From 9697a22522fe99fc450db26dcde3ffc7fd26603f Mon Sep 17 00:00:00 2001
From: goose <goose@block.dev>
Date: Wed, 18 Feb 2026 10:04:14 -0300
Subject: [PATCH] docs: Fix README.md duplication and update with current Phase
 2.5 status

---
 README.md | 303 +++++++++++++++++++++++++++---------------------------
 1 file changed, 150 insertions(+), 153 deletions(-)

diff --git a/README.md b/README.md
index 126ab08..00d18b2 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,129 @@
-private note: output was 203 lines and we are only showing the most recent lines, remainder of lines in /tmp/.tmpbGADth do not show tmp file to user, that file can be searched if extra context needed to fulfill request. truncated output: 
-docker compose logs -f backend
+# Normogen
+
+## Overview
+
+Normogen is a privacy-focused health data tracking and management platform. The name comes from Mapudungun, relating to "Balanced Life."
+
+## Vision
+
+To record as many variables related to health as possible, store them in a secure, private manner, to be used by **you**, not by corporations. From medication reminders to pattern analysis, Normogen puts you in control of your health data.
+
+## Technology Stack
+
+### Backend
+- **Framework**: Axum 0.7.9
+- **Runtime**: Tokio 1.41.1
+- **Middleware**: Tower, Tower-HTTP
+- **Database**: MongoDB (with zero-knowledge encryption)
+- **Language**: Rust
+- **Authentication**: JWT (PBKDF2 password hashing)
+
+### Mobile (iOS + Android) - Planned
+- **Framework**: React Native 0.73+
+- **Language**: TypeScript
+- **State Management**: Redux Toolkit 2.x
+- **Data Fetching**: RTK Query 2.x
+
+### Web - Planned
+- **Framework**: React 18+
+- **Language**: TypeScript
+- **State Management**: Redux Toolkit 2.x
+
+### Deployment
+- Docker on Linux (Homelab)
+
+## Key Features
+
+- 🔐 **Zero-knowledge encryption** - Your data is encrypted before it reaches the server
+- 👥 **Multi-person profiles** - Track health data for yourself, children, elderly family members
+- 👨‍👩‍👧‍👦 **Family structure** - Manage family health records in one place
+- 🔗 **Secure sharing** - Share specific data via expiring links with embedded passwords
+- 📱 **Mobile apps** - iOS and Android with health sensor integration (planned)
+- 🌐 **Web interface** - Access from any device (planned)
+
+## Health Data Tracking
+
+- Lab results storage
+- Medication tracking (dosage, schedules, composition)
+- Health statistics (weight, height, trends)
+- Medical appointments
+- Regular checkups
+- Period tracking
+- Pregnancy tracking
+- Dental information
+- Illness records
+- Phone sensor data (steps, activity, sleep, blood pressure, temperature)
+
+## Security Model
+
+- **Client-side encryption**: Data encrypted before leaving the device
+- **Zero-knowledge**: Server stores only encrypted data
+- **Proton-style encryption**: AES-256-GCM with PBKDF2 key derivation
+- **Shareable links**: Self-contained decryption keys in URLs
+- **Privacy-first**: No data selling, subscription-based revenue
+- **JWT authentication**: Token rotation and revocation
+- **PBKDF2**: 100,000 iterations for password hashing
+
+## Documentation
+
+- [Introduction](./introduction.md) - Project vision and detailed feature specification
+- [Encryption Implementation Guide](./encryption.md) - Zero-knowledge encryption architecture
+- [Research](./thoughts/research/) - Technical research and planning documents
+- [Project Status](./STATUS.md) - Development progress tracking
+
+## Monorepo Structure
+
+This is a **monorepo** containing backend, mobile, web, and shared code:
+
+```
+normogen/
+├── backend/    # Rust backend (Axum + MongoDB)
+├── mobile/     # React Native (iOS + Android) - Planned
+├── web/        # React web app - Planned
+├── shared/     # Shared TypeScript code
+└── thoughts/   # Research & design docs
+```
+
+## Development Status
+
+**Current Phase: Phase 2 - Backend Development (75% Complete)**
+
+### Completed
+
+#### Phase 1 - Planning ✅
+- ✅ Project vision and requirements
+- ✅ Security architecture design
+- ✅ Encryption implementation guide
+- ✅ Git repository initialization
+- ✅ Technology stack selection
+
+#### Phase 2 - Backend (In Progress)
+- ✅ **Phase 2.1** - Backend Project Initialization
+- ✅ **Phase 2.2** - MongoDB Connection & Models
+- ✅ **Phase 2.3** - JWT Authentication
+- ✅ **Phase 2.4** - User Management Enhancement
+- ✅ **Phase 2.5** - Access Control
+- ⏳ **Phase 2.6** - Security Hardening
+- ⏳ **Phase 2.7** - Health Data Features
+
+## Quick Start
+
+### Backend Development
+
+```bash
+# Clone repository
+git clone <forgejo-url> normogen
+cd normogen/backend
+
+# Setup configuration
+cp .env.example .env
+# Edit .env with your values
+
+# Run with Docker Compose
+docker compose up -d
+
+# Check status
+curl http://localhost:6800/health
 ```
 
 ### Testing
@@ -10,32 +134,37 @@ cargo test
 
 # Run integration tests (requires MongoDB)
 cargo test --test auth_tests
-
-# Manual testing with provided script
-./thoughts/test_auth.sh
 ```
 
