Keysat
990f5582b8
Typed Prisma queries
- where: any in app/api/workouts/route.ts (GET + POST) and
lib/db/workouts.ts replaced with Prisma.WorkoutWhereInput +
Prisma.WorkoutCreateInput + Prisma.DateTimeFilter. Catches typos
at compile time and surfaces query shape directly in tooltips.
Workout import endpoint tests (tests/routes-import.test.ts)
- 7 tests covering /api/workouts/import/save: 401 unauthenticated,
empty workouts rejected, case-insensitive name matching against
existing exercises, new-exercise creation with isCustom=true and
type='other' default, explicit existingExerciseId honored over
name lookup, multiple workouts per call, sequential setNumber
per exercise per workout.
bcryptjs -> bcrypt (native)
- Roughly 10x faster than the pure-JS implementation under load —
login latency drops from ~250ms to ~25ms. Hash format is fully
cross-compatible with bcryptjs ($2a$ / $2b$ both verify), so
existing user passwords keep working without migration.
- Dockerfile builder stage adds python3 + make + g++ as a safety net
for native node-gyp compilation on alpine when prebuilt binaries
aren't available.
- Runner stage explicitly COPYs node_modules/bcrypt so the .node
binding is unambiguously present even if Next.js standalone
tracing somehow misses it.
- StartOS package's changeAdminCredentials.ts keeps bcryptjs (it's
bundled by ncc into a single JS file and runs only on the rare
admin action; native bcrypt would require shipping the .node
binding through ncc which it doesn't handle gracefully).
CSP nonces (middleware.ts + next.config.js)
- Per-request nonce generated in middleware. Forwarded to Next via
the x-nonce request header, which Next 13.4+ automatically stamps
onto its inline bootstrap scripts. CSP response header includes
`'nonce-${nonce}' 'strict-dynamic'`, dropping the previous
`'unsafe-inline'` from script-src.
- Static CSP removed from next.config.js (middleware-set headers
override static ones, so keeping both was redundant).
- Middleware matcher widened to all paths except static assets so
the CSP applies to every page response. Existing /main + /api
auth gating preserved.
- style-src keeps 'unsafe-inline' — Next/Tailwind still inject
critical inline <style>; tightening that requires hash-based
style-src or per-style nonce stamping (Next doesn't auto-do
either). Worth a follow-up if you want the cleanest possible CSP.
/api/me/import (mirror of /api/me/export)
- Accepts the same JSON shape /api/me/export emits (schema string
validated: only `proof-of-work-export@1` accepted today).
- mode: 'merge' (default) — adds imported rows; existing exercises
with matching names are NOT overwritten (the user's custom version
wins). All workout sets with a known exercise get rebound to the
user's actual exercise id via name lookup.
- mode: 'replace' — wipes the user's exercises/workouts/sets first,
then imports. Requires `confirm: "REPLACE"` in the body.
- Always scoped to the actor — never touches other users' data.
- Profile/admin flag/sessions/InstanceSettings deliberately not
imported (account identity stays put).
- 7 tests cover: 401, schema rejection, merge create+skip, replace
confirmation gate, replace wipes-then-imports, isolation across
users.
- ExportMyData component grew Import (merge) + Import (replace)
buttons with native browser confirm() before the destructive
replace.
Test suite now 81 tests across 9 files in ~2.6s.
Proof of Work
Self-hosted multi-user workout planner and logger. Plan training cycles, log daily workouts, search your history, and curate a shared exercise library across everyone on the instance. Distributed as a StartOS 0.4 sideload package.
Repo layout
proof-of-work/ Next.js app (TypeScript, Prisma + SQLite, Tailwind, PWA)
start9/0.4/ StartOS 0.4 package wrapper (manifest, Dockerfile,
entrypoint, version graph, change-credentials action)
Everything else is generated at build time.
Local development
cd proof-of-work
npm install
npx prisma generate # important after schema changes
npx prisma db push # create the dev DB at prisma/data/app.db
npm run db:seed # admin@local / workout123 + curated library + admin flag
npm run dev # http://localhost:3000
Multi-user
Every install starts with one admin user (admin@local) and sign-ups
closed. To open the instance to additional users:
- In-app: log in as admin -> Settings -> Instance Settings -> Allow new sign-ups.
- StartOS: Services -> Proof of Work -> Actions -> Set new signups.
Both write to the same InstanceSettings row; either path works.
When sign-ups are open, anyone reaching the URL can create an account at
/auth/signup. New users start with no admin privileges and are
automatically seeded the full curated exercise library.
Building the StartOS package
See start9/0.4/DEPLOY_040.md for the full deployment / cutover guide. Short version:
cd start9/0.4
npm ci
make clean
make x86 # produces proof-of-work_x86_64.s9pk
make install # sideload to the host in ~/.startos/config.yaml
Curated exercise library
proof-of-work/prisma/exercises.seed.json is the canonical library
shipped to every install. It seeds fresh installs (via prisma/seed.ts)
and is re-applied on every boot to existing installs (via
docker_entrypoint.sh + ensureExerciseLibrary.cjs) so updates flow to
all users on package upgrade.
Refresh the JSON from the maintainer's live host:
./start9/0.4/refresh_seed.sh <ssh-target> # pull a fresh /data snapshot
cd proof-of-work && npm run sync-library # extract Exercise table -> JSON
git diff prisma/exercises.seed.json
The system is additive only — removing an exercise from the JSON does
not delete it from existing installs (users may have logged sets against
it). Users' own custom exercises (isCustom = true) are never touched.
Privacy
start9/0.4/seed/data/app.db is your live /data snapshot. It contains
real workout history and a bcrypt'd password hash. The top-level
.gitignore keeps it out of git; do NOT commit it to any public repo.