Authentication
Email + password with verification. Google OAuth out of the box. Magic links and passkeys on Pro+. Forgot-password flow. Session management. CSRF protection. We use Better-Auth so there's no MAU pricing cliff to worry about.
What you get
Everything a real product needs.
The same stack a Series A team would pick. Modern, scalable, boring in the right places. You own all of it.
The stack
Tools we know cold.
| Frontend | Next.js 16 · App Router · React 19 · TypeScript strict |
|---|---|
| Styling | Tailwind v4 · shadcn/ui primitives · Radix |
| Hosting | Cloudflare Pages + Workers |
| Database | Cloudflare D1 or Neon Postgres · Drizzle ORM |
| Auth | Better-Auth (email + Google + magic links + passkeys) |
| Payments | Stripe checkout + customer portal + webhooks |
| Resend (transactional + audiences) or AWS SES | |
| Analytics | PostHog (or Plausible if you prefer no-cookie) |
| Errors | Sentry |
| AI | Anthropic Claude or OpenAI APIs (Pro+) |
| Search | Pagefind static index + cmdk palette |
Database
Postgres schema designed around your data model on Day 1. Drizzle ORM for typed queries shared between client and server. Migrations versioned and committed. Seed data so the app works on day-zero. Backups configured.
Marketing site
Custom-branded landing page with hero, features, pricing, FAQ, and CTA, built on the same component library this site uses. SEO baseline (sitemap, schema, OG, Open Graph image generation) wired on day one.
Dashboard
Sidebar layout, account settings, billing portal link. Multi-page navigation on Pro+. Multi-tenant org switcher on Launch Custom. Built once, theme-able forever.
Payments
Stripe checkout with customer portal so users self-serve plan changes. Webhook handlers for subscription lifecycle (created, updated, canceled, payment_failed). Usage-based billing on request.
Transactional email
Verified sending domain on Cloudflare DNS. React Email templates for welcome, password reset, payment receipt, application updates. Single helper to send any of them. Resend Audiences wired for the newsletter.
Analytics
PostHog SDK installed with privacy-first defaults. Pageviews, CTA clicks, sign-ups, and conversion events instrumented. Funnel + retention dashboards configured. Replay opt-in.
SEO + GEO baseline
sitemap.xml, robots.txt with explicit AI-crawler allow-list, llms.txt + llms-full.txt, JSON-LD for Organization / Service / WebSite / FAQPage. OG image API. RSS feed for the blog. hreflang stubs for forward compat.
What you own at the end
All of it. In your name.
- GitHub repo, private, in your account from day one.
- Cloudflare account, Pages, Workers, D1, KV, R2, all bound to your email.
- Stripe account, registered to your business, payouts to your bank.
- Domain + email + transactional sending, DNS in your Cloudflare, sending domain verified.
- Analytics + error tracking, PostHog and Sentry projects in your name.
Ready to ship?
60-second application. Same-day response.