A Nuxt 3 + TypeScript monorepo for securely demoing client prototypes behind access codes.
- A client visits the landing page and enters their unique access code
- The server validates the code against Supabase, issues an HTTP-only session cookie
- The client is redirected to their protected prototype route
- Access lasts for the current browser session only
- Nuxt 3 (SSR) — public shell + prototype routes
- Supabase — access code validation and session backing
- pnpm workspaces — monorepo with
apps/web+packages/* - Vercel — deployment target
- Vitest — unit tests | Playwright — e2e tests
# Prerequisites: Node 22+, pnpm 10+, Supabase CLI
# 1. Install dependencies
pnpm install
# 2. Copy and fill environment variables
cp .env.example .env
# 3. Start local Supabase
supabase start
supabase db reset # runs migrations + seed
# 4. Start the dev server
pnpm dev| Variable | Description |
|---|---|
SUPABASE_URL |
Your Supabase project URL |
SUPABASE_SERVICE_ROLE_KEY |
Service role key (server-only, never exposed to client) |
SUPABASE_ANON_KEY |
Public anon key |
# Unit tests
pnpm --filter @agency/web exec vitest run
pnpm --filter @agency/shared exec vitest run
# E2E tests (requires dev server + local Supabase running)
pnpm --filter @agency/web exec playwright testSee docs/runbooks/adding-prototype.md.
- Push to GitHub — CI runs unit tests + build
- Connect repo to Vercel
- Set
SUPABASE_URLandSUPABASE_SERVICE_ROLE_KEYin Vercel environment variables - Deploy