shopcall/DEPLOYMENT_GUIDE.md

ShopCall.ai Deployment Guide

This guide explains how to deploy ShopCall.ai after the migration from Vercel to Supabase Edge Functions with static hosting.

Architecture Overview

New Architecture

• Frontend: Static React build (Vite) - Can be hosted on any static hosting provider (Apache, Nginx, Cloudflare Pages, etc.)
• Backend: Supabase Edge Functions (Deno runtime)
• Database: Supabase PostgreSQL
• Authentication: Supabase Auth

Key Changes from Previous Architecture

• ✅ Replaced Vercel serverless functions with Supabase Edge Functions
• ✅ Replaced in-memory stores with database tables (pending_signups, oauth_nonces)
• ✅ Migrated from Nodemailer to Resend API for email sending
• ✅ Environment variable-based configuration for easy deployment
• ✅ Static hosting compatible frontend

Prerequisites

1. Supabase account and project
2. Web hosting with Apache or Nginx (for static files)
3. Resend API key for email sending (or alternative email service)
4. Shopify API credentials (if using Shopify integration)
5. Node.js and npm installed locally for building

Database Setup

The database migrations have already been applied. The following tables were created:

1. pending_signups

Stores temporary signup data with OTP for email verification (15-minute expiration).

2. oauth_nonces

Stores OAuth state/nonce values for secure OAuth flows (10-minute expiration).

Edge Functions Deployment

Deployed Edge Functions

1. auth - /functions/v1/auth/*

   • /auth/signup - Create new user account with OTP
   • /auth/signup/verify - Verify OTP and complete registration
   • /auth/signup/resend-otp - Resend OTP email
   • /auth/login - Email/password login
   • /auth/logout - Sign out
   • /auth/check - Validate session token

2. shopify-oauth - /functions/v1/shopify-oauth/*

   • /shopify-oauth/init - Initialize Shopify OAuth flow
   • /shopify-oauth/callback - Handle Shopify OAuth callback

3. woocommerce-oauth - /functions/v1/woocommerce-oauth/*

   • /woocommerce-oauth/init - Initialize WooCommerce OAuth flow
   • /woocommerce-oauth/callback - Handle WooCommerce callback

4. gdpr-webhooks - /functions/v1/gdpr-webhooks/*

   • /gdpr-webhooks/customers-data-request - Handle customer data requests
   • /gdpr-webhooks/customers-redact - Handle customer data redaction
   • /gdpr-webhooks/shop-redact - Handle shop data redaction

Environment Variables for Edge Functions

Configure these in your Supabase project settings under Edge Functions:

# Supabase (automatically available)
SUPABASE_URL=https://YOUR_PROJECT.supabase.co
SUPABASE_ANON_KEY=your_anon_key

# Email Service (Resend)
RESEND_API_KEY=re_YOUR_API_KEY

# Shopify Integration
SHOPIFY_API_KEY=your_shopify_api_key
SHOPIFY_API_SECRET=your_shopify_api_secret
SHOPIFY_REDIRECT_URI=https://YOUR_PROJECT.supabase.co/functions/v1/shopify-oauth/callback

# Frontend URL (for OAuth redirects)
FRONTEND_URL=https://yourdomain.com

# Edge Function Base URL
EDGE_FUNCTION_BASE_URL=https://YOUR_PROJECT.supabase.co/functions/v1

Frontend Deployment

Step 1: Configure Environment Variables

Create or update .env file in shopcall.ai-main/:

# Backend API Base URL (Supabase Edge Functions)
VITE_API_URL=https://YOUR_PROJECT.supabase.co/functions/v1

# Frontend URL (for OAuth callbacks)
VITE_FRONTEND_URL=https://yourdomain.com

Step 2: Build the Frontend

cd shopcall.ai-main
npm install
npm run build

This creates a dist/ directory with your static files.

