Loading page…
Server-first Commerce Scaffold
Production-ready foundations for the Orchestra catalog. All data is fetched on the server with the required service key, keeping tokens out of the browser while enabling SEO-friendly item listings.
All requests to /api/items/... go through Next.js with the X-Service-Key header injected automatically. Add user tokens to reach protected data without exposing secrets to the browser.
Login uses a Next.js route handler that stores the Django token in an HTTP-only cookie. Private pages load on the server, fetch with both the service key and user token, and fall back gracefully on 401/403 responses.