Data export flow design

How Meridian handles user data export requests — architecture, lifecycle, and delivery guarantees.

Request initiation

A user triggers an export from the dashboard settings panel. The frontend POSTs to /api/export/request. The API validates the session, checks rate limits (one export per 24 h), and enqueues a job in Upstash KV with status pending.

Job lifecycle

1. Pending

Job written to KV. TTL of 72 h. Frontend polls every 3 s.

2. Processing

Worker aggregates license keys, sessions, and payment receipts into a signed .zip.

3. Ready

Presigned R2 URL written to KV. User receives a one-time download link valid for 1 h.

Delivery

Once the job flips to ready, the frontend renders a download button. The link points to Cloudflare R2 via a presigned URL. No auth required on the GET — the token embedded in the URL is the authorization. After download, the KV record is tombstoned and the R2 object expires naturally via bucket lifecycle policy.

Failure modes

  • Worker crash mid-aggregation — job retries up to 3 times with exponential backoff.
  • R2 upload failure — job marked failed, user notified to retry.
  • TTL expiry — if the user never downloads, data is scrubbed automatically.
← Back to docs