Step 3: Deploy Static Files

Option A: Apache Hosting

1. Upload the contents of dist/ to your web server (e.g., /var/www/html/)
2. Ensure .htaccess file is in the root directory (already created in public/)

3. Make sure mod_rewrite is enabled:

   sudo a2enmod rewrite
   sudo systemctl restart apache2
   

Option B: Nginx Hosting

1. Upload the contents of dist/ to your web server (e.g., /var/www/shopcall.ai/dist/)

2. Copy nginx.conf.example to your nginx sites-available directory:

   sudo cp nginx.conf.example /etc/nginx/sites-available/shopcall.ai
   sudo ln -s /etc/nginx/sites-available/shopcall.ai /etc/nginx/sites-enabled/
   

3. Update the configuration with your domain and SSL certificates

4. Test and reload nginx:

   sudo nginx -t
   sudo systemctl reload nginx
   

Option C: Cloudflare Pages / Netlify / Similar

1. Connect your Git repository
2. Set build command: npm run build
3. Set publish directory: dist
4. Configure environment variables in the platform's dashboard

Email Service Setup (Resend)

1. Sign up for Resend
2. Create an API key

3. Add the API key to your Supabase Edge Function secrets:

   supabase secrets set RESEND_API_KEY=your_api_key
   

4. Verify your sending domain in Resend (optional but recommended for production)

OAuth Configuration

Shopify

1. In your Shopify Partner dashboard, update the app settings:
   • App URL: https://yourdomain.com
   • Allowed redirection URL(s):
     • https://YOUR_PROJECT.supabase.co/functions/v1/shopify-oauth/callback
   • GDPR webhooks:
     • Customer data request: https://YOUR_PROJECT.supabase.co/functions/v1/gdpr-webhooks/customers-data-request
     • Customer data erasure: https://YOUR_PROJECT.supabase.co/functions/v1/gdpr-webhooks/customers-redact
     • Shop data erasure: https://YOUR_PROJECT.supabase.co/functions/v1/gdpr-webhooks/shop-redact

WooCommerce

No special configuration needed. The OAuth flow is initiated from the dashboard.

Testing the Deployment

1. Test Authentication

# Test signup
curl -X POST https://YOUR_PROJECT.supabase.co/functions/v1/auth/signup \
  -H "Content-Type: application/json" \
  -d '{
    "email": "test@example.com",
    "password": "testpass123",
    "full_name": "Test User",
    "company_name": "Test Company",
    "user_name": "testuser"
  }'

# Test login
curl -X POST https://YOUR_PROJECT.supabase.co/functions/v1/auth/login \
  -H "Content-Type: application/json" \
  -d '{
    "email": "test@example.com",
    "password": "testpass123"
  }'

2. Test OAuth Flow

1. Navigate to your frontend URL
2. Try connecting a Shopify or WooCommerce store
3. Verify the OAuth callback works correctly

3. Test Frontend Routing

1. Navigate to various routes (e.g., /dashboard, /call-logs)
2. Refresh the page to ensure routing works with static hosting
3. Check browser console for any errors

Troubleshooting

Common Issues

Issue: 404 errors on routes when refreshing

• Solution: Ensure .htaccess (Apache) or nginx configuration is properly set up for client-side routing

Issue: CORS errors when calling Edge Functions

• Solution: Verify CORS headers are set in Edge Functions (corsHeaders in each function)

Issue: Email not sending

• Solution: Check Resend API key is properly configured and verify the email service is active

Issue: OAuth callback fails

• Solution: Verify redirect URIs match exactly in your OAuth provider settings

Monitoring and Maintenance

1. Edge Functions Logs: Monitor in Supabase Dashboard > Edge Functions > Logs
2. Database: Check Supabase Dashboard > Database for any issues
3. Cleanup: The database has automatic cleanup for expired records via the functions:
   • delete_expired_pending_signups()
   • delete_expired_oauth_nonces()

Rollback Plan

If you need to rollback to the old Vercel deployment:

1. Update frontend .env to point back to Vercel backend:

   VITE_API_URL=https://shopcall-ai-backend.vercel.app
   

2. Rebuild and redeploy frontend

3. The old backend code is still available in shopcall.ai-backend-main/

Security Considerations

1. Environment Variables: Never commit .env files to version control
2. API Keys: Rotate API keys regularly
3. HTTPS: Always use HTTPS in production
4. Rate Limiting: Consider adding rate limiting to Edge Functions for production
5. CORS: Restrict CORS origins to your actual frontend domain in production

Support

For issues or questions:

• Check Supabase logs for Edge Function errors
• Review browser console for frontend errors
• Verify environment variables are correctly set