This guide will help you deploy AuthMaster to Cloudflare.
- Node.js 18 or later
- Cloudflare Account
- Wrangler CLI
npm installLogin to your Cloudflare account:
npx wrangler loginCreate a new D1 database:
cd packages/worker-api
npx wrangler d1 create authmaster-dbCopy the database ID from the output and update wrangler.toml:
[[d1_databases]]
binding = "DB"
database_name = "authmaster-db"
database_id = "your-database-id-here"Apply the database schema:
npx wrangler d1 migrations apply authmaster-dbCreate a KV namespace for caching:
npx wrangler kv:namespace create "CACHE"Update wrangler.toml with the KV namespace ID:
[[kv_namespaces]]
binding = "CACHE"
id = "your-kv-namespace-id-here"Generate and set secret keys:
# Generate a random JWT secret
npx wrangler secret put JWT_SECRET
# Generate an encryption key
npx wrangler secret put ENCRYPTION_KEYUpdate wrangler.toml with your domain information:
[vars]
FRONTEND_URL = "https://auth.yourdomain.com"
ISSUER = "https://api.auth.yourdomain.com"For local development, create .dev.vars file in packages/worker-api/:
JWT_SECRET=your-generated-jwt-secret-32-bytes-hex
ENCRYPTION_KEY=your-generated-encryption-key-32-bytes-hex
FRONTEND_URL=http://localhost:3000Create .env file in packages/web-console/:
VITE_API_URL=http://localhost:8787For production, update the environment variable during deployment:
# Via Cloudflare Pages dashboard: Settings > Environment variables
VITE_API_URL=https://api.auth.yourdomain.comConfigure local environment variables first by creating .dev.vars:
cd packages/worker-api
cat > .dev.vars << EOF
JWT_SECRET=$(node -e "console.log(require('crypto').randomBytes(32).toString('hex'))")
ENCRYPTION_KEY=$(node -e "console.log(require('crypto').randomBytes(32).toString('hex'))")
FRONTEND_URL=http://localhost:3000
EOFStart the development server:
npm run devThe API will be available at http://localhost:8787.
Deploy to Cloudflare Workers:
Create `.env` file with your backend API URL:
```bash
cd packages/web-console
cat > .env << EOF
VITE_API_URL=http://localhost:8787
EOFStart the development server:
Your API will be deployed to a `*.workers.dev` domain. You can configure a custom domain in the Cloudflare dashboard.
## Deploy Frontend
### Development
Start the development server:
```bash
cd pacthe frontend:
```bash
cd packages/web-console
npm run buildDeploy to Cloudflare Pages:
npx wrangler pages deploy dist --project-name=authmasterImportant: After deployment, configure the VITE_API_URL environment variable in Cloudflare Pages dashboard:
- Go to Cloudflare Pages
- Select your project
- Go to "Settings" > "Environment variables"
- Add variable:
VITE_API_URL=https://api.auth.yourdomain.com - Redeploy for changes to take effect
Alternatively, you can connect your GitHub repository to Cloudflare Pages for automatic deployments:
-
Go to Cloudflare Pages
-
Click "Create a project"
-
Connect your GitHub repository
-
Set build settings:
- Build command:
npm run build - Build output directory:
dist - Root directory:
packages/web-console
- Build command:
-
Set environment variables:
VITE_API_URL= `https://api.auth.yourdomain.com repository to Cloudflare Pages for automatic deployments:
-
Go to Cloudflare Pages
-
Click "Create a project"
-
Connect your GitHub repository
-
Set build settings:
- Build command:
npm run build - Build output directory:
dist - Root directory:
packages/web-console
- Build command:
- Go to Cloudflare Workers
- Select your worker
- Click "Triggers" > "Custom Domains"
- Add your custom domain (e.g.,
api.auth.yourdomain.com)
- Go to Cloudflare Pages
- Select your project
- Click "Custom domains"
- Add your custom domain (e.g.,
auth.yourdomain.com)
Create a staging environment:
# Deploy backend to staging
cd packages/worker-api
npx wrangler deploy --env staging
# Deploy frontend to staging
cd packages/web-console
npx wrangler pages deploy dist --project-name=authmaster-stagingDeploy to production:
# Deploy backend to production
cd packages/worker-api
npx wrangler deploy --env production
# Deploy frontend to production
cd packages/web-console
npx wrangler pages deploy dist --project-name=authmasterView real-time logs:
npx wrangler tailCloudflare provides built-in analytics for Workers and Pages:
- Workers: https://dash.cloudflare.com/workers
- Pages: https://dash.cloudflare.com/pages
Verify your database connection:
npx wrangler d1 execute authmaster-db --command "SELECT * FROM users LIMIT 1"List KV namespaces:
npx wrangler kv:namespace listCheck deployment status:
npx wrangler deployments listView deployment logs:
npx wrangler tail --format pretty- Secrets: Never commit
JWT_SECRETorENCRYPTION_KEYto version control - Environment Variables: Use different API URLs and secrets for development, staging, and production
- CORS: Configure appropriate CORS settings in production by setting
FRONTEND_URLcorrectly - Rate Limiting: Enable Cloudflare rate limiting rules
- WAF: Enable Cloudflare Web Application Firewall
- SSL: Always use HTTPS in production
- Secret Rotation: Rotate secrets periodically and after any suspected compromise
| Variable | Required | Description | Example |
|---|---|---|---|
JWT_SECRET |
Yes | Secret key for JWT signing (32 bytes hex) | abc123... |
ENCRYPTION_KEY |
Yes | Secret key for data encryption (32 bytes hex) | def456... |
FRONTEND_URL |
Yes | Frontend URL for CORS and redirects | https://auth.yourdomain.com |
ISSUER |
Optional | OAuth issuer identifier | https://api.auth.yourdomain.com |
Configuration Files:
- Local development:
.dev.vars(not committed to git) - Production: Cloudflare Workers secrets +
wrangler.tomlvars
| Variable | Required | Description | Example |
|---|---|---|---|
VITE_API_URL |
Yes | Backend API base URL | https://api.auth.yourdomain.com |
Configuration Files:
- Local development:
.env(not committed to git) - Production: Cloudflare Pages environment variables
Export database data:
npx wrangler d1 export authmaster-db --output backup.sqlImport database data:
npx wrangler d1 execute authmaster-db --file backup.sqlExample GitHub Actions workflow:
name: Deploy
on:
push:
branches: [main]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 18
- run: npm install
- run: npm run build
- name: Deploy Worker
run: npx wrangler deploy
env:
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}For issues or questions:
- GitHub Issues: https://github.com/PythonSmall-Q/AuthMaster/issues
- Documentation: https://github.com/PythonSmall-Q/AuthMaster/docs