search

denoland / saaskit

A modern SaaS template built on Fresh.
https://deno.com/saaskit
MIT License
1.21k stars 148 forks source link

Roadmap #60

Closed lambtron closed 1 year ago

lambtron commented 1 year ago

This issue exists as a continually growing roadmap for SaaSKit. The eventual goal is to provide a framework where developers can launch a SaaS app in a single afternoon (aka cloning this repo, making the necessary adjustments in the code, and then deploying it). Here are items that I think we'll need to get there.

v1

Post v1

Open to discussion as well, so feel free to leave your thoughts below.

iuioiua commented 1 year ago
  • [ ] add UI theme system with a library of at least 3 themes to start. These themes should include a blog, landing page, /dashboard, and user profile
  • [ ] add error monitoring and observability (we can select a popular observability tool for this... telemetry?)
  • [ ] add simple email capture or newsletter integration
  • [ ] add multi-factor authentication via SMS/Authy

IMO, these can be left until v1. V1 should focus on getting the fundamentals right before expanding functionality. I'm happy with the others being there. I've added what else I think should be in v1 to the initial comment. WDYT?

ajile-in commented 1 year ago

Consider another Auth option of Passkeys. May be using SimpleWebAuthn

iuioiua commented 1 year ago

Consider another Auth option of Passkeys. May be using SimpleWebAuthn

I very much like this idea. However, I'd like to stick to using Supabase for such a feature, and WebAuthn is currently unsupported but will be one day (see here).

If someone were to implement this feature now, with a fork of Deno Hunt / Deno SaaSKit, we'd be more than happy to showcase it 😄

iuioiua commented 1 year ago

Deno SaaSKit now has the desired features we'd like for v1. Now, we need to shift to polishing the codebase so that it's impressive enough, from a technical standpoint, for the v1 launch. Upcoming PRs should focus on the following:

Suggestions are also welcome!

mrtornado commented 1 year ago

hello, great job so far(thanks for the work), I think we need like a github header where the user avatar is displayed and when you click on it something opens with account and other user options like change password, user profile and so on.

Also I think we need something else beside github, like a normal email signup / login would be nice and maybe google login, the google login would be an example on how to operate with more Oauth providers not just one.

iuioiua commented 1 year ago

Thanks!

I think we need like a github header where the user avatar is displayed and when you click on it something opens with account and other user options like change password, user profile and so on.

Do you mean to change the GitHub password and change the GitHub user profile from within Deno Hunt? If so, Deno Hunt doesn't manage this data but rather only ever reads it.

Also I think we need something else beside github, like a normal email signup / login would be nice

The codebase did this, in a previous version, using Supabase. We migrated to OAuth + KV to showoff KV. I think this issue is just a matter of appropriately pointing out previous repo versions clearly.

maybe google login, the google login would be an example on how to operate with more Oauth providers not just one.

We deliberately stick to a single OAuth provider (GitHub) to keep things simple. Again, I think we should improve upon documentation to show how other OAuth providers can be used (which is quite easy).

mrtornado commented 1 year ago

Hi @iuioiua, thanks for answering. For the first point no I didn't mean to change the github password or github details, I know Deno hunt just reads it, I was think just like to show the login state in the header basically and have like a sidebar menu just like github has, where you could access the member profile and other things like admin dashboard if user is admin. Hope you got my point this time. But yea this won't work without my second point where we save the username and password in the database, that's where the password change ideea was going :)

If we would save the username and password in our kv database. For example what I did in one of my sites, if they use any oAuth logins , I have discord and google setup they are asked to setup a password first time they login and I just drop there encrypted password to a members table, and for oauth logins that's another table called social where I put the social logins for each member and I connect them to the member table. Anyway I mean just a plain login / sign up to showoff KV and maybe salted passwords and so on. Not only just oauth login. Personally I would like to know how all that would function with KV. And personally I think a username / pass -> sign in / sign up it's must in any production application , you can't really relay only on just oAuth login. (at least that's my opinion).

iuioiua commented 1 year ago

Right, I'm not strongly opposed to a sidebar. I want to pursue a sidebar once the current traditional header and footer elements are no longer sufficient as navigation elements. So far, they're doing the job well.

We use OAuth instead of usernames and passwords because not storing any passwords is far more secure than storing passwords with any degree of security measures. Having usernames and passwords would also introduce more factors to consider, such as creating and updating this data. OAuth is super versatile and widely used. And the data already exists - it's just a matter of reading it. In the spirit of keeping things as simple as possible, I think OAuth is great!

Perhaps, we should consider supporting usernames and passwords in the future. However, it would have to be done with great care.

lambtron commented 1 year ago

For posterity sake: we are closing this roadmap issue. Please refer to remaining v1 issues via the v1 issue tag: https://github.com/denoland/saaskit/issues?q=is%3Aopen+is%3Aissue+label%3Av1