede8545dd2dac2213bf9166db34c66ade91476c49d51a12d27f",
"salt": "D7uxWw3hCSMibL20OaRW0agKwZrxcaJ0FyWvHfhq6Pe6TuzugTPMlsscWaqNaPm6JsPGYRxdUraqDg9D-1cM-eKwDHnyeSK8tUouL_S1nzJC8febBOartzJVWlUOoS0I",
"iat": 1661324521,
"exp": "166132452186400"
}
I'm not even sure where iat
is coming from since it's not in the User object... I guess from worktop/jwt. Anyway, I suggest changing this to a more standard format like: https://www.javainuse.com/jwtgenerator
{
"Issuer": "Issuer",
"Issued At": "2022-08-24T06:56:07.654Z",
"Expiration": "2022-08-24T06:56:07.654Z",
"Username": "JavaInUse",
"Role": "Admin"
}
Not sure if any of this matters since this looks like an abandoned project... but anyway, do not use it in production just yet.
TBD – ongoing list of new features and/or products to integrate into the application.
Current ideas:
R2 for media / document assets
Cloudflare Images integration
Durable Objects
Services Integration
Article Renderer (Phase 3) making calls to JSON API (Phase 1)
Cool project! I followed your svelte-worker-ssr demo a while back and some other Svelte stuff before. Super cool you joined Cloudflare and congrats. Rooting for your success here.
I think for this to truly take off, regardless of how awesome you make this code-wise, it needs clear documentation that targets absolute beginners. I think the pros will go elsewhere (for short term at least).
I am flagging this now because I think docs should be rolled out alongside the features you’re adding. And I think the features should start easiest first.
For example, I just want a dead-simple, suggested, and very opinionated solution that someone smarter than me has designed that’s easy to get started on.
So let’s say I want a static website and I want to host on Cloudflare Pages. This isn’t very exciting or groundbreaking. I could use a million tools to generate this.
Now, let’s add just one dynamic route. What if I want to go all-in with Workers? Well, kind of SOL from a getting starting stand point. It’s just one dynamic route, but now I’m using other community frameworks, third party adaptors that might break, the HTML rewriter in a messy file setup I threw together and all sorts of tools to use but not just an easy “here’s a super simple Cloudflare way of project where to put backend logic that meets your front end template”.
The PHP framework Larval comes to mind for something to draw inspiration from. It’s something that goes out of the way for their noobiest customer can pick up and do just basic routing to full blown crazy web apps. In fact, setup is just like 2 routes I think until you add on.
Check out their documentation and getting started process (yes, php); https://laravel.com/docs.
They have clean and easy explainers for everything. The code is painfully simple. This is a route code sample. This is a dynamic route code sample. This is a 404 route code sample. This is authenticated route code sample. This is POST example with formData. Etc…
It’s not “production-sass” demo that I think Worker audience needs and instead is a “Cloudflare-official-worker-app-starter”. Hopefully you see my point I am trying to make.
Just my annoying thoughts on direction you all are going. Congrats again. You’re a legend and excited to see your work!
Will be required before Durable Object usage (P3)
Requires Cache.reply
and non-global context.bindings
usage.
I wanted to see if you were looking for contributors/maintainers to help support the project? I know Cloudflare's org has a blanket CONTRIBUTING doc, but I wasn't sure if it aligns with what your goal is for the project @lukeed.
Build a JSON API that, on its own, is a feature-complete SaaS application.
Products
Integrations
Strapi.io for admin CMS
Tina.io for frontend website
can lure nodejs/nextjs developers into this project
just like how appwrite.io perfectly fits on firebase
if strapi can perfectly fit on cloudflare...
what more do we need?
Migrate to miniflare@2 (currently in rc) for:
Schema
s belong to a Space
and are a metered unit for a subscription.
Schemas are Document
archetypes, ensuring all its Document
children are valid and conform to the definition.
TODO
Define a system for the fields
property that allows a customer to easily piece together input types with configurable validation logic. Might require a new Field
model, but definitely requires some object-like representation that can live within KV. Requires #9 runtime
Send transaction emails to the "customer" for all account-related events:
Admin tasks:
Must finish my validation library* to standardize a way to declare models' validation rules and automate request body validation+errors.
* May or may not be a part of the
worktop
suite.
Will include a build-time plugin that automatically converts the validation rules/logic into JS function(s) for most efficient runtime code.
@lukeed Why not use thunderclap(A database on top of Workers KV) for this project.
Full SaaS application running on Cloudflare is great. But are there any plans to build a CMS that commits to git to keep the content in the repo only and build with the CI/CD on Cloudflare?
Also if the website content is stored in the KV and a static JAMSTACK site is built, direct way to access KV from the API in the build phase, and CMS can direct save in KV would be great.
main
branchHeadless CMS -> "headful" / monolithic CMS
Hey, this is incredible idea, as I've been thinking myself how great workers can be for a CMS, and how much easier it would be to maintain than all the other CMS's out there. Curious of the status here? Is development continuing or has this project been abandoned? Thanks.
Complete coverage via:
- unit
- endpoints
- mock 3rd party
- mock cloudflare for saas
Relies on #7
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.