feat: migrate Flask API to Go with JWT auth
This commit is contained in:
Cipher Vance
179
TODO.md
179
TODO.md
@@ -1,98 +1,147 @@
|
||||
# TODO Features
|
||||
|
||||
## User Management
|
||||
- [ ] **User Registration & Login**: Email, OAuth (Google, Apple, Strava, Garmin).
|
||||
- [ ] **User Profile**: Bio, stats, zones (HR/Power), equipment, FTP history, weight.
|
||||
- [ ] **Password Recovery**: Email-based reset and magic-link login.
|
||||
- [ ] **Onboarding & Baselines**: Guided setup, baseline tests, auto zone calc.
|
||||
- [ ] **Account Roles**: Athlete, Coach, Admin; team/org workspaces.
|
||||
- [ ] **Multi-device Sessions**: Seamless handoff across web/mobile.
|
||||
- [x] **User Registration & Login**: Email authentication with JWT tokens
|
||||
- [x] **User Profile**: Bio, stats, zones (HR/Power), equipment, FTP, weight
|
||||
- [x] **Password Recovery**: Email-based reset with secure tokens
|
||||
- [ ] **OAuth Integration**: Google, Apple, Strava, Garmin
|
||||
- [ ] **Onboarding & Baselines**: Guided setup, baseline tests, auto zone calc
|
||||
- [ ] **Account Roles**: Athlete, Coach, Admin; team/org workspaces
|
||||
- [ ] **Multi-device Sessions**: Seamless handoff across web/mobile
|
||||
|
||||
## Workout Planning
|
||||
- [ ] **AI-Powered Planning**: Generate plans by goal, time, fitness level.
|
||||
- [ ] **Adaptive Scheduling**: Auto-reschedule based on missed sessions, fatigue, weather.
|
||||
- [ ] **Workout Scheduling**: Calendar view, drag-drop, ICS sync (Google/Apple/Outlook).
|
||||
- [ ] **Goal Setting & Tracking**: SMART goals with real-time progress bars.
|
||||
- [ ] **Templates Library**: Plan & session templates (endurance, threshold, VO2, strength).
|
||||
- [ ] **Export Structured Workouts**: .zwo (Zwift), Garmin FIT/Workout, Wahoo, TrainerRoad.
|
||||
- [ ] **Race/Event Planner**: Target events, taper builder, gear checklist.
|
||||
- [ ] **AI-Powered Planning**: Generate plans by goal, time, fitness level
|
||||
- [ ] **Adaptive Scheduling**: Auto-reschedule based on missed sessions, fatigue, weather
|
||||
- [ ] **Workout Scheduling**: Calendar view, drag-drop, ICS sync (Google/Apple/Outlook)
|
||||
- [ ] **Goal Setting & Tracking**: SMART goals with real-time progress bars
|
||||
- [ ] **Templates Library**: Plan & session templates (endurance, threshold, VO2, strength)
|
||||
- [ ] **Export Structured Workouts**: .zwo (Zwift), Garmin FIT/Workout, Wahoo, TrainerRoad
|
||||
- [ ] **Race/Event Planner**: Target events, taper builder, gear checklist
|
||||
|
||||
## Workout Tracking
|
||||
- [ ] **Workout Logging**: Exercises, sets/reps/weight; power, HR, cadence, GPS.
|
||||
- [ ] **Device Capture**: Live recording (Bluetooth/ANT+ when supported), file upload (FIT/TCX/GPX).
|
||||
- [ ] **Tags & Notes**: RPE, mood, conditions, injuries, equipment used.
|
||||
- [ ] **Equipment Tracking**: Bike/components mileage, service reminders.
|
||||
- [ ] **Workout Logging**: Exercises, sets/reps/weight; power, HR, cadence, GPS
|
||||
- [ ] **Device Capture**: Live recording (Bluetooth/ANT+ when supported), file upload (FIT/TCX/GPX)
|
||||
- [ ] **Tags & Notes**: RPE, mood, conditions, injuries, equipment used
|
||||
- [ ] **Equipment Tracking**: Bike/components mileage, service reminders
|
||||
|
||||
## Advanced Analytics
|
||||
- [ ] **Interactive Dashboards**: Charts for load (CTL/ATL/TSB), power curves, trends.
