This image, with its blend of cloud shapes, digital keys, and user icons, is designed to evoke a sense of seamless integration and digital security,

Cloudflare Workers User Management and Session Framework

If you’ve been keeping up with my blog posts and GitHub Profile, you’ll know that I’ve been exploring the world of Cloudflare Workers. I am working on a personal project perfectly suited for stateless architecture and serverless compute, so I am utilizing Cloudflare Workers.

The Problem

However, I soon realized I needed a web admin. This admin must maintain some state, such as logging in as a valid Admin. It also needs to track the data a user is working on and the context of that work. So, I opted for a more conventional “session” with state. This choice was instead of using an ever-expanding JWT token and repeatedly loading and transforming data from a database. Call me old fashioned.

The Solution

So I’ve created a simple framework for Cloudflare Workers which combines a stateful Session (via API and stored in KV) and a set of User functions: Registration, Login, Logout, and Forgot Password. When you log in, the system sets a session cookie that you can use to load the Session state into any Worker.

So, what is “Workers-Users“? In essence, it’s a user management system that is specifically designed for Cloudflare Workers. If you’ve ever found yourself wrestling with user authentication and session management in the serverless world… That’s where “Workers-Users” comes in. This project aims to simplify user management, making it more accessible for developers working in the serverless environment of Cloudflare Workers.

I’m sure some stateless purists are frothing at the mouth at this point, and I apologize for the stress:). But this is going to be pretty useful for me, and potentially others, so I wanted to share it.

The framework is in a public GitHub repo, and currently is setup as a lerna mono-repo. It contains two Cloudflare Workers, and a Cloudflare Pages site. The Pages site has a front end for all the User flows. You can use this as a starting place or example.

Get Involved!

I’m genuinely excited about the potential of “Workers-Users” and the impact it could have on serverless projects. I encourage you to check it out on GitHub, give it a spin, and let me know your thoughts. Whether it’s a bug report, a feature request, or just a shoutout, I’m all ears. Collaboration is the key to innovation, and together, we can make “Workers-Users” something truly special. There’s plenty of additional features that I could see being useful: Social Logins, Session Killing, Leveraging JWT, etc…


Posted

in

by

Comments

2 responses to “Cloudflare Workers User Management and Session Framework”

  1. RODNEY SYKES Avatar

    This is a really interesting project! I’ve been looking for a way to handle user management in my Cloudflare Workers project, and Workers-Users seems like a great solution. I especially like the approach of using sessions instead of ever-growing JWTs.

    I’m definitely going to check out the GitHub repo and see if I can integrate it into my project. The included example with Cloudflare Pages is a big plus as well.

    One question – have you considered adding support for role-based access control (RBAC) in the future? That would be a valuable feature for more complex applications.

    Thanks for sharing this – I’m excited to see how Workers-Users develops!

    1. Devon Avatar

      Rodney,

      Thanks for the kind words! Let me know if you need any help with the integration, the project is still pretty new and I am not the best documentation writer so I am sure there are gaps.

      Currently the framework is only providing simple authentication and isn’t doing any authorization (roles, permissions, etc…), however I agree for most real world uses, you will need to add authorization functionality. So I should probably add some core features to the framework. I will create a GH Issue for that so I don’t lose track.

      The simplest approach would be to add a Roles table and UserRoles mapping table to the D1 database, and probably a Permissions and RolePermissions mapping tables, and load all that in to the User. So you don’t need to wait for me, but it also shouldn’t take me too long to add it… :)

Leave a Reply

Your email address will not be published. Required fields are marked *

PHP Code Snippets Powered By : XYZScripts.com