Skip to content
Cube Commons Docs

Architecture Overview

Cube Commons runs entirely on the Cloudflare stack: Workers for compute, Pages for static hosting, D1 for storage, KV for caching.

Request Flow

Section titled “Request Flow”
Browser → Cloudflare Worker → Section Gate → CF Pages Origin
              ↓                    ↓
          Token validation    Scope check
          Cookie set          TOTP check
          Rate limiting       Access logging

Components

Section titled “Components”
  • Worker — Single Cloudflare Worker (cubecommons-gate) intercepts all *.cubecommons.org traffic
  • Pages — 27 independent Cloudflare Pages projects, one per subdomain
  • D1cube-ledger database for persistent state
  • KV — Three namespaces: ADMIN (founder state), TOKENS (token cache), KV (scope cache)

Subdomain Map

Section titled “Subdomain Map”

Each subdomain maps to a Pages project origin. The worker extracts the subdomain from the Host header and proxies to the correct origin after auth checks.