@startup-api/cloudflare 0.3.1 → 0.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +42 -38
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -12,36 +12,35 @@ This application uses the Cloudflare Developer Platform, including Workers and D
|
|
|
12
12
|
|
|
13
13
|
## Installation
|
|
14
14
|
|
|
15
|
-
|
|
15
|
+
Start a new project with the **`npm create startup-api`** scaffolder. It generates a tiny Cloudflare Worker that pulls this framework in as the [`@startup-api/cloudflare`](https://www.npmjs.com/package/@startup-api/cloudflare) npm dependency — so you stay up to date with `npm update` instead of maintaining a fork of this repository.
|
|
16
16
|
|
|
17
|
-
|
|
17
|
+
```bash
|
|
18
|
+
npm create startup-api my-app -- --origin https://your-app-origin.com
|
|
19
|
+
cd my-app
|
|
20
|
+
npm run dev # local dev at http://localhost:8787
|
|
21
|
+
npm run deploy # deploy to Cloudflare
|
|
22
|
+
```
|
|
23
|
+
|
|
24
|
+
Run `npm create startup-api` with no arguments to be prompted for the project name and origin URL interactively. Useful flags: `--no-install` (skip `npm install`) and `--yes` / `-y` (non-interactive — requires a `name` and `--origin`).
|
|
25
|
+
|
|
26
|
+
What you get:
|
|
18
27
|
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
4. Select your forked `startup-api-cloudflare` repository
|
|
23
|
-
5. Pick the name for your site's worker (e.g. you might have multiple)
|
|
24
|
-
6. Deploy the Worker
|
|
25
|
-
7. In the **Settings** tab of your Worker, go to **Variables** and add the required `ORIGIN_URL` (see [Configuration](#configuration-details) below)
|
|
28
|
+
- A minimal `src/index.ts` that re-exports the worker plus a `wrangler.jsonc` you control. The framework ships as the `@startup-api/cloudflare` dependency, so your project stays small.
|
|
29
|
+
- A `.dev.vars` file with a random `SESSION_SECRET` for local development. For production, set your own with `npx wrangler secret put SESSION_SECRET`.
|
|
30
|
+
- Framework updates are just `npm update @startup-api/cloudflare` — no fork to rebase.
|
|
26
31
|
|
|
27
|
-
|
|
32
|
+
Then set the required `ORIGIN_URL` and any OAuth credentials (see [Configuration](#configuration-details) below) and run `npm run deploy`. See [create-startup-api](https://github.com/StartupAPI/create-startup-api) for full details.
|
|
28
33
|
|
|
29
|
-
|
|
34
|
+
### Automated deployments
|
|
30
35
|
|
|
31
|
-
|
|
32
|
-
```bash
|
|
33
|
-
git clone https://github.com/StartupAPI/startup-api-cloudflare.git
|
|
34
|
-
cd startup-api-cloudflare
|
|
35
|
-
npm install
|
|
36
|
-
```
|
|
37
|
-
2. **Configure Environment Variables**
|
|
36
|
+
`npm run deploy` deploys from your machine. To deploy automatically instead, push your scaffolded project to a GitHub repository and use either:
|
|
38
37
|
|
|
39
|
-
|
|
38
|
+
- **Cloudflare Workers GitHub app** — connect the repo to Cloudflare's [Workers Builds](https://developers.cloudflare.com/workers/ci-cd/builds/) Git integration and Cloudflare builds and deploys on every push, no CI config to maintain.
|
|
39
|
+
- **A GitHub Actions workflow** — run [`cloudflare/wrangler-action`](https://github.com/cloudflare/wrangler-action) on push to deploy with Wrangler. Add a `CLOUDFLARE_API_TOKEN` (and `CLOUDFLARE_ACCOUNT_ID`) repository secret so the action can authenticate.
|
|
40
40
|
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
```
|
|
41
|
+
Either way, set your production secrets (`SESSION_SECRET`, OAuth credentials) on the Worker in the Cloudflare dashboard or with `npx wrangler secret put` rather than committing them.
|
|
42
|
+
|
|
43
|
+
> **Working on the framework itself?** See [CONTRIBUTING.md](./CONTRIBUTING.md) for cloning and running this repository locally.
|
|
45
44
|
|
|
46
45
|
## Configuration Details
|
|
47
46
|
|
|
@@ -58,18 +57,18 @@ Use this option if you want to deploy from your local machine.
|
|
|
58
57
|
- **Using `wrangler.jsonc`:**
|
|
59
58
|
Add the variables to the `"vars"` object in your configuration file. See [Cloudflare documentation](https://developers.cloudflare.com/workers/wrangler/configuration/#environment-variables) for more details.
