I built a Cloudflare Workers SaaS starter — auth, D1, rate limiting, no Auth0

Every time I start a project on Cloudflare Workers I end up rebuilding the same plumbing: sessions, a...

sabato 20 giugno 2026 New tab

197 words~1 min read

Every time I start a project on Cloudflare Workers I end up rebuilding the same plumbing: sessions, a D1-backed API, rate limiting. So I packaged it into a small starter called EdgeKit (Hono + D1 + KV). Sharing the approach here in case it's useful.

Auth without an external bill

No Auth0, no per-MAU pricing — just PBKDF2 via Web Crypto (runs natively on Workers) plus sessions in KV:

const salt = crypto.getRandomValues(new Uint8Array(16));

const key = await crypto.subtle.importKey("raw", enc(password), "PBKDF2", false, ["deriveBits"]);

I built a Cloudflare Workers SaaS starter — auth, D1, rate limiting, no Auth0

I built a Cloudflare Workers SaaS starter — auth, D1, rate limiting, no Auth0

Related reading

API Design Patterns for Cloudflare Workers: Minimal, Secure, Fast

Introducing @supabase/server

Shipping at the Edge: Migrating a Coffee Subscription Platform to Cloudflare…

400 ad accounts 3 subrequests = silent data loss in Cloudflare Workers (and how…

How to Build a Realtime Chat App on Cloudflare Workers (Without Managing a…

I Built a Production-Ready Node.js SaaS Boilerplate So You Don't Have To

Related reading

API Design Patterns for Cloudflare Workers: Minimal, Secure, Fast

Introducing @supabase/server

Shipping at the Edge: Migrating a Coffee Subscription Platform to Cloudflare…

400 ad accounts 3 subrequests = silent data loss in Cloudflare Workers (and how…

How to Build a Realtime Chat App on Cloudflare Workers (Without Managing a…

I Built a Production-Ready Node.js SaaS Boilerplate So You Don't Have To