Bedest

A production-ready, strictly typed backend foundation built for B2B SaaS and scalable microservices.

Bedest is engineered to solve the most grueling challenges of B2B SaaS development—Multi-tenancy, Row-Level Security (RLS), Role-Based Access Control (RBAC), and Plan Management—from day one. It enforces a Strictly Typed environment, eliminating any types in favor of robust runtime validation.

Architectural Philosophy

The core abstractions (base services, utilities, guards, interfaces) live in a separate package: bedest-core. This keeps the boilerplate lean while making the building blocks reusable across any BED-stack project.

Key Features

• Native Multi-Tenancy: Data isolation is enforced at the database level using PostgreSQL Row-Level Security (RLS).
• SaaS Ready: Built-in PlanGuard for subscription-based feature gating and a system-wide MaintenanceMode.
• Bulletproof Error Handling: Centralized handler that unmasks deep-nested Drizzle/Postgres errors.
• Real-Time Ready: Integrated WebSocket manager for live payload delivery.
• Aspect-Oriented Audit Trail: Macro-driven system logging mechanism tracking "who did what".
• Headless Architecture Support: Dynamic domain resolution allowing frontends to securely map custom URLs to tenant IDs.

Automated Tenant Scoping

Security is enforced at the transaction level using UtilTenantScope. Every query is wrapped in a session-local configuration that triggers PostgreSQL RLS policies ensuring absolute data isolation between tenants.

If you don't need multi-tenancy and SaaS features, check out Bedest Lite for a streamlined, single-tenant experience.