|
|
60
59
|
|
|
61
|
-
| Variable
|
|
62
|
-
|
|
|
63
|
-
| `ORIGIN_URL`
|
|
64
|
-
| `USERS_PATH`
|
|
65
|
-
| `AUTH_ORIGIN`
|
|
66
|
-
| `GOOGLE_CLIENT_ID`
|
|
67
|
-
| `GOOGLE_CLIENT_SECRET`
|
|
68
|
-
| `TWITCH_CLIENT_ID`
|
|
69
|
-
| `TWITCH_CLIENT_SECRET`
|
|
70
|
-
| `PATREON_CLIENT_ID`
|
|
71
|
-
| `PATREON_CLIENT_SECRET
|
|
72
|
-
| `PATREON_WEBHOOK_SECRET
|
|
60
|
+
| Variable | Required | Default | Description |
|
|
61
|
+
| :----------------------- | :------- | :-------- | :---------------------------------------------------------------------------- |
|
|
62
|
+
| `ORIGIN_URL` | **Yes** | N/A | The base URL of your origin application (e.g., `https://your-app-origin.com`) |
|
|
63
|
+
| `USERS_PATH` | No | `/users/` | The path used to serve internal assets like `power-strip.js` |
|
|
64
|
+
| `AUTH_ORIGIN` | No | N/A | Optional base URL for OAuth redirects (overrides request origin) |
|
|
65
|
+
| `GOOGLE_CLIENT_ID` | No | N/A | Google OAuth2 Client ID |
|
|
66
|
+
| `GOOGLE_CLIENT_SECRET` | No | N/A | Google OAuth2 Client Secret |
|
|
67
|
+
| `TWITCH_CLIENT_ID` | No | N/A | Twitch OAuth2 Client ID |
|
|
68
|
+
| `TWITCH_CLIENT_SECRET` | No | N/A | Twitch OAuth2 Client Secret |
|
|
69
|
+
| `PATREON_CLIENT_ID` | No | N/A | Patreon OAuth2 Client ID |
|
|
70
|
+
| `PATREON_CLIENT_SECRET` | No | N/A | Patreon OAuth2 Client Secret |
|
|
71
|
+
| `PATREON_WEBHOOK_SECRET` | No | N/A | Secret for verifying Patreon webhook signatures |
|
|
73
72
|
|
|
74
73
|
> Environment variables hold only credentials/secrets (OAuth client IDs and all secrets) plus the per‑deployment values `ORIGIN_URL`, `AUTH_ORIGIN`, `USERS_PATH`, `ADMIN_IDS`, and `ENVIRONMENT`. **All other configuration — OAuth scopes, Patreon campaign id, the access policy, entitlement freshness — is passed to the `createStartupAPI` factory** (see [Access policy & provider entitlements](#access-policy--provider-entitlements)).
|
|
75
74
|
|
|
@@ -144,7 +143,7 @@ By default the worker injects its own `<power-strip>` pinned to the top-right co
|
|
|
144
143
|
```
|
|
145
144
|
|
|
146
145
|
- **`providers` is optional.** If you omit it, the worker fills in the active providers for you (e.g. `providers="google,twitch,patreon"`). Set it yourself to override which login buttons appear.
|
|
147
|
-
- **Prefer an explicit closing tag.** `<power-strip></power-strip>` and `<power-strip/>` are both detected, but per the HTML spec `<power-strip/>` is
|
|
146
|
+
- **Prefer an explicit closing tag.** `<power-strip></power-strip>` and `<power-strip/>` are both detected, but per the HTML spec `<power-strip/>` is _not_ truly self-closing — the browser treats it as an open tag and nests the following content inside it. Use a closing tag (or place the element last in its container) to avoid surprises.
|
|
148
147
|
- **Script-only opt-out.** Use `<power-strip hidden>` to load `power-strip.js` (and its JS API) without rendering a visible strip.
|
|
149
148
|
|
|
150
149
|
## Access policy & provider entitlements
|
|
@@ -243,7 +242,12 @@ const api = createStartupAPI({
|
|
|
243
242
|
freshness: { ttl: true, cron: { schedule: '0 */6 * * *' }, webhook: true },
|
|
244
243
|
},
|
|
245
244
|
},
|
|
246
|
-
accessPolicy: {
|
|
245
|
+
accessPolicy: {
|
|
246
|
+
rules: [
|
|
247
|
+
/* ... */
|
|
248
|
+
],
|
|
249
|
+
default: { mode: 'public' },
|
|
250
|
+
},
|
|
247
251
|
});
|
|
248
252
|
|
|
249
253
|
export default api.default; // includes scheduled() because cron is enabled
|
|
@@ -254,7 +258,7 @@ export const { UserDO, AccountDO, SystemDO, CredentialDO } = api;
|
|
|
254
258
|
|
|
255
259
|
## Contributing
|
|
256
260
|
|
|
257
|
-
Contributions are welcome!
|
|
261
|
+
Contributions are welcome! See [CONTRIBUTING.md](./CONTRIBUTING.md) for how to clone, run, test, and submit changes to the framework.
|
|
258
262
|
|
|
259
263
|
## License
|
|
260
264
|
|