Skip to content

feat: Cloudflare Workers API — Decision Engine + Rate Limiting #3

Open
Open
feat: Cloudflare Workers API — Decision Engine + Rate Limiting#3
@Delqhi

Description

@Delqhi
Delqhi
opened on Apr 9, 2026

Objective

Deploy the server-side API on Cloudflare Workers with LLM decision engine.

Requirements

  • Deploy server/src/index.ts to Cloudflare Workers
  • Configure wrangler secrets (SUPABASE_URL, SUPABASE_SERVICE_KEY, STRIPE_SECRET_KEY, OPENAI_API_KEY)
  • Implement POST /api/v1/decide — LLM decision engine (SECRET SAUCE)
  • Implement POST /api/v1/evaluate-study — Study risk scorer
  • Implement POST /api/v1/persona — Dynamic persona answers
  • Rate limiting: 100 requests/hour per user
  • CORS restricted to extension origin only
  • Request logging to Supabase usage_logs
  • Error handling with structured error responses
  • Custom domain: api.opensin.ai

Security

  • All LLM prompts and decision logic stays server-side
  • Extension NEVER receives raw LLM responses — only structured actions
  • API keys are Cloudflare Worker secrets (never in code)

Acceptance Criteria

  • Worker deployed and reachable at api.opensin.ai
  • All endpoints validate JWT + subscription
  • Rate limiting blocks abuse (429 response)
  • Decision engine returns valid action objects

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions