Features
Everything a SaaS needs on day one, already wired together. Here's what each system does and where it lives in the codebase.
Authentication
NextAuth integrated with Supabase Auth. Supports Google OAuth and passwordless email magic links (sent via Mailgun, or printed to the terminal in development). Sessions use the JWT strategy; protected routes are gated in middleware.ts.
Payments
Stripe Checkout with subscription management. Price IDs are resolved from env (STRIPE_PRICE_BASIC, _PRO, _ENTERPRISE) so you can swap plans without code changes. Signed webhooks at /api/webhooks/stripe keep subscription state in sync.
Database
Supabase (PostgreSQL) with a ready migration at supabase/migrations/0001_initial_schema.sql, users, subscriptions and related tables, with Row Level Security enabled. Type-safe models live in models/.
Mailgun for all transactional email: verification, password reset, welcome and magic-link messages. Configure with MAILGUN_API_KEY, MAILGUN_DOMAIN and MAILGUN_FROM_EMAIL.
UI & theming
shadcn/ui components on Tailwind CSS, with dark mode, a theme system and feature flags for gradual rollouts. A reusable form system with validation lives under components/ui/form.
Testing
Jest + React Testing Library for unit and integration tests, and Playwright for end-to-end flows (auth, forms, navigation, accessibility). Run npm run test and npm run test:e2e.
Security is a feature too, see the security model for rate limiting, CSRF, headers and validation.