Apps & Plugins Architecture

Overview

The Apps system is designed to facilitate Omnichannel Content Distribution. It allows the CMS to act as a "Headless" source of truth that pushes content to various downstream platforms (Shopify, WooCommerce, WordPress, etc.).

Data Schema

`AppConnection`

Stores the credentials and configuration for a connected third-party app.

model AppConnection {

providerId String // e.g. "shopify", "woocommerce"

category AppCategory // ECOMMERCE | PUBLISHING

credentials Json // Encrypted payload

config Json? // App-specific settings

isActive Boolean

}

Security Model

Encryption at Rest

We use AES-256-CBC to encrypt sensitive fields within the credentials JSON object before saving to MongoDB. This includes:

Shopify Access Tokens

WooCommerce Consumer Secrets

WordPress Application Passwords

The encryption key API_KEY_ENCRYPTION_KEY is injected via environment variables and never exposed to the client.

Audit Logging

Every interaction with the Apps system is logged to SystemActivity and AppSyncLog.

Connection Events: Logged when a user connects/disconnects an app.

Sync Events: Logged whenever content is pushed to an external provider.

Adding New Integrations

To add a new integration:

Frontend: Add a new card to apps/page.tsx and configure the AppConnectModal.

Backend: Implement the auth flow (OAuth or API Key) in api/cms/apps/connect.

Client: Create a new client class in lib/apps/[provider]/client.ts to handle content transformations.

Apps & Plugins Architecture

Apps & Plugins Architecture

Overview

Data Schema

`AppConnection`

Security Model

Encryption at Rest

Audit Logging

Adding New Integrations

Architecture

Core Concepts

Database

Development

Features

Getting Started

Guides

Integrations

Security

Theming