Trading Neural
ChartGPT Free trial FAQ's NinjaTrader About Privacy Policy Terms of Service Contact Docs Login
Free trial

Features

A real SaaS layout with an edge API: fast UX, safe-by-default auth, and a path to billing + licensing.

Frontend
Astro marketing + portal

Fast pages, clean components, and environment-driven links to API, docs, and portal.

Backend
Workers API + D1 + KV

D1 holds users and entitlements; KV holds sessions, one-time tokens, and rate-limits.

Security
Closed signup + magic links

No public signup. Stripe (later) creates accounts; magic links authenticate without passwords.

What you get

A sharper operating model, not a random pile of SaaS parts.

The site, portal, and API work best when each surface has one job. This baseline keeps the product legible now and leaves room for harder controls later.

Delivery
Deployable today
Marketing, docs, app, and API stay independently shippable.
Security posture
Small exposed surface
Closed signup, short-lived tokens, explicit account creation, minimal public write paths.
01

Magic-link auth (closed signup)

No public registrations. Stripe later becomes the account-creation event; email links sign users in without passwords.

auth
02

Licensing and activations

Bind licenses to users and enforce entitlements from the edge API. Track activations per machine and revoke when needed.

license
03

Workers API with D1 and KV

D1 stores users, purchases, and entitlements. KV stores one-time tokens, sessions, and best-effort throttling.

data
04

Hardened Stripe webhook path

Signature verification and idempotency tables are in place. Add Stripe keys later without rebuilding the backend shape.

billing
05

Customer portal and admin portal

Separate surfaces keep the customer dashboard, licenses, billing, and future admin tools behind the right role boundaries.

portal
06

Security-by-default posture

Minimal surface area, explicit allowlists, bounded request bodies, and a clear upgrade path to durable rate limiting.

security

Frequently asked questions

A few decisions that keep this demo secure-by-default.

Can anyone sign up right now?

No. The API is configured with ALLOW_SIGNUP=false so accounts are only created after Stripe checkout (or seeded by an admin).

Why magic-link auth?

It avoids passwords, reduces support burden, and works well on Cloudflare Workers. Links are short-lived and throttled.

How do offline licenses work?

The recommended model is asymmetric signatures: server signs a license payload, and the desktop app verifies using a public key.

Is rate limiting done?

Best-effort today using KV. For stronger guarantees (especially around email + checkout) move rate limiting to Durable Objects.

Get started

One lifetime license. Bring your own AI key.

Buy ChartGPT once. Connect your OpenAI, Anthropic, Google, or OpenRouter API key. Send NinjaTrader chart context into your AI workflow.

Start free trial Buy ChartGPT Read docs
License
One-time purchase
Usage
Bring your own API key