BFF.

The BFF is the single trusted entry point for sushrutalgs.ai. Both the web and iOS apps call it instead of holding backend secrets or duplicating auth and billing logic. It verifies who the user is, enforces their daily usage limit, and forwards the request to the AI backend.

• One gateway, two clients. It accepts an iOS bearer token or a web auth cookie and verifies Supabase JWTs at the edge, so neither client embeds the backend API key.
• Atomic quota. A plan-aware daily limit is enforced through a single Supabase database function against the same row the apps read for their usage display, giving one source of truth.
• Streaming pass-through. The query endpoint streams server-sent events back byte for byte, failing closed on quota or backend errors.

Live in staging and production at about 14 ms of edge overhead, a roughly 33 KB gzipped bundle, and JWT verification at p95 around 0.13 ms. Quota enforcement measured about 9,200 operations per second on a single hot row, with verified fail-closed mapping and zero errors through 200 concurrent requests.

TypeScript and Hono on Cloudflare Workers, with the jose library for JWT and JWKS verification, Supabase for auth and the quota function, and Cloudflare Access service tokens for upstream auth. Staging auto-deploys on push; production is gated by a release, so the iOS app's uptime is decoupled from web deploys.