Alvey Automation
Download · Flask Scaffold v1.0

Build SaaS faster on a multi-tenant Flask foundation that's actually correct.

A production-tested scaffold for indie SaaS founders. Signup, billing, multi-tenant data isolation, admin dashboard — wired up and ready to ship.

$79 one-time · MIT license · 7-day refund
Buy on Gumroad

Most multi-tenant Flask tutorials get it wrong

Most multi-tenant Flask tutorials get the data model wrong. They tell you to "add a tenant_id column" and call it done — without ever showing you the patterns that prevent cross-tenant data leaks at scale.

This scaffold is the boring, correct version: enforced query scoping at the model layer, tested end-to-end, with explicit escape hatches for admin-only views. Every line exists because its absence has burned somebody.

The five things most tutorials miss:

  • The for_tenant() query helper that throws if you forget the tenant_id. Most tutorials let you write db.query(Model).all() and discover the leak in production.
  • A clearly named escape hatch (all_tenants_unsafe()) for super-admin views — so code review can flag every cross-tenant query.
  • Stripe webhook idempotency. Stripe replays events. If your handler isn't idempotent, you'll double-charge customers.
  • client_reference_id on the Checkout session to map the payment back to the tenant. Without it, you can't reliably activate the right subscription.
  • Tests that prove the multi-tenancy guarantee. Not "looks correct" — actually log in as one tenant and verify HTTP 404 when querying another tenant's resource by ID.

What's in the box

  • Multi-tenant data model with enforced query scoping — tenant A literally cannot see tenant B's data, verified by tests.
  • Email + password signup / login with bcrypt.
  • Stripe Checkout integration with idempotent webhook handlers (test mode by default, flip to live in 5 minutes).
  • Stripe Customer Portal for self-serve subscription management.
  • Super-admin dashboard for support overrides — cancel, reinstate, comp customers onto Pro.
  • JSON API + server-rendered UI with Tailwind. No build step in dev.
  • Alembic migrations — schema versioning works.
  • Postgres in production, SQLite for local dev — zero setup.
  • Procfile + railway.toml + Dockerfile — deploy in one push.
  • Pre-commit hooks with gitleaks, ruff, debug-statement detection.
  • 28 tests covering signup, login, multi-tenancy isolation, Stripe webhook handling, admin role enforcement, and the full signup → checkout → active flow.

Who this is for

This scaffold is for you if:

  • You're an indie founder building your first SaaS who doesn't want to spend the first 3 days re-deriving multi-tenancy basics.
  • You're an engineer leaving a big-co job and starting solo who knows what good looks like but doesn't want to set it up from scratch.
  • You've been burned by a leaky multi-tenant app and want the enforce-at-the-data-layer version next time.

This scaffold is NOT for you if:

  • You need OAuth-only auth, magic-link auth, or SSO out of the box — the scaffold is bcrypt + sessions; layer your own on top.
  • You're already on Django (you have your own conventions).
  • You're expecting a no-code admin like Forest or Retool — this is a Flask blueprint, not a CMS.

FAQ

Does this work with Postgres or just SQLite?
Both. SQLite is the local dev default for zero-setup; Postgres is what you run in production. The scaffold autodetects and the migrations work on either.
Can I rebrand it freely?
Yes — MIT license. There's a RENAMING.md walkthrough that covers renaming the demo Project entity, swapping the favicon, customizing colors, and a pre-launch checklist.
Does it include OAuth / Google sign-in?
No, intentionally. Auth strategy is opinionated and project-specific. The bundled bcrypt + session pattern is enough for v1; layer your own provider later.
Will my buyers be able to use this?
This is a developer tool, not an end-user product. You build your SaaS on top of it. Your customers never see this scaffold — they see whatever you ship.
Can I get a refund?
Yes — 7-day no-questions refund. Email and you'll get it.
Is multi-tenancy actually enforced?
Yes, and the test suite proves it. There are 7 tests confirming for_tenant() scoping, plus HTTP-level tests where one tenant logs in and tries to GET / PATCH / DELETE another tenant's resource by ID — every attempt returns 404 and the target row is unchanged.

Skip the boring 3 days. Start shipping.

From zip to running locally in under 60 seconds. To deployed on Railway in under an hour.

Buy on Gumroad Email a question