Banking App is a production-style fintech dashboard built with Next.js 14, TypeScript, Tailwind CSS, Appwrite, Plaid, and Dwolla-ready service layers. It is designed as a public starter repository for modern online banking dashboards, account aggregation flows, transfers, and analytics.
- Vercel App:
https://banking-app-kappa-one.vercel.app
Demo login can be enabled for local development or controlled staging.
Live demo credentials for the current Vercel deployment:
-
Admin:
demo.admin@bankingapp.test/DemoBanking2026 -
User:
demo.user@bankingapp.test/DemoBanking2026 -
Set
ENABLE_DEMO_LOGIN=true -
Configure
ADMIN_*andUSER_*values in your environment
Example demo credentials:
- Admin:
admin@example.com/strong-demo-password - User:
user@example.com/strong-demo-password
Important:
- Do not enable demo login on a public production app unless you intentionally want public test access.
- If you enable it on Vercel, use non-sensitive demo-only accounts and passwords.
- Modern banking dashboard with responsive layout
- Role-aware authentication flow with admin and user experiences
- Plaid-ready bank connection endpoints
- Dwolla-ready transfer initiation flow
- Appwrite-ready service modules for auth, data, and storage
- Analytics views for balances, spending, and income vs expenses
- Next.js 14 App Router
- React and TypeScript
- Tailwind CSS
- shadcn-style UI primitives
- Appwrite
- Plaid
- Dwolla
- Chart.js
- React Hook Form
- Sign up and sign in flows
- Dashboard with total balance and account overview
- Bank account cards and linked-bank view
- Transaction history with filters and pagination
- Transfer form and secure server-side transfer action
- Analytics charts for spending and cash flow
- Mobile and desktop responsive navigation
- Theme toggle
- Production-style folder organization
app/
(auth)/
(dashboard)/
api/
actions/
components/
constants/
lib/
pages/
types/
public/
- Clone the repository.
- Copy the example environment file:
cp .env.example .env.local- Fill in your own local values in
.env.local. - Install dependencies:
npm install- Start the development server:
npm run dev- Open
http://localhost:3000.
This repository can run on Vercel, but production deployment should use real provider configuration and should not rely on local seeded auth.
- Seeded local demo logins are for development only.
- Production should use Appwrite-backed authentication.
- All secrets must be configured in Vercel environment variables.
This repository includes .env.example with placeholder values only.
Never commit:
.env.env.local- production API keys
- banking provider secrets
- customer data
- admin credentials
Required variable groups:
NEXT_PUBLIC_APP_URLENABLE_DEMO_LOGINADMIN_*USER_*APPWRITE_*PLAID_*DWOLLA_*
Recommended production behavior:
- set real
ADMIN_*andUSER_*values only if you explicitly want temporary seeded logins outside production - keep
ENABLE_DEMO_LOGIN=falsefor normal production use - configure Appwrite auth for production sign-in and sign-up
- never rely on placeholder values from
.env.example
- Keep all real credentials in local environment files or your hosting provider's secret manager.
- Do not commit real Appwrite API keys, Plaid secrets, Dwolla secrets, callback secrets, or live banking account identifiers.
- Rotate any credential immediately if it is ever pasted into source control.
- Use sandbox credentials during development and switch to production credentials only in your hosting platform.
- Review
SECURITY.mdbefore publishing or deploying.
Configure an Appwrite project with:
- one project
- one database
- collections for users, bank accounts, and transactions
- optional storage bucket for statements or uploads
Set the corresponding APPWRITE_* values in .env.local and in your hosting provider settings.
- Create a Plaid developer account.
- Start with sandbox mode.
- Add your
PLAID_CLIENT_IDandPLAID_SECRETto.env.local. - Configure redirect URLs if your flow requires them.
- Use the backend routes in
app/api/plaid/create-link-token/route.tsandapp/api/plaid/exchange-public-token/route.ts.
- Create a Dwolla developer account.
- Use sandbox credentials first.
- Add
DWOLLA_KEY,DWOLLA_SECRET, andDWOLLA_FUNDING_SOURCE_URLto.env.local. - Use the transfer action in
actions/banking.tsand the route inapp/api/dwolla/transfer/route.ts.
This project is ready to deploy to Vercel.
- Push the repository to GitHub.
- Import the repository into Vercel.
- In Vercel, set the framework to Next.js if it is not auto-detected.
- Add all required environment variables in the Vercel project settings.
- Set
NEXT_PUBLIC_APP_URLto your final production domain. - Set production callback URLs for Appwrite, Plaid, and Dwolla.
- Deploy.
- Replace any temporary seeded credentials with real secure values in hosting secrets
- Set
NEXT_PUBLIC_APP_URLto your production domain - Enable Appwrite email/password auth and confirm production platform domains
- Verify Appwrite platform domains and session settings
- Verify Plaid allowed redirect URIs and webhook configuration
- Verify Dwolla redirect URLs, webhook URLs, and funding source setup
- Review server actions and API routes for authorization rules
- Test sign-in, bank linking, transfers, and analytics in production
Add these in the Vercel dashboard:
NEXT_PUBLIC_APP_URLAPPWRITE_ENDPOINTAPPWRITE_PROJECT_IDAPPWRITE_DATABASE_IDAPPWRITE_USERS_COLLECTION_IDAPPWRITE_BANKS_COLLECTION_IDAPPWRITE_TRANSACTIONS_COLLECTION_IDAPPWRITE_STORAGE_BUCKET_IDAPPWRITE_API_KEYPLAID_CLIENT_IDPLAID_SECRETPLAID_ENVPLAID_PRODUCTSPLAID_COUNTRY_CODESDWOLLA_KEYDWOLLA_SECRETDWOLLA_ENVDWOLLA_FUNDING_SOURCE_URL
Optional for local or controlled staging only:
ENABLE_DEMO_LOGINADMIN_EMAILADMIN_PASSWORDADMIN_NAMEADMIN_EMAILSUSER_EMAILUSER_PASSWORDUSER_NAME
- Use Vercel preview deployments for integration testing.
- Use provider sandbox environments before switching to live banking data.
- Add provider webhooks only after your production domain is stable.
- Rotate secrets any time a team member changes or a credential is exposed.
Before pushing to GitHub:
- confirm
.env.localis not tracked - confirm no real API keys are present in source files
- confirm no private account IDs or webhook secrets are hard-coded
- confirm no customer banking data is stored in the repo
- confirm only placeholder values exist in
.env.example
Run:
npm run build
npm run typecheckAdd your preferred license before publishing publicly.