|
||||
- [ ] **Progress Insights (AI)**: Automatic highlights, plateau detection, anomaly alerts.
|
||||
- [ ] **Comparisons**: Before/after, season-over-season, segment/time comparisons.
|
||||
- [ ] **Custom Reports**: Export CSV/PDF; shareable report links.
|
||||
- [ ] **Interactive Dashboards**: Charts for load (CTL/ATL/TSB), power curves, trends
|
||||
- [ ] **Progress Insights (AI)**: Automatic highlights, plateau detection, anomaly alerts
|
||||
- [ ] **Comparisons**: Before/after, season-over-season, segment/time comparisons
|
||||
- [ ] **Custom Reports**: Export CSV/PDF; shareable report links
|
||||
|
||||
## Training & Coaching
|
||||
- [ ] **Coaching & Guidance**: Coach portal, athlete assignments, plan reviews.
|
||||
- [ ] **Virtual Training Rides**: Integrations with Zwift/Rouvy/RGT; video routes.
|
||||
- [ ] **Structured Workouts**: Interval builder with targets (%FTP, %HRR, RPE).
|
||||
- [ ] **Messaging**: Coach–athlete chat, comments on sessions, file attachments.
|
||||
- [ ] **Coaching & Guidance**: Coach portal, athlete assignments, plan reviews
|
||||
- [ ] **Virtual Training Rides**: Integrations with Zwift/Rouvy/RGT; video routes
|
||||
- [ ] **Structured Workouts**: Interval builder with targets (%FTP, %HRR, RPE)
|
||||
- [ ] **Messaging**: Coach–athlete chat, comments on sessions, file attachments
|
||||
|
||||
## Nutrition & Recovery
|
||||
- [ ] **Nutrition Planning**: Meal plans, macros, carb periodization.
|
||||
- [ ] **Nutrition Tracking**: Food log, barcode/manual entry, hydration tracking.
|
||||
- [ ] **Recovery Optimization**: Sleep/HRV import, readiness score, rest day prompts.
|
||||
- [ ] **Injury Prevention & Management**: Screeners, red-flag alerts, return-to-ride flow.
|
||||
- [ ] **Supplement & Allergy Flags**: Notes and reminders in plan builder.
|
||||
- [ ] **Nutrition Planning**: Meal plans, macros, carb periodization
|
||||
- [ ] **Nutrition Tracking**: Food log, barcode/manual entry, hydration tracking
|
||||
- [ ] **Recovery Optimization**: Sleep/HRV import, readiness score, rest day prompts
|
||||
- [ ] **Injury Prevention & Management**: Screeners, red-flag alerts, return-to-ride flow
|
||||
- [ ] **Supplement & Allergy Flags**: Notes and reminders in plan builder
|
||||
|
||||
## Community & Social
|
||||
- [ ] **Social Sharing**: One-click share to Strava/social with privacy controls.
|
||||
- [ ] **Community Forum**: Topics, groups/clubs, moderation tools.
|
||||
- [ ] **Leaderboards**: Global, club, event, and route/segment leaderboards.
|
||||
- [ ] **Challenges & Streaks**: Time-boxed events, badges, streak protection.
|
||||
- [ ] **Social Sharing**: One-click share to Strava/social with privacy controls
|
||||
- [ ] **Community Forum**: Topics, groups/clubs, moderation tools
|
||||
- [ ] **Leaderboards**: Global, club, event, and route/segment leaderboards
|
||||
- [ ] **Challenges & Streaks**: Time-boxed events, badges, streak protection
|
||||
|
||||
## Gamification & Engagement
|
||||
- [ ] **Achievements & Badges**: Milestones (consistency, PRs, climbing, streaks).
|
||||
- [ ] **Personalized Recommendations (AI)**: Next best workout, videos, articles.
|
||||
- [ ] **Rewards & Incentives**: Points store, partner discounts, raffles.
|
||||
- [ ] **Achievements & Badges**: Milestones (consistency, PRs, climbing, streaks)
|
||||
- [ ] **Personalized Recommendations (AI)**: Next best workout, videos, articles
|
||||
- [ ] **Rewards & Incentives**: Points store, partner discounts, raffles
|
||||
|
||||
## Integrations & Data
|
||||
- [ ] **Wearable Sync**: Garmin, Wahoo, COROS, Apple Health, Google Fit.
