I think it would be extremely useful to have some type of simple authentication system for the preview URLs. I think the One-Time Pin Login [1] available with Cloudflare Access would be a really great fit if I could drive it from a list of email addresses in the GitHub repo.
As a use case, consider a small project where someone is looking for very preliminary feedback and wants to ask friends, family, trusted colleagues, etc. for feedback on non-public previews, but without the burden of a full blown authentication system.
I suppose that depends on whether or not it supports private repos. I don't like the systems that require public repos.
That's awesome! The thing that would make it valuable to me would be to send links to friends or family that have never heard of Cloudflare. If it got tied into Cloudflare Teams or something that added even the tiniest bit of friction it would significantly devalue it IMO. For example, I'd consider OAuth "log in with X platform" to be too much friction. Signing up for an account somewhere would never happen, at least for my use case.
The ideal scenario for me would be if I'm on the phone or video conferencing with someone and can send a link to their email that would grant them instant access with a single click, plus repeat access by doing the one-time-pin flow.
Do you know of any Cloudflare products that would let me build something like that one-time-pin auth flow into a user facing app driven by Workers? Most of the info I can find seems to assume it's going to be used to protect internal resources for companies and the pricing would never work for a user facing app. I might just be missing it though. It took me a while to figure out MS has Azure B2B vs Azure AD which is a similar scenario.
Just rouging it out in my head, I think (I'm probably getting some of it wrong) I could build something like that that's really inexpensive to run using Workers. I'm thinking something like 1 invocation for "unauthorized", a second for the auth request + JWT generation + email link, and a +1 per request cost for a worker to check the JWT / resource request.
IIRC Workers are $0.50/million runs with KV to match, so I could do _a lot_ of authenticating for $5. Compare that to something like Cognito where it's $275 USD for your second 50k users and the one-time-pin style auth running on Workers starts to feel like a good option for low value accounts that don't require a sophisticated auth system with 2FA, etc..
I say that in the context of thinking about a product where people would log in so infrequently they'd probably be doing a password reset anyway. Or they could just be like my parents where every login is a password reset. Lol.
As a use case, consider a small project where someone is looking for very preliminary feedback and wants to ask friends, family, trusted colleagues, etc. for feedback on non-public previews, but without the burden of a full blown authentication system.
I suppose that depends on whether or not it supports private repos. I don't like the systems that require public repos.
1. https://developers.cloudflare.com/access/authentication/conf...