Aurora.
Enterprise-grade, multi-tenant SaaS platform that combines a visual website builder and a service-booking engine into a single cohesive system. It enables users to construct custom, high-performance websites, maintain rich blog channels, accept online appointments, manage staff roles, and publish their sites under custom subdomains or fully branded custom domains.
Monorepo architected with Turborepo and pnpm workspaces. Built with Next.js 14, Tailwind CSS v4, and TipTap on the frontend dashboard, and a Node.js + Express API in TypeScript on the backend. Strictly validated using Zod, integrated with Prisma ORM and PostgreSQL, and leverages flat-file site publishing to Cloudflare R2 with a Next.js proxy routing layer.
Visual website builder
Drag-and-drop or reorder section templates with custom styles_jsonb overrides stored per-section (colors, gradients, alignments) with real-time in-dashboard previews.
TipTap blog CMS
Full-featured TipTap blog editor with secure backend image upload proxy to Cloudflare R2 and a throttled 5-second auto-save to prevent data loss.
SEO & LLM discovery
Synchronizes content titles/excerpts into meta fields and automatically outputs sitemap.xml, robots.txt, and LLM-friendly llms.txt discovery manifests.
Booking & service catalogs
Service catalog page styling linked to themes, paired with client-facing booking slots, double-booking prevention, and automatic customer CRM profile generation.
Granular RBAC
Granular tenant-scoped roles and permissions enabling businesses to assign access controls across 30+ permissions in 7 modules (Bookings, Staff, Services, Settings, etc.).
Problem
Small-to-medium service businesses typically struggle with disconnected tools—using one service for their website, another for booking slots, and a third for their blog. This leads to high maintenance costs, fragmented customer data, and slow page speeds.
Solution
Aurora consolidates this ecosystem into a unified platform. Booking availability, service catalogs, blog posts, and website styling are controlled from one centralized dashboard and rendered instantly on a high-speed, SEO-optimized public website.
Monorepo & Frontend
- Next.js 14 App Router dashboard with responsive styling using Tailwind CSS v4.
- Word-style TipTap Rich Text Editor for blog management with automated SEO tag sync.
- Thin Next.js Proxy routing layer fetching flat JSON manifests from Cloudflare R2 to render client sites in sub-100ms.
Backend API
- Node.js and Express backend written in TypeScript with runtime requests strictly checked via Zod.
- Prisma ORM for schema migrations, handling structured relations in PostgreSQL.
- Two-Level JSON Web Token (JWT) system removing permission query bottlenecks.
Ops & Static Publishing
- Turborepo and pnpm workspaces to manage shared packages and microservices.
- Flat-file static website publishing to Cloudflare R2 object storage.
- On-demand Cloudflare CDN Cache Purging APIs triggered on publish updates.
- 01Architected a custom monorepo using Turborepo and pnpm workspaces to separate frontend, backend API, and UI themes.
- 02Implemented a two-level JWT auth system (Global Session + Tenant-Scoped Tokens) to eliminate DB joins for RBAC checks.
- 03Developed a visual site builder that serializes templates into JSON manifests and deploys them as static files on Cloudflare R2.
- 04Built a TipTap blog editor with automated SEO metadata generation and a throttled 5-second autosave mechanism.
- 05Programmed custom domain verification workflows and integrated Cloudflare Cache Purge APIs for instant CDN updates.
- Enforced strict tenant and instance isolation via middleware resolving headers (X-Tenant-ID / X-Instance-ID).
- Secured API endpoints with IP-based rate limiting and device fingerprint scoring for booking spam prevention.
- Used Zod schemas to ensure all request bodies, query params, and URL params match expected typings before reaching controllers.
- Why a two-level JWT is faster than querying database roles on every request.
- How serving websites via flat JSON manifests from R2 scales to thousands of domains at zero idle cost.
- How to build a reliable auto-save CMS editor with minimal database writes using throttled dirty-state synchronization.
- How granular tenant isolation is enforced at the controller and middleware level.