A production-grade, serverless form builder inspired by Google Forms. Built for the modern web using Cloudflare Workers, D1 (SQLite), and Cloudflare Pages. It features a secure, themeable admin panel and a lightning-fast public form renderer.
- 🔨 Powerful Builder: Drag-and-drop-style form creation with support for multiple input types (Text, Email, Radio, Checkbox, File Uploads).
- 🎨 Themeable UI: Instant dark mode support and customizable theme colors.
- 🛡️ SaaS-Grade Security: JWT-based authentication, server-side validation, and Cloudflare Turnstile integration.
- 📊 Response Management: Real-time response tracking with CSV/XLSX/PDF export capabilities.
- 🚀 Edge-Powered: Globally distributed serverless architecture for sub-100ms response times.
- Vanilla JS & CSS3: Zero-dependency, lightweight, and blazing fast.
- Cloudflare Pages: High-performance static hosting at the edge.
- Font Awesome: Professional iconography.
- Cloudflare Workers: High-performance serverless environment.
- Cloudflare D1: SQL database for reliable data storage.
- Cloudflare KV: High-speed key-value storage for rate limiting.
- JWT Auth: Secure admin session management.
- Cloudflare Secrets: Zero-exposure secret management.
- CORS Hardening: Strict origin-based access control.
KumoFumi /
├── api/ # Cloudflare Worker (Backend)
│ ├── src/ # Business logic & authentication
│ ├── schema.sql # D1 database initialization
│ └── wrangler.toml # Worker configuration
├── css/ # Modular frontend styles
├── js/ # Client-side logic (Admin & Form)
├── index.html # Public Form Renderer
├── admin.html # Secure Admin Dashboard
└── login.html # Admin Authentication Portal
This project follows a Backend-First Security Model. All sensitive logic is isolated in the Worker, ensuring the frontend remains thin and secure.
Important
Secrets are NEVER stored in GitHub or the source code. They are injected at runtime via Cloudflare Environment Variables.
🔑 View Production Secret Commands
# How to set production secrets
wrangler secret put ADMIN_PASSWORD
wrangler secret put JWT_SECRET
wrangler secret put TURNSTILE_SECRET- Frontend: UX-focused validation (immediate feedback).
- Backend: Strict schema validation (Zod-like logic), rate limiting, and size enforcement.
- Database: SQL-level integrity checks.
cd api
npm install
wrangler deploy --env productionPush to any branch connected to Cloudflare Pages. Routing is handled automatically for index.html, admin.html, and login.html.
-
Clone the repository:
git clone https://github.com/ZEON-07/Custom-Form.git cd Custom-Form -
Setup API:
cd api npm install -
Configure local secrets: Create a
.dev.varsfile in theapi/directory:📂 View Local Environment Example
ADMIN_PASSWORD=your-local-pass JWT_SECRET=your-local-secret
-
Run local environment:
wrangler dev
- PDF Export: Generate professional PDF reports for each submission.
- Analytics: Visual charts for data distribution.
- Webhooks: Direct integration with Discord/Slack.
- Multi-Admin: RBAC support for larger teams.
- Scheduling: Auto-open/close forms based on timestamps.
Distributed under the MIT License. See LICENSE for more information.
Tip
This architecture is designed to scale to millions of requests at near-zero cost. It’s not just a tool—it's a production-ready serverless platform.