Next.js App Router Shell
Public marketing routes, account routes, user routes, admin routes, API routes, metadata, layouts, and shared navigation are already structured.
Features
BaselineNext combines a reusable application shell with product-neutral platform capabilities, giving future work a stronger starting point than a blank scaffold.
Ready-made public, account, user, and admin areas that can be renamed and extended for a new SaaS product.
Public marketing routes, account routes, user routes, admin routes, API routes, metadata, layouts, and shared navigation are already structured.
Home, features, FAQ, pricing, signup, login, legal, and onboarding pages provide a reusable starter website.
Authenticated account areas cover dashboard, users, billing, subscriptions, support, and settings workflows.
Separate account-owned user login flows support products that need both tenant administrators and end users.
Operational admin pages cover accounts, users, billing, pricing, support, audit events, jobs, observability, revenue, and settings.
Admins can list accounts, inspect account details, manage users, reset account passwords, revoke sessions, and change account-level admin flags.
Admin pages and APIs support lifecycle inspection, trial term overrides, trial resets, force activation, termination, recovery actions, and lifecycle event history.
Admin billing tools cover account invoices, webhook events, webhook replay, fleet health, sync status, products, pricing configs, pricing overrides, revenue, and invoice snapshots.
Central app name, app identity, logo assets, icons, manifests, public metadata, and email branding are ready to replace.
Light and dark theme plumbing is included through the shared theme provider and marketing/account controls.
Authentication, tenant ownership, session revocation, validation, and entitlement patterns are already wired.
Tenant-owner signup, verification, login, logout, password reset, password change, and profile settings flows are implemented.
Admin sessions are handled as a separate operational surface with server-side checks and dual-role account support.
Account-owned users have login, password management, login-link, and session eligibility checks.
Account owners can create users, edit identifiers and display names, enable or disable access, archive or restore users, reset passwords, and issue one-time login links.
Account, admin, and user session watermarks allow password changes, lifecycle transitions, and admin actions to invalidate stale sessions.
Accounts are the tenant root, with account-owned users and account-scoped reads and writes as the default pattern.
Governance prohibits id-only tenant access and requires explicit account and user scoping where ownership applies.
Reusable entitlement decisions connect account lifecycle and billing state to application access and user capacity.
Trial, active, expired, and terminated states include transition rules, lifecycle event history, session effects, and admin recovery paths.
API routes follow explicit JSON parsing, Zod validation, DTO response mapping, and standard 400, 401, 403, 404, and 422 semantics.
Next.js header tests and configuration provide a starting point for browser-facing security posture.
Stripe checkout, subscriptions, pricing, invoices, webhooks, taxes, and billing operations provide a reusable revenue layer.
Account checkout, free-trial subscription setup, card-first or card-after-trial billing, customer linking, and payment action handling are included.
Reusable billing settings support both card-first free trials and trials that collect payment details after the trial period.
Customers can be sent to Stripe-hosted subscription and payment method management through account billing routes.
Create, update, cancel, resume, cancel pending change, end trial early, and preview subscription changes are modeled.
Admin-managed products, pricing configs, active/default config selection, sale amount resolution, and marketing feature fields are available.
Public and account-facing pricing and tier readers expose reusable plan data without coupling UI to database rows.
Account invoice history, retry failed invoice, invoice snapshots, fleet invoice views, and revenue surfaces are included.
Provider webhook ingestion includes Stripe signature checks, duplicate handling, event mapping, lifecycle effects, and retry containment.
Admin replay routes and webhook health pages support operational recovery from provider event failures.
A tax registry and AUD GST handler demonstrate replaceable tax calculation and sales tax mode patterns.
Scheduled reconciliation jobs and admin health views help detect and repair account/provider state drift.
Postgres, Drizzle, Redis, cache wrappers, API DTOs, OpenAPI docs, and environment contracts form the technical base.
A Drizzle/Postgres schema covers accounts, users, session-revocation state, billing, audit, support, operations, jobs, platform configuration, and admin records.
Repo-local migration scripts generate, apply, and verify schema changes using .env.local without global database variables.
Transport DTOs live at the API boundary so UI code consumes stable response shapes instead of database or domain entities.
Client-rendered UI calls APIs through typed lib/api/client helpers with shared error-message handling and query keys.
The repository includes an OpenAPI document plus validation tooling to keep route documentation reviewable.
Upstash Redis client helpers support app-scoped runtime storage, cache wrappers, idempotency, one-time tokens, and rate limiting.
Redis keys are built through central helpers with app identity, environment isolation, segment validation, and observability-safe key handling.
Reusable cache wrappers cover entitlements, tenancy, platform configuration, product display names, and user context.
Shared rate-limit helpers and signup rate-limit integration provide a pattern for abuse protection that degrades intentionally.
Redis-backed idempotency claims and result persistence help protect signup and webhook-style flows from duplicate processing.
Public, server, edge, and migration environment helpers separate display metadata from trusted server URL and secret access.
Admin tooling, audit logs, support workflows, scheduled jobs, observability, and incident handling are built in.
API request boundaries use shared instrumentation for logging, correlation, metrics, and consistent error behavior.
Ops incidents capture sanitized diagnostic metadata, categories, retryability, route context, and admin workflow state.
Product and admin audit services record account changes, security actions, billing admin operations, and support/admin activity.
Architecture exceptions are documented in governance files so downstream project deviations have owners, rationale, mitigation, blast radius, and rollback paths.
Account support submission, admin support queues, request details, statuses, email notifications, and safe payload handling are available.
Resend-backed email plumbing includes signup verification, password reset, user login details, support notifications, and billing failure templates.
A job registry, execution records, locks, admin run controls, rerun-failed flow, orphan reaper, and internal job runner are included.
Request, failure, infrastructure, job, rate-limit, and latency counters feed admin health dashboards.
Admin operations pages expose incidents, notifications, route errors, request health, email health, and dashboard summaries.
Admins can review support requests, inspect request details, update status, and use summary endpoints for operational support work.
Admin audit pages and APIs expose product audit events, admin audit events, event details, actor context, and sanitized change deltas.
Admins can bootstrap scheduled jobs, view executions, trigger jobs, rerun failed work, sweep job state, and monitor reconciliation health.
Development-only admin tools manage runtime flags, Stripe test clock overrides, server time, webhook failure modes, and provider customer mappings.
Server-side platform configuration and admin settings provide a foundation for runtime feature and behavior controls.
Architecture governance, exception tracking, testing tiers, CI checks, local scripts, and E2E harnesses guide safe extension.
Reusable governance defines ownership boundaries for UI, routes, modules, persistence, shared libraries, DTOs, cache, env access, and testing.
A separate project governance overlay lets downstream apps add vocabulary, product rules, exceptions, anchors, and test notes without changing the reusable baseline.
Static scripts check dev imports, route/database boundaries, module import graphs, migration journal integrity, and OpenAPI validity.
Vitest unit tests, integration tests, route tests, cache tests, module tests, and Playwright E2E tests are configured.
Playwright billing scenarios, Stripe test-clock support, local/preview target selection, evidence capture, and handoff cases are included.
Scripts load .env.local for Next.js, migrations, schema verification, Playwright, Stripe workflows, and local deployment helpers.
Repo-local Codex skills capture governed implementation, daily review, Stripe Playwright debugging, and repository audit workflows.
Docs cover account lifecycle, billing integration, Redis keys, scheduled jobs, audit events, architecture boundaries, tenant write boundaries, and review evidence.