@startup-api/cloudflare 0.3.1 → 0.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +42 -38
  2. package/package.json +1 -1
package/README.md CHANGED
@@ -12,36 +12,35 @@ This application uses the Cloudflare Developer Platform, including Workers and D
12
12
 
13
13
  ## Installation
14
14
 
15
- ### Option 1: Cloudflare Workers GitHub Integration (Recommended)
15
+ Start a new project with the **`npm create startup-api`** scaffolder. It generates a tiny Cloudflare Worker that pulls this framework in as the [`@startup-api/cloudflare`](https://www.npmjs.com/package/@startup-api/cloudflare) npm dependency — so you stay up to date with `npm update` instead of maintaining a fork of this repository.
16
16
 
17
- This is the easiest way to deploy and keep your worker up to date.
17
+ ```bash
18
+ npm create startup-api my-app -- --origin https://your-app-origin.com
19
+ cd my-app
20
+ npm run dev # local dev at http://localhost:8787
21
+ npm run deploy # deploy to Cloudflare
22
+ ```
23
+
24
+ Run `npm create startup-api` with no arguments to be prompted for the project name and origin URL interactively. Useful flags: `--no-install` (skip `npm install`) and `--yes` / `-y` (non-interactive — requires a `name` and `--origin`).
25
+
26
+ What you get:
18
27
 
19
- 1. **Fork this repository** to your account
20
- 2. Go to your [Cloudflare Dashboard's Workers & pages > Create Application](https://dash.cloudflare.com/?to=/:account/workers-and-pages/create)
21
- 3. Click **Continue with GitHub**
22
- 4. Select your forked `startup-api-cloudflare` repository
23
- 5. Pick the name for your site's worker (e.g. you might have multiple)
24
- 6. Deploy the Worker
25
- 7. In the **Settings** tab of your Worker, go to **Variables** and add the required `ORIGIN_URL` (see [Configuration](#configuration-details) below)
28
+ - A minimal `src/index.ts` that re-exports the worker plus a `wrangler.jsonc` you control. The framework ships as the `@startup-api/cloudflare` dependency, so your project stays small.
29
+ - A `.dev.vars` file with a random `SESSION_SECRET` for local development. For production, set your own with `npx wrangler secret put SESSION_SECRET`.
30
+ - Framework updates are just `npm update @startup-api/cloudflare` — no fork to rebase.
26
31
 
27
- ### Option 2: Manual Installation (CLI)
32
+ Then set the required `ORIGIN_URL` and any OAuth credentials (see [Configuration](#configuration-details) below) and run `npm run deploy`. See [create-startup-api](https://github.com/StartupAPI/create-startup-api) for full details.
28
33
 
29
- Use this option if you want to deploy from your local machine.
34
+ ### Automated deployments
30
35
 
31
- 1. **Clone and Install**
32
- ```bash
33
- git clone https://github.com/StartupAPI/startup-api-cloudflare.git
34
- cd startup-api-cloudflare
35
- npm install
36
- ```
37
- 2. **Configure Environment Variables**
36
+ `npm run deploy` deploys from your machine. To deploy automatically instead, push your scaffolded project to a GitHub repository and use either:
38
37
 
39
- Update `wrangler.jsonc` or use dashboard **Settings** tab of your Worker, go to **Variables** and add the required `ORIGIN_URL` (see [Configuration](#configuration-details) below)
38
+ - **Cloudflare Workers GitHub app** connect the repo to Cloudflare's [Workers Builds](https://developers.cloudflare.com/workers/ci-cd/builds/) Git integration and Cloudflare builds and deploys on every push, no CI config to maintain.
39
+ - **A GitHub Actions workflow** — run [`cloudflare/wrangler-action`](https://github.com/cloudflare/wrangler-action) on push to deploy with Wrangler. Add a `CLOUDFLARE_API_TOKEN` (and `CLOUDFLARE_ACCOUNT_ID`) repository secret so the action can authenticate.
40
40
 
41
- 3. **Deploy**
42
- ```bash
43
- npm run deploy
44
- ```
41
+ Either way, set your production secrets (`SESSION_SECRET`, OAuth credentials) on the Worker in the Cloudflare dashboard or with `npx wrangler secret put` rather than committing them.
42
+
43
+ > **Working on the framework itself?** See [CONTRIBUTING.md](./CONTRIBUTING.md) for cloning and running this repository locally.
45
44
 
46
45
  ## Configuration Details
47
46
 
@@ -58,18 +57,18 @@ Use this option if you want to deploy from your local machine.
58
57
  - **Using `wrangler.jsonc`:**
59
58
  Add the variables to the `"vars"` object in your configuration file. See [Cloudflare documentation](https://developers.cloudflare.com/workers/wrangler/configuration/#environment-variables) for more details.
60
59
 
