Case study

QR Ninja

A privacy-first QR platform with dynamic codes and real-time scan analytics — QR codes that work harder.

  • Next.js 16
  • TypeScript
  • tRPC v11
  • Drizzle ORM
  • Neon Postgres
  • Clerk
  • Stripe
  • Cloudflare Workers
  • Vercel
  • Bun

What it does

Features

  • Dynamic, re-editable QR codes — change the destination without reprinting the code.
  • Branded QR designs with custom colors, logos, and finder-pattern styling.
  • Real-time scan analytics — track scans by time, location, and device.
  • Smart redirects and built-in URL shortening behind every code.
  • Custom branded domains via Cloudflare for SaaS custom hostnames.
  • Hosted landing pages that turn a single scan into a richer destination.
  • Tiered Free and Pro plans with Stripe-managed subscriptions.
  • Native iOS and Android mobile app sharing the same backend API.

Under the hood

Architecture

  • Next.js 16 on Vercel hosts the marketing site, dashboard, and API in one App Router deployment.
  • tRPC v11 drives the web frontend; trpc-to-openapi projects the same router as an auto-generated REST surface for the mobile app — one source of truth, two API surfaces.
  • A TypeScript project-reference build graph (incremental tsc -b) topologically orders seven composite packages and rebuilds only what changed.
  • Drizzle ORM over Neon serverless Postgres, with ephemeral database branches spun up per CI run.
  • Clerk handles session-based auth across web and mobile.
  • A Cloudflare Worker redirect service runs outside Next.js, resolving first-party and customer vanity QR redirects via CF-for-SaaS custom hostnames.
  • Upstash Redis for caching and rate limiting, Trigger.dev for background jobs, and Postmark for transactional email.
One tRPC router, two API surfaces — and a redirect Worker that lives outside Next.js.

How we ship it

Dev workflow

  1. 1

    Per-plan E2E fixtures run against an ephemeral Neon branch — Free and Pro Clerk test users, each tier granted via the comp-grant path so CI exercises the real entitlement logic.

  2. 2

    Post-deploy production smoke tests hit the live site read-only — navigation and assertions only, never mutating prod data.

  3. 3

    Merge-queue discipline on main: branch protection blocks direct pushes and re-tests each PR against main plus the queue before a squash merge.

  4. 4

    Multi-agent worktree shipping: every checkout derives a stable dev port from the shared 3000–3999 range, so parallel agent worktrees run and test side by side without colliding.

By the numbers

Built to scale, shipped with discipline

2
API surfaces from one router
7
Library packages in the build graph
Free + Pro
Per-plan E2E fixtures
Read-only
Prod smoke tests

Take it for a spin

Scan-ready QR codes with real-time analytics, branded domains, and a privacy-first core.