|
||||
- [ ] **Platform Sync**: Strava, TrainingPeaks, Intervals.icu (calendar + workout push).
|
||||
- [ ] **Music Integration**: Spotify/Apple Music workout-matched playlists.
|
||||
- [ ] **Data Import/Export**: Bulk FIT/TCX/GPX import; CSV/JSON export; takeout ZIP.
|
||||
- [ ] **Public API & Webhooks**: For partners, coaches, clubs.
|
||||
- [ ] **Wearable Sync**: Garmin, Wahoo, COROS, Apple Health, Google Fit
|
||||
- [ ] **Platform Sync**: Strava, TrainingPeaks, Intervals.icu (calendar + workout push)
|
||||
- [ ] **Music Integration**: Spotify/Apple Music workout-matched playlists
|
||||
- [ ] **Data Import/Export**: Bulk FIT/TCX/GPX import; CSV/JSON export; takeout ZIP
|
||||
- [ ] **Public API & Webhooks**: For partners, coaches, clubs
|
||||
|
||||
## Notifications & Comms
|
||||
- [ ] **Reminders**: Email, push, SMS; smart timing.
|
||||
- [ ] **Digest Emails**: Weekly plan, monthly progress.
|
||||
- [ ] **Real-time Alerts**: Overtraining risk, missed session, weather hazard.
|
||||
- [ ] **Reminders**: Email, push, SMS; smart timing
|
||||
- [ ] **Digest Emails**: Weekly plan, monthly progress
|
||||
- [ ] **Real-time Alerts**: Overtraining risk, missed session, weather hazard
|
||||
|
||||
## Accessibility & Internationalization
|
||||
- [ ] **A11y**: WCAG 2.2 AA, keyboard nav, screen reader labels.
|
||||
- [ ] **Localization**: i18n framework, units (imperial/metric), timezones.
|
||||
- [ ] **Color-blind Safe Palettes**: Analytics & maps.
|
||||
- [ ] **A11y**: WCAG 2.2 AA, keyboard nav, screen reader labels
|
||||
- [ ] **Localization**: i18n framework, units (imperial/metric), timezones
|
||||
- [ ] **Color-blind Safe Palettes**: Analytics & maps
|
||||
|
||||
## Mobile & Apps
|
||||
- [ ] **PWA Offline Mode**: Log workouts offline; sync when online.
|
||||
- [ ] **Native App Shell**: Background sync, notifications, wearables bridge.
|
||||
- [ ] **PWA Offline Mode**: Log workouts offline; sync when online
|
||||
- [ ] **Native App Shell**: Background sync, notifications, wearables bridge
|
||||
|
||||
## Security, Privacy & Compliance
|
||||
- [ ] **Privacy Controls**: Public/private by item, club privacy, anonymized leaderboards.
|
||||
- [ ] **Data Protection**: Encryption at rest/in transit, secrets rotation.
|
||||
- [ ] **Compliance**: GDPR/CCPA requests (export/delete), age gating, COPPA checks.
|
||||
- [ ] **Audit Logs**: Admin and coach actions.
|
||||
- [ ] **Privacy Controls**: Public/private by item, club privacy, anonymized leaderboards
|
||||
- [ ] **Data Protection**: Encryption at rest/in transit, secrets rotation
|
||||
- [ ] **Compliance**: GDPR/CCPA requests (export/delete), age gating, COPPA checks
|
||||
- [ ] **Audit Logs**: Admin and coach actions
|
||||
|
||||
## Admin, Billing & Ops
|
||||
- [ ] **Admin Console**: User management, feature flags, content moderation.
|
||||
- [ ] **Subscriptions**: Free/Pro/Coach tiers, trials, coupons, taxes (Stripe).
|
||||
- [ ] **Telemetry & Observability**: Metrics, tracing, error reporting, uptime SLOs.
|
||||
- [ ] **Scalability**: Queueing for imports/exports, background jobs.
|
||||
- [ ] **Backups & DR**: Automated backups, restore drills, RTO/RPO defined.
