Jamstack, WordPress, and everything in between

Toolkit that grows with your stack.

Three tracks of packages — jamstack, WordPress, and the bridging layer between them. Start with what you need. Add more as your scope grows. Every package is Cloudflare-native or PHP+MySQL at its foundation.

Read the philosophy See the setup

Three parallel tracks

Every track is first-class.

A package in one track isn't a second-class citizen because it doesn't touch the others. Real agencies work across all of them.

Jamstack

Static SSG sites, edge-rendered apps, Cloudflare-native stacks. Auth, dashboards, forms, commerce — packages that work standalone.

WordPress

Classic WordPress sites that stay WordPress. Plugins that improve WP workflows without requiring any decoupling.

Bridging

The connective tissue. Headless content export, auth continuity across decoupled splits, forms and commerce flows spanning both stacks.

Read the full philosophy →

Product stack

Auth ships first. WordPress and commerce packages come next.

Auth

v1 available now

Ship passwordless login in minutes. Scale to managed providers when you're ready.

Magic-link auth with hashed tokens and D1 sessions — zero external dependencies.
Pluggable providers — upgrade from DIY to Better Auth or Firebase without rewriting app code.
Subscriber auth — a newsletter form that doubles as an invisible login surface.
WordPress auth bridge — keep login continuity while decoupling routes to Astro.

Read the auth docs → Try the playground →

Planned

SSG Export

Pull WordPress content into Astro at build time. Incremental, auth-aware.

Planned

Form Bridge

Expose Gravity Forms to headless frontends. Submissions route through WordPress.

Planned

Headless Commerce

Cart, checkout, and account flows from WooCommerce via API.

Modular scaling — start simple, grow without rewrites

DIY magic-link

Zero runtime dependencies, hashed tokens, D1 sessions, and one email field.

Better Auth

Stay Cloudflare-native when you need OAuth and MFA with self-hosted control.

Firebase Auth

Use managed auth for hybrid WordPress stacks and compliance-heavy programs.

Getting started

Wire it once. Own the viewer.

This mirrors the integration shape in the host app docs, but keeps jampress.pw itself fully static.

See the auth flow in action — magic-link login, subscriber auth, and the viewer contract working end-to-end.

import { createAuthInstance } from "@jampress/auth-astro-workers";
import { createZeptomailSender } from "@jampress/auth-astro-workers";
import { createMagicLinkProvider } from "@jampress/auth-provider-magic-link";
import { createD1Storage } from "@jampress/auth-storage-d1";
import { env } from "cloudflare:workers";

const storage = createD1Storage(env.AUTH_DB);
const email = createZeptomailSender({
  secret: env.ZEPTOMAIL_SECRET,
  fromAddress: "no-reply@your-app.com",
  fallbackFromAddress: "no-reply@jampress.pw",
});

const provider = createMagicLinkProvider({
  storage,
  email,
  buildMagicLinkUrl: (token, redirectTo) => {
    const url = new URL(redirectTo || "/api/auth/verify", "https://your-app.com");
    url.searchParams.set("token", token);
    return url.toString();
  },
});

export const auth = createAuthInstance({
  provider,
  storage,
  email,
  csrf: { allowedOrigins: ["https://your-app.com"] },
  session: { cookieName: "jp_session", ttlSeconds: 60 * 60 * 24 * 7 },
});