A modern and complete boilerplate for building full-stack web applications with TanStack Start, designed for an optimal developer experience and focusing on business features.
- Complete Authentication with email/password (Better Auth)
- Provider Connection (Google, GitHub) with OAuth
- Full User Profile Management:
- Email modification with notification
- Secure password change + email notification
- Username update + email notification
- Profile picture upload and management (S3/Tigris)
- Account deletion + email notification
- Password Reset System with unique email code (1h expiration)
- Protected Routes and secure session management
- Role Management (Admin/User) with middleware
- CSRF Protection and data validation
- Integrated Rate Limiting
- Customizable Email Templates with React Email
- Automatic Emails:
- Welcome on signup
- Password change confirmation
- Email change notification
- Username change notification
- Account deletion confirmation
- Verification codes for sensitive actions
- Gmail SMTP Support with app passwords
- Full Stripe Integration:
- Monthly and annual subscriptions
- Webhooks for payment synchronization
- Customer portal for subscription management
- Transaction history
- Plan Management (Free/Pro) with restrictions
- Subscription Upgrades/Downgrades
- Automatic Revenue Calculations and MRR
- Responsive Sidebar with intuitive navigation
- Real-time Statistics:
- Total users
- Pro subscribers
- Total Revenue and MRR (Monthly Recurring Revenue)
- Average Revenue Per User (ARPU)
- Monthly/Annual subscription distribution
- User Management:
- Table with dynamic pagination
- Advanced filters (Admin, Subscription, Subscription Type)
- Real-time username search
- User role modification
- Bulk user deletion
- Modern Interface with loading states and animations
- S3/Tigris Integration for file storage
- Profile Picture Upload with:
- Intuitive drag & drop
- Real-time preview
- Automatic compression and optimization
- Secure deletion of old files
- Pre-signed URLs for secure uploads
- Error Handling and file type validation
- Responsive Design with Tailwind CSS
- Reusable Components with shadcn/ui:
- Forms with validation (React Hook Form + Zod)
- Elegant Toast notifications
- Modals and dialogs
- Badges and status indicators
- Avatars with online/offline states
- Dark/Light Theme with generic theme provider
- Fluid Animations with Framer Motion
- Loading States and skeletons
- User-friendly Error Handling
- Integrated XSS Protection
- API Rate Limiting
- Server and Client Validation with Zod (TanStack Start Server Functions)
- Optimized Security Headers
- Secure Sessions with Better Auth
- Route Protection Middleware
- Secure Password Hashing (Argon2)
- Centralized Error Handling
- TanStack Start with TanStack Router
- TypeScript for type safety
- React 19 with latest features
- Tailwind CSS 4 for styling
- shadcn/ui for UI components
- React Hook Form + Zod for validation
- TanStack Query for server state management
- Framer Motion for animations
- Lucide React for icons
- React Dropzone for uploads
- React Hot Toast for notifications
- TanStack Start Server Functions for backend logic
- Prisma ORM with Neon adapter
- PostgreSQL as main database
- Better Auth for modern authentication
- Argon2 for password hashing
- Integrated Rate Limiting
- Stripe for payments and subscriptions
- AWS S3/Tigris for file storage
- Gmail SMTP for sending emails
- React Email for email templates
- OAuth (Google, GitHub) for social auth
- ESLint for code quality
- Vitest for testing
- Docker for containerization
- Prisma Studio for database management
- Node.js 18+ (or Bun)
- PostgreSQL
- Stripe Account
- Gmail Account
- Clone and install
git clone [your-repo]
cd [project-name]
bun install # Recommended
# or npm install- Environment Variable Configuration
cp .env.example .env- Required Environment Variables
# Database
DATABASE_URL="postgresql://user:password@localhost:5432/db_name"
# Auth
AUTH_SECRET="your-secret"
BETTER_AUTH_URL="http://localhost:3000" # Updated for Better Auth
# Providers
GOOGLE_CLIENT_ID=""
GOOGLE_CLIENT_SECRET=""
GITHUB_CLIENT_ID=""
GITHUB_CLIENT_SECRET=""
# Email
SMTP_USER="your-email@gmail.com"
SMTP_PASSWORD="app-password"
# OR
RESEND_API_KEY=""
# Stripe
STRIPE_SECRET_KEY=""
STRIPE_WEBHOOK_SECRET=""
STRIPE_PRICE_ID=""
# App
VITE_APP_URL="http://localhost:3000"- Initialize Prisma
bunx prisma generate
bunx prisma db push- Create a Stripe account
- Configure a subscription product
- Note the PRICE_ID
- Configure the webhook (URL:
/api/webhooks/stripe)
Gmail Option:
- Enable 2FA
- Generate an App Password
Required configuration for file upload:
-
Create Tigris Account
- Go to fly.io/docs/reference/tigris/
- Create an account and bucket
-
Get API Keys
- In Tigris dashboard, go to "Access Keys"
- Create new access key
- Note
Access Key IDandSecret Access Key
-
β οΈ MANDATORY CORS Configuration{ "CORSRules": [ { "AllowedOrigins": ["http://localhost:3000", "https://your-domain.com"], "AllowedMethods": ["GET", "PUT", "POST", "DELETE"], "AllowedHeaders": ["*"], "MaxAgeSeconds": 3000 } ] }Without this CORS config, uploads will not work!
-
Tigris Environment Variables
AWS_ACCESS_KEY_ID="your-access-key-id" AWS_SECRET_ACCESS_KEY="your-secret-access-key" AWS_REGION="auto" AWS_ENDPOINT_URL_S3="https://fly.storage.tigris.dev" S3_BUCKET_NAME="your-bucket-name"
- Development
bun dev- Stripe Webhook (Development)
stripe listen --forward-to localhost:3000/api/webhooks/stripeTemplates are in emails/ (check project structure).
// Example modification
<Text>Customize your message here</Text>- Create plan in Stripe
- Add plan in
prisma/schema.prisma - Update UI components
- Go to Stripe Dashboard -> Product Catalog
- Click Create Product
- Copy Product/Price ID
- Add to
.env(e.g.,STRIPE_MONTHLY_PRICE_ID) - Use
process.env.STRIPE_MONTHLY_PRICE_IDin code
For more details, check:
For any questions:
- Check GitHub issues
- Create a new issue
- Check package documentation
MIT