W WRNexusJS
Preview · runnable-project extraction pending

Secure task board

This tutorial connects the installed 0.2.15 APIs into one design. Snippets are limited to declarations and README patterns verified in the installed packages; a CI-compiled standalone fixture remains on the roadmap.

Application shape

A .wrn page renders tasks from an SSR API binding. A shared validation schema protects mutations. Session middleware identifies users, authorization policies gate updates, and a realtime room broadcasts changes.

Schema and create route

import { v, parseBody } from "@wrnexus/validation";
const task = v.object({ title: v.string().trim().min(3).max(120) });
export const POST = async (ctx) => {
  const parsed = await parseBody(task, ctx.req);
  if (!parsed.ok) return parsed.response;
  return Response.json({ ok: true, task: parsed.value }, { status: 201 });
};

Server-rendered list

page Tasks {
  ssr { api tasks GET /api/tasks { return tasks } }
  view {
    <main><h1>Tasks</h1><ul>
      {#each tasks as task}<li>{task.title}</li>{:empty}<li>No tasks yet.</li>{/each}
    </ul></main>
  }
}

Production checklist

  • Choose SQLite for local development or configure the supported PostgreSQL driver.
  • Run migrations before accepting traffic.
  • Enable session authentication and enforce authorization on every mutation.
  • Validate upload types and sizes; keep private objects behind authenticated routes.
  • Use Redis pub/sub when realtime rooms span processes.
  • Treat the default queue as non-durable until a production driver is selected.

Follow the focused database, authentication, authorization, realtime, and upload guides.