61
- | Variable | Required | Default | Description |
62
- | :--------------------- | :------- | :-------- | :---------------------------------------------------------------------------- |
63
- | `ORIGIN_URL` | **Yes** | N/A | The base URL of your origin application (e.g., `https://your-app-origin.com`) |
64
- | `USERS_PATH` | No | `/users/` | The path used to serve internal assets like `power-strip.js` |
65
- | `AUTH_ORIGIN` | No | N/A | Optional base URL for OAuth redirects (overrides request origin) |
66
- | `GOOGLE_CLIENT_ID` | No | N/A | Google OAuth2 Client ID |
67
- | `GOOGLE_CLIENT_SECRET` | No | N/A | Google OAuth2 Client Secret |
68
- | `TWITCH_CLIENT_ID` | No | N/A | Twitch OAuth2 Client ID |
69
- | `TWITCH_CLIENT_SECRET` | No | N/A | Twitch OAuth2 Client Secret |
70
- | `PATREON_CLIENT_ID` | No | N/A | Patreon OAuth2 Client ID |
71
- | `PATREON_CLIENT_SECRET`| No | N/A | Patreon OAuth2 Client Secret |
72
- | `PATREON_WEBHOOK_SECRET`| No | N/A | Secret for verifying Patreon webhook signatures |
60
+ | Variable | Required | Default | Description |
61
+ | :----------------------- | :------- | :-------- | :---------------------------------------------------------------------------- |
62
+ | `ORIGIN_URL` | **Yes** | N/A | The base URL of your origin application (e.g., `https://your-app-origin.com`) |
63
+ | `USERS_PATH` | No | `/users/` | The path used to serve internal assets like `power-strip.js` |
64
+ | `AUTH_ORIGIN` | No | N/A | Optional base URL for OAuth redirects (overrides request origin) |
65
+ | `GOOGLE_CLIENT_ID` | No | N/A | Google OAuth2 Client ID |
66
+ | `GOOGLE_CLIENT_SECRET` | No | N/A | Google OAuth2 Client Secret |
67
+ | `TWITCH_CLIENT_ID` | No | N/A | Twitch OAuth2 Client ID |
68
+ | `TWITCH_CLIENT_SECRET` | No | N/A | Twitch OAuth2 Client Secret |
69
+ | `PATREON_CLIENT_ID` | No | N/A | Patreon OAuth2 Client ID |
70
+ | `PATREON_CLIENT_SECRET` | No | N/A | Patreon OAuth2 Client Secret |
71
+ | `PATREON_WEBHOOK_SECRET` | No | N/A | Secret for verifying Patreon webhook signatures |
73
72
 
74
73
  > Environment variables hold only credentials/secrets (OAuth client IDs and all secrets) plus the per‑deployment values `ORIGIN_URL`, `AUTH_ORIGIN`, `USERS_PATH`, `ADMIN_IDS`, and `ENVIRONMENT`. **All other configuration — OAuth scopes, Patreon campaign id, the access policy, entitlement freshness — is passed to the `createStartupAPI` factory** (see [Access policy & provider entitlements](#access-policy--provider-entitlements)).
75
74
 
@@ -144,7 +143,7 @@ By default the worker injects its own `<power-strip>` pinned to the top-right co
144
143
  ```
145
144
 
146
145
  - **`providers` is optional.** If you omit it, the worker fills in the active providers for you (e.g. `providers="google,twitch,patreon"`). Set it yourself to override which login buttons appear.
147
- - **Prefer an explicit closing tag.** `<power-strip></power-strip>` and `<power-strip/>` are both detected, but per the HTML spec `<power-strip/>` is *not* truly self-closing — the browser treats it as an open tag and nests the following content inside it. Use a closing tag (or place the element last in its container) to avoid surprises.
146
+ - **Prefer an explicit closing tag.** `<power-strip></power-strip>` and `<power-strip/>` are both detected, but per the HTML spec `<power-strip/>` is _not_ truly self-closing — the browser treats it as an open tag and nests the following content inside it. Use a closing tag (or place the element last in its container) to avoid surprises.
148
147
  - **Script-only opt-out.** Use `<power-strip hidden>` to load `power-strip.js` (and its JS API) without rendering a visible strip.
149
148
 
150
149
  ## Access policy & provider entitlements
@@ -243,7 +242,12 @@ const api = createStartupAPI({
243
242
  freshness: { ttl: true, cron: { schedule: '0 */6 * * *' }, webhook: true },
244
243
  },
245
244
  },
246
- accessPolicy: { rules: [/* ... */], default: { mode: 'public' } },
245
+ accessPolicy: {
246
+ rules: [
247
+ /* ... */
248
+ ],
249
+ default: { mode: 'public' },
250
+ },
247
251
  });
248
252
 
249
253
  export default api.default; // includes scheduled() because cron is enabled
@@ -254,7 +258,7 @@ export const { UserDO, AccountDO, SystemDO, CredentialDO } = api;
254
258
 
255
259
  ## Contributing
256
260
 
257
- Contributions are welcome! Please feel free to submit a Pull Request.
261
+ Contributions are welcome! See [CONTRIBUTING.md](./CONTRIBUTING.md) for how to clone, run, test, and submit changes to the framework.
258
262
 
259
263
  ## License
260
264
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@startup-api/cloudflare",
3
- "version": "0.3.1",
3
+ "version": "0.3.2",
4
4
  "license": "Apache-2.0",
5
5
  "publishConfig": {
6
6
  "access": "public"