CartFlux — Multi-Tenant Dropshipping SaaS Platform

CartFlux is a multi-tenant SaaS platform that enables European merchants to launch branded online stores in under 10 minutes. Merchants source products from a pre-integrated catalog, customize their storefront, and sell directly to end customers without managing inventory, warehousing, or logistics.

The platform handles everything from storefront generation to checkout processing, payment splitting via Stripe Connect, and automated supplier order forwarding, giving CartFlux a recurring revenue stream on every transaction.

Zero-inventory dropshipping with pre-negotiated EU supplier pricing

Multi-tenant architecture with PostgreSQL Row-Level Security isolation enforced at database level

Stripe Connect for direct per-tenant payment processing with automatic platform fee collection

Next.js 15 storefronts with SSR, i18n (RO/EN/DE/ES), and custom domain support

Zero-ops deployment: Vercel + Supabase, no DevOps overhead

CartFlux follows a shared-database, isolated-data multi-tenancy pattern. All tenants share the same Supabase Postgres instance, but every table is protected by RLS policies keyed on tenant_id or owner_id. No tenant can ever read or write another tenant's data, regardless of application-level bugs.

Account hierarchy: One authenticated user can own multiple stores. Each store has its own slug, Stripe account, supplier credentials, custom domain, and theme.

Domain routing operates on 3 layers:

Subdomain: store-name.cartflux.eu (resolved via edge middleware)

Custom domain: www.mystore.ro (proxied through Vercel)

Preview: /preview/[subdomain]/ for live merchant previews

Admin: /admin/ with separate auth and global tenant visibility

Stripe Connect handles the entire payment lifecycle. When a customer pays, the platform automatically withholds supplier cost + commission. Only the merchant's profit margin lands in their Stripe Connect account.

payment_intent.succeeded — Mark order paid, trigger order forwarding

payment_intent.failed — Mark order failed, notify customer

account.updated — Sync merchant Stripe status

customer.subscription.updated — Update merchant plan

Network: Vercel WAF + DDoS protection on all traffic

Auth: Supabase JWT + RLS, service-role bypass only for scheduled jobs

DB Isolation: PostgreSQL RLS with ownership enforced at database level

Payments: Stripe webhook signature verification on all webhooks

CSRF: Next.js server actions built-in protection

Secrets: Vercel environment variables, nothing in source code

Three tiers designed around merchant scale:

Free (€0/mo): 1 store, subdomain, +€1 catalog markup, 5% commission

Pro (€19/mo): 3 stores, custom suppliers, +€0.50 markup, 3% commission

Business (€49/mo): Unlimited stores, custom domain, raw supplier price, 1% commission

Checkout is blocked if a merchant's margin would go negative, protecting both the merchant and the platform.

SmartBill integration for automated invoicing per order

Monthly platform invoicing with transparent accounting (amounts already withheld at checkout)

i18n in 4 languages (Romanian, English, German, Spanish)

Merchant onboarding flow with Stripe Connect setup

Frontend/Backend: Next.js 15 (App Router, SSR, RSC)

Database: Supabase (PostgreSQL + RLS + Auth + Realtime)

Payments: Stripe Connect

Email: Resend

Hosting: Vercel (edge middleware for tenant routing)

Language: TypeScript strict mode

BigBuy integration (in discussion) — one of Europe's largest B2B wholesalers, for a massive pre-integrated product catalog

Affiliate system expansion