|
||||
- [ ] **Admin Console**: User management, feature flags, content moderation
|
||||
- [ ] **Subscriptions**: Free/Pro/Coach tiers, trials, coupons, taxes (Stripe)
|
||||
- [ ] **Telemetry & Observability**: Metrics, tracing, error reporting, uptime SLOs
|
||||
- [ ] **Scalability**: Queueing for imports/exports, background jobs
|
||||
- [ ] **Backups & DR**: Automated backups, restore drills, RTO/RPO defined
|
||||
|
||||
## Content & Library
|
||||
- [ ] **Exercise Library**: Strength/mobility videos with cues and progressions.
|
||||
- [ ] **Knowledge Base**: Articles on training, nutrition, recovery.
|
||||
- [ ] **Route Library**: GPX planner/import, elevation profiles, weather overlays.
|
||||
- [ ] **Exercise Library**: Strength/mobility videos with cues and progressions
|
||||
- [ ] **Knowledge Base**: Articles on training, nutrition, recovery
|
||||
- [ ] **Route Library**: GPX planner/import, elevation profiles, weather overlays
|
||||
|
||||
## Possible Future Features
|
||||
- [ ] **Virtual Reality (VR) Integration**: Immersive rides with real-time metrics.
|
||||
- [ ] **Augmented Reality (AR) Integration**: HUD overlays during rides.
|
||||
- [ ] **Machine Learning (ML) Integration**: Injury risk models, plan optimization, weather-aware ETA and fueling estimates.
|
||||
- [ ] **Virtual Reality (VR) Integration**: Immersive rides with real-time metrics
|
||||
- [ ] **Augmented Reality (AR) Integration**: HUD overlays during rides
|
||||
- [ ] **Machine Learning (ML) Integration**: Injury risk models, plan optimization, weather-aware ETA and fueling estimates
|
||||
|
||||
---
|
||||
|
||||
## Completed - Phase 1: Authentication & User Management ✅
|
||||
|
||||
### Infrastructure
|
||||
- [x] Migrated from Python/Flask to Go with Chi router
|
||||
- [x] Restructured project with clean architecture (`cmd/`, `internal/`, `pkg/`)
|
||||
- [x] PostgreSQL + GORM ORM setup with migrations
|
||||
- [x] Docker/Podman containerization with multi-stage builds
|
||||
|
||||
### Authentication
|
||||
- [x] User signup with validation (username, email, password strength)
|
||||
- [x] User login with JWT tokens (access + refresh)
|
||||
- [x] Password hashing with bcrypt
|
||||
- [x] Protected routes with Bearer token authentication
|
||||
- [x] Password reset flow with email tokens
|
||||
|
||||
### User Profiles
|
||||
- [x] User model with relationships (Profile, PasswordReset, Sessions)
|
||||
- [x] User profile with stats (HR zones, FTP, weight, total rides, distance, time)
|
||||
- [x] Email service integration (Resend) for notifications
|
||||
- [x] Automatic profile creation on user signup
|
||||
|
||||
### Code Quality
|
||||
- [x] Repository pattern for data access
|
||||
- [x] Service layer for business logic
|
||||
- [x] Auth middleware for protected routes
|
||||
- [x] Error handling and validation
|
||||
- [x] Environment configuration with .env
|
||||
|
||||
---
|
||||
|
||||
## Next Phase: Phase 2 - User Profiles & Stats Endpoints
|
||||
|
||||
### Planned Features
|
||||
- [ ] GET/PUT `/api/protected/profile` - Full profile management
|
||||
- [ ] POST/GET `/api/equipment` - Bike/gear management
|
||||
- [ ] POST/GET `/api/stats` - Ride statistics
|
||||
- [ ] GET `/api/zones` - Calculate training zones (auto from FTP/HR)
|
||||
- [ ] Equipment tracking (brand, model, weight, mileage)
|
||||
- [ ] Stats aggregation and trending
|
||||
|
||||
### After Phase 2: Phase 3 - OAuth Integration
|
||||
- [ ] Google OAuth 2.0
|
||||
- [ ] Strava API integration
|
||||
- [ ] Apple Sign-In
|
||||
- [ ] Garmin Connect
|
||||
Reference in New Issue
Block a user