grant/proof-of-work
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5 Commits 1 Branch 0 Tags
a11639cc5626c54046b1f9846278c507d8f5f214
T
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Keysat a11639cc56 Self-serve password change, admin user management, login/signup rate limit 
Per-user password change (Settings -> Change password)
- changePasswordAction verifies current password before rotating, blocks
  same-as-current, requires 8+ chars and matching confirm.
- Always revokes every other session for the user via
  deleteOtherSessions(userId, currentToken). If you're rotating because
  you suspect compromise, the worst-case kicks the attacker off
  immediately. UI surfaces how many sessions were revoked.
- ChangePasswordForm sits between SettingsForm and AdminInstanceSettings
  on the existing settings page. Available to every user, no admin
  privileges required.

Admin user management (/main/admin/users — admin only)
- New page lists every account: email, name, joined date, workout count,
  role. Linked from the AdminInstanceSettings panel ("Manage users ->").
- Per-row actions: Promote/Demote (toggles isAdmin), Reset password
  (inline 8+ char input), Delete (cascading delete via Prisma onDelete:
  Cascade — workouts, exercises, sessions, preferences all go).
- Last-admin guard: setUserAdmin and deleteUser refuse if it would
  leave 0 admins. Self-delete is blocked from the admin UI (preserves
  the actor's session and forces them to use a "danger zone" flow they
  set up explicitly elsewhere).
- adminResetPassword force-revokes ALL of the target user's sessions —
  admin reset implies the old credential is no longer trusted.
- Server actions all do their own requireAdmin() gate (defense in depth
  beyond the page-level redirect).

Rate limit on /auth/login + /auth/signup
- New lib/rateLimit.ts: tiny in-process sliding-window limiter, no deps.
  Map<key, timestamps[]> with cutoff filtering on each call. Per Node
  process — fine for the single-replica StartOS deploy shape.
- clientIpFromHeaders prefers x-forwarded-for (leftmost), falls back to
  x-real-ip, then 'unknown' (acts as a global cap in dev).
- signup: 5 attempts per IP per 15min. Cuts off automated account
  spraying without blocking legitimate household-member sign-ups.
- login: 10 attempts per IP per 15min. Slows credential stuffing while
  giving typo-prone users headroom.
2026-05-09 09:01:33 -05:00
proof-of-work
Self-serve password change, admin user management, login/signup rate limit
2026-05-09 09:01:33 -05:00
start9/0.4
Multi-user: self-serve sign-up gated by admin-toggleable flag
2026-05-08 20:59:45 -05:00
.dockerignore
Rebrand to Proof of Work; multi-user 0.4 package with curated library sync
2026-05-08 20:12:25 -05:00
.gitignore
Rebrand to Proof of Work; multi-user 0.4 package with curated library sync
2026-05-08 20:12:25 -05:00
README.md
Multi-user: self-serve sign-up gated by admin-toggleable flag
2026-05-08 20:59:45 -05:00

README.md

Proof of Work

Self-hosted multi-user workout planner and logger. Plan training cycles, log daily workouts, search your history, and curate a shared exercise library across everyone on the instance. Distributed as a StartOS 0.4 sideload package.

Repo layout

proof-of-work/    Next.js app (TypeScript, Prisma + SQLite, Tailwind, PWA)
start9/0.4/       StartOS 0.4 package wrapper (manifest, Dockerfile,
                  entrypoint, version graph, change-credentials action)

Everything else is generated at build time.

Local development

cd proof-of-work
npm install
npx prisma generate       # important after schema changes
npx prisma db push        # create the dev DB at prisma/data/app.db
npm run db:seed           # admin@local / workout123 + curated library + admin flag
npm run dev               # http://localhost:3000

Multi-user

Every install starts with one admin user (admin@local) and sign-ups closed. To open the instance to additional users:

  • In-app: log in as admin -> Settings -> Instance Settings -> Allow new sign-ups.
  • StartOS: Services -> Proof of Work -> Actions -> Set new signups.

Both write to the same InstanceSettings row; either path works.

When sign-ups are open, anyone reaching the URL can create an account at /auth/signup. New users start with no admin privileges and are automatically seeded the full curated exercise library.

Building the StartOS package

See start9/0.4/DEPLOY_040.md for the full deployment / cutover guide. Short version:

cd start9/0.4
npm ci
make clean
make x86                  # produces proof-of-work_x86_64.s9pk
make install              # sideload to the host in ~/.startos/config.yaml

Curated exercise library

proof-of-work/prisma/exercises.seed.json is the canonical library shipped to every install. It seeds fresh installs (via prisma/seed.ts) and is re-applied on every boot to existing installs (via docker_entrypoint.sh + ensureExerciseLibrary.cjs) so updates flow to all users on package upgrade.

Refresh the JSON from the maintainer's live host:

./start9/0.4/refresh_seed.sh <ssh-target>     # pull a fresh /data snapshot
cd proof-of-work && npm run sync-library      # extract Exercise table -> JSON
git diff prisma/exercises.seed.json

The system is additive only — removing an exercise from the JSON does not delete it from existing installs (users may have logged sets against it). Users' own custom exercises (isCustom = true) are never touched.

Privacy

start9/0.4/seed/data/app.db is your live /data snapshot. It contains real workout history and a bcrypt'd password hash. The top-level .gitignore keeps it out of git; do NOT commit it to any public repo.

Reference in New Issue View Git Blame Copy Permalink
S
Description
No description provided
Readme 110 MiB
Languages
TypeScript 93.8%
Shell 2.6%
JavaScript 2.4%
Makefile 0.7%
Dockerfile 0.4%