Back to themes

Mindful Auth - Astro 6 Authentication Template for Cloudflare Workers & D1

The edge identity layer for Astro 6 + Cloudflare Workers. Mindful Auth is a developer-first logic "skeleton" designed for high-performance edge applications. This template gives you 100% data ownership by storing user records in your own Cloudflare D1 or Tape instance. Re-engineered for Astro 6, it leverages Middleware, CSP, and Astro Actions to deliver a secure, zero-latency authentication experience. Includes built-in support for Magic Links, TOTP 2FA, and Cloudflare Turnstile bot protection.

Get started Live demo
Cost

Free

Created by
Mindful Auth

🧘 Optimized for Astro 6 and Cloudflare Workers.


Mindful Auth is a production-ready authentication template re-engineered specifically for Astro 6 on Cloudflare Workers. It provides a secure, scalable, and privacy-focused authentication solution that runs entirely at the Edge. By leveraging Astro 6 Content Layer, Middleware, and CSP, it delivers a seamless authentication experience with zero latency.

Prerequisites

Ensure you have the following:

  • Node.js 22+
  • A Cloudflare Account (Free tier works perfectly for D1 and Workers).
  • Turnstile Site Key and Secret Key for bot protection (Free from Cloudflare).
  • A registered subdomain for onboarding in the Mindful Auth dashboard.
  • Wrangler CLI installed and authenticated (npx wrangler login).
  • A Postmark, Resend, or any other automation tools such as Make, n8n, or Zapier to handle transactional emails (verification, password reset, etc.).

🎁 Limited Beta: 20 Founding Developer Slots

We are looking for 20 developers to stress-test our Astro 6 + Worker implementation.

Quick Start

  1. Create a Mindful Auth account at app.mindfulauth.com/register.
  2. Set up your Astro frontend - Initialize your project using this template.
  3. Get Turnstile credentials - Add your Site Key and Secret Key (required for bot protection).
  4. Setup Email Webhooks - Connect Postmark, Resend, or Make/n8n. Includes a pre-configured Postmark handler.
  5. Setup your Backend - Initialize Cloudflare D1 Tables or connect your Tape Workspace.
  6. Onboard hostname - Add your deployment URL (e.g. portal.myapp.com) to the dashboard.
  7. Deploy your Worker - Use npm run build and npx wrangler deploy to push your changes to Cloudflare Workers.
  8. Set INTERNAL_API_KEY - Add this as an encrypted secret in your Cloudflare dashboard (never in .env).


Full docs: https://docs.mindfulauth.com

Mindful Auth Features

  • Astro 6.0+ Optimized - Native support for CSP, SSR, and Middleware.
  • Astro Actions Ready - Type-safe, client-to-server communication for all auth flows.
  • Fully Headless - Total control over your UI. No "black-box" components or forced styling.
  • Password Authentication - Traditional email + password with secure verification links.
  • Magic Link Authentication - Passwordless login with four distinct security layers.
  • Two-Factor Authentication - TOTP-based 2FA for maximum account security.
  • Audit Logs - Track all authentication events for security and compliance.
  • Six-Layer Defense System - Comprehensive rate limits, bot protection, and anomaly detection.
  • Shared Security Model - We secure the auth layer; you keep 100% control of your member data.

Need help?

Other themes to consider

View more themes