Docs

Search documentation

Jump to a documentation page.

PricingMarketingApp

Search documentation

Jump to a documentation page.

Overview

System overview

High-level architecture for the YourNextSaaS monorepo: deployable apps, shared packages, auth, admin, and cross-cutting features.

Monorepo layout

  • pnpm workspace: apps/web (TanStack Start, product), apps/docs (developer documentation site), apps/marketing (public site).
  • Shared code: packages/core (config, origins), packages/server (DB, auth, billing, webhooks), packages/shared (UI, hooks, features).
  • Boilerplate sales landing: a separate repository yournextsaas-landing (not listed under apps/ here). See Monorepo and subdomains.

Production hosts

  • Marketing apex — landing, pricing, legal, SEO, sitemap.
  • app.* — authenticated product (dashboard shell, settings, APIs).
  • docs.* — this documentation site.

Better Auth

  • BETTER_AUTH_URL must be the product origin (where /api/auth is served).
  • BETTER_AUTH_TRUSTED_ORIGINS must list every browser origin in use (marketing + app in production).
  • Optional BETTER_AUTH_COOKIE_DOMAIN (e.g. .yournextsaas.xyz) for shared cookies across subdomains.

Details: Auth & sessions.

Operator console

  • /admin/* on the product app (same shell as the dashboard).
  • Dashboard / includes usage analytics via server functions scoped to the user’s orgs.
  • Platform admins also load aggregate KPIs and catalog-based estimates where implemented.

Settings and workspace

  • Settings layout wraps /settings/*.
  • Workspace actions: packages/server/src/org/workspace-actions.ts (profile name, create org, list members).
  • Onboarding checklist: /onboarding.

Audit log

  • Org-scoped audit_log_entries (actor, action, resource, metadata, IP).
  • Settings UI: /settings/audit-log.
  • Server: packages/server/src/audit/*.
  • Typical writes: workspace create/delete, API key create/revoke, Stripe checkout/portal, invitation create/revoke/accept, project and task lifecycle, workspace JSON export.

Invitations

  • Table organization_invitations with token hash.
  • Create/list/revoke on Team settings; accept at /invite/$token.
  • Sign-in/up support ?redirect= for returning to the invite link.
  • In-app notifications (header bell): creating an invite adds workspace_invitation_sent for the inviter (scoped to that org, link to Team settings). If the invited email already belongs to a user, workspace_invitation_received is stored with no organization_id so it still appears while another workspace is active; clicking the notification opens the invite accept URL and marks it read. Server: packages/server/src/notifications/workspace-invitation-notifications.ts and createOrgInvitation in invite-actions.ts.

Webhooks (outbound)

  • Tables webhook_endpoints and webhook_deliveries.
  • Settings: /settings/webhooks.
  • Server: packages/server/src/webhooks/*.
  • Signed POSTs: X-YNS-Signature, X-YNS-Event, X-YNS-Delivery.
  • Dispatched on workspace create/delete, project and task lifecycle, invite lifecycle, and manual webhook.ping tests. Event names match WEBHOOK_EVENTS in packages/server/src/webhooks/webhook-events.ts.

SEO and marketing

  • Public routes use SEO helpers, VITE_SITE_URL, dynamic sitemap.xml, and public/robots.txt on the marketing app.

See SEO & discoverability.

i18n and RTL

  • Root route context exposes locale (en | ar) from cookie yns_locale and Accept-Language.
  • AppI18nProvider + messages under shared i18n paths; RTL via dir="rtl" on <html> for Arabic.

See i18n & RTL.

Related