full warmbadge saas

The Project

WarmBadge is a SaaS platform that analyzes email domain reputation, generates trust scores, and issues embeddable verification badges for domain owners. The platform includes subscription tiers, ZKP (Zero-Knowledge Proof) hardware verification, Stripe payments, and a full user authentication system.

What I Was Brought In To Fix and Deploy

The backend had multiple critical production issues before launch and needed a complete deployment setup from scratch on a live VPS.

Security issues I identified and fixed:

Google OAuth login broken — user creation failing silently on authentication

Session cookies set with secure=False — exposing user sessions over HTTP

API base URL exposed on the homepage — leaking backend infrastructure to the public

/docs endpoint unprotected — full FastAPI documentation accessible to anyone on the internet

Free plan not being assigned on new user creation — breaking the subscription flow entirely

Full production deployment I built:

Uploaded and configured the application on VPS (74.50.65.108)

Created Python virtual environment and installed all dependencies

Configured production environment variables securely on the server

Set up Gunicorn as the production WSGI server

Created a systemd service for the app — auto-start on reboot, auto-restart on failure

Configured Nginx as reverse proxy routing public traffic to the application

Set up UFW firewall rules for SSH, HTTP, and HTTPS

Provisioned SSL via Let's Encrypt — warmbadge.com and www.warmbadge.com

Configured DNS — A record pointed to VPS IP, CNAME for www redirect

Diagnosed and fixed missing runtime dependencies (parsedmarc, python-multipart) causing startup crashes

Fixed static directory missing — preventing application from starting

Validated full production health: warmbadge.com/health returning {"status":"ok"}

Delivered a complete Phase 5 acceptance checklist covering:

ZKP Hardware Pod integration (challenge → sign → submit → badge update)

Subscription feature gating across 5 tiers (Free, Starter, Business, Agency, Agency Pro)

Account dashboard with real-time plan and trust status

Onboarding UX validation for new user flow

Production logging and monitoring with sub-60-second issue diagnosis

The Stack

FastAPI · Python 3.12 · Gunicorn · Nginx · Let's Encrypt SSL · Systemd · UFW Firewall · Ubuntu VPS · Google OAuth · Stripe · JWT · DNS Configuration

The Outcome

Backend deployed and running stably in production. All critical security vulnerabilities patched before public launch. Zero-downtime service configuration with automatic restart on failure. Full production checklist delivered and verified.