From decb1580440e6081f3208908f159f763876be3db Mon Sep 17 00:00:00 2001 From: Bas van Rossem Date: Wed, 17 Jun 2026 17:06:28 +0200 Subject: [PATCH] docs: session log for cleanup + Phase 1 (web client) --- .../sessions/2026-06-17-phase-1-web-client.md | 47 +++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 docs/sessions/2026-06-17-phase-1-web-client.md diff --git a/docs/sessions/2026-06-17-phase-1-web-client.md b/docs/sessions/2026-06-17-phase-1-web-client.md new file mode 100644 index 0000000..d44e805 --- /dev/null +++ b/docs/sessions/2026-06-17-phase-1-web-client.md @@ -0,0 +1,47 @@ +# Session: 2026-06-17 — Cleanup, Phase 1 (web client), dev account + +## Goal +Lean the workspace down, then deliver Phase 1 (worker timing) as something testable fast. + +## Work done +1. **Removed ngrok** (`@expo/ngrok` + 40 binaries) — IT-flagged tunneling tool from Expo. (`3f2c5f0`) +2. **Full cleanup** (workflow) — deleted the legacy Create export: `apps/mobile`, `apps/web`, + `publisher/`, `previous work.md`, `.easignore`, `.eslintignore`, `.yarn/patches/`, and the + mobile-only root `resolutions`/eslint devDeps. Port-worthy knowledge extracted first to + `docs/reference/` (legacy-mobile-app / legacy-backend / legacy-lessons-and-gotchas). CLAUDE.md + + roadmap updated for the single-backend repo. (`c720865`, `64f8b2f`, `384797d`) +3. Trimmed obsolete `.yarnrc.yml` logFilters — surfaced a real **drizzle/better-auth peer-version + skew** (tracked as **SL-9**, non-blocking). (`4e9a966`) +4. **Phase 1** (workflow, after pivoting the client off Expo — see below): + - **Backend** (`apps/api`): domain tables `activities` + `work_sessions` (migration 0001), zod + contracts in `@solelog/shared`, user-scoped routes — activities CRUD, sessions + start/stop/discard, history, active-recovery, CSV export, seed, CORS. (`5780998`→`35f9aa5`) + - **Worker client** (`apps/worker`): fresh **Vite + React + TS PWA** (NO Expo), bearer-token auth, + Dutch Stopwatch / Geschiedenis / Instellingen on the API. (`3511fd8`→`bd8e8af`) + - CORS + trusted origins now from `CORS_ORIGINS` env (phone testing = config-only). (`34c48d6`) + - **Dev login** seeded by `db:seed`: `worker@solelog.local` / `werkplaats123` (dev-only). (`ec2bb7e`) + +## Key decision — client is a web app, NOT Expo +Maintainer prefers a non-Expo client (Expo brought ngrok + baggage). Built a Vite+React PWA instead. +Saved as memory `client-web-not-expo`. The first Phase 1 workflow (Expo) was stopped after its plan +commit (`27ae674`); relaunched on the web track. + +## Current state — TESTABLE +- `apps/` = `api` + `worker` only. Working tree clean. +- Verified: API 37 tests + typecheck green; worker 24 tests + typecheck + `vite build` green; **live** + end-to-end round-trip (auth → activities → start/stop session → history → CSV) all pass. +- Run it: terminal 1 `yarn workspace @solelog/api db:migrate; db:seed; start` (:3000); terminal 2 + `yarn workspace @solelog/worker dev` (:5173). Log in with the dev account above. + +## Plane +- **SL-10** Phase 1 (+ SL-11 backend, SL-12 worker client) → **Done**. +- **SL-9** drizzle/better-auth peer mismatch → open (non-blocking). + +## Known non-blocking items +- Set a real `BETTER_AUTH_SECRET` before any deploy (Phase 5). +- Activities are global until per-user/role scoping in **Phase 2**. +- CSV uses host timezone (carried from legacy). + +## Next +**Phase 2 — Accounts & roles**: worker/admin roles, admin-creates-users, per-user data scoping. +(Its own spec → plan → build cycle. Roadmap: `docs/roadmap.md` §9.)