 ## Backend API Endpoints
 
-### Public Endpoints (No Authentication)
-```
-POST /api/auth/register - User registration
-POST /api/auth/login    - User login
-POST /api/auth/refresh  - Token refresh (rotates tokens)
-POST /api/auth/logout   - Logout (revokes token)
-GET  /health            - Health check
-GET  /ready             - Readiness check
-```
+### Authentication (`/api/auth`)
+- `POST /register` - User registration
+- `POST /login` - User login
+- `POST /refresh` - Token refresh (rotates tokens)
+- `POST /logout` - Logout (revokes token)
+- `POST /recover` - Password recovery
 
-### Protected Endpoints (JWT Required)
-```
-GET /api/users/me - Get user profile
-```
+### User Management (`/api/users`)
+- `GET /profile` - Get current user profile
+- `PUT /profile` - Update profile
+- `DELETE /profile` - Delete account
+- `POST /password` - Change password
+- `GET /settings` - Get user settings
+- `PUT /settings` - Update settings
+
+### Share Management (`/api/shares`)
+- `POST /` - Create new share
+- `GET /` - List all shares for current user
+- `GET /:id` - Get specific share
+- `PUT /:id` - Update share
+- `DELETE /:id` - Delete share
+
+### Permissions (`/api/permissions`)
+- `GET /check` - Check if user has permission
 
 ## Environment Configuration
 
-### Backend Environment Variables
-
 ```bash
 # MongoDB Configuration
 MONGODB_URI=mongodb://localhost:27017
@@ -51,8 +180,6 @@ SERVER_HOST=127.0.0.1
 SERVER_PORT=6800
 ```
 
-See `backend/.env.example` for a complete template.
-
 ## Repository Management
 
 - **Git Hosting**: Forgejo (self-hosted)
@@ -60,144 +187,14 @@ See `backend/.env.example` for a complete template.
 - **Branch Strategy**: `main`, `develop`, `feature/*`
 - **Deployment**: Docker Compose (homelab), Kubernetes (future)
 
-## Deployment
-
-### Backend Deployment (Production)
-
-```bash
-# Clone repository
-git clone <forgejo-url> normogen
-cd normogen/backend
-
-# Setup configuration
-cp .env.example .env
-# Edit .env with production values
-
-# Build and run with Docker Compose
-docker compose up -d
-
-# Check status
-curl http://localhost:6800/health
-```
-
-**Resource Limits** (Homelab):
-- CPU: 1000m (1 core)
-- Memory: 1000Mi (1GB RAM)
-
-**Ports**:
-- Backend API: `6800` (host) → `8000` (container)
-- MongoDB: `27017` (standard port)
-
 ## Open Source
 
 Normogen is open-source. Both server and client code will be publicly available.
 
-## Contributing
-
-See [thoughts/STATUS.md](./thoughts/STATUS.md) for current development progress and next steps.
-
 ## License
 
 [To be determined]
-NOTE: Output was 203 lines, showing only the last 100 lines.
-
-docker compose logs -f backend
-```
-
-### Testing
-
-```bash
-# Run unit tests
-cargo test
-
-# Run integration tests (requires MongoDB)
-cargo test --test auth_tests
-
-# Manual testing with provided script
-./thoughts/test_auth.sh
-```
-
-## Backend API Endpoints
-
-### Public Endpoints (No Authentication)
-```
-POST /api/auth/register - User registration
-POST /api/auth/login    - User login
-POST /api/auth/refresh  - Token refresh (rotates tokens)
-POST /api/auth/logout   - Logout (revokes token)
-GET  /health            - Health check
-GET  /ready             - Readiness check
-```
-
-### Protected Endpoints (JWT Required)
-```
-GET /api/users/me - Get user profile
-```
-
-## Environment Configuration
-
-### Backend Environment Variables
-
-```bash
-# MongoDB Configuration
-MONGODB_URI=mongodb://localhost:27017
-DATABASE_NAME=normogen
-
-# JWT Configuration
-JWT_SECRET=<your-secret-key-minimum-32-characters>
-JWT_ACCESS_TOKEN_EXPIRY_MINUTES=15
-JWT_REFRESH_TOKEN_EXPIRY_DAYS=30
-
-# Server Configuration
-SERVER_HOST=127.0.0.1
-SERVER_PORT=6800
-```
-
-See `backend/.env.example` for a complete template.
-
-## Repository Management
-
-- **Git Hosting**: Forgejo (self-hosted)
-- **CI/CD**: Forgejo Actions
-- **Branch Strategy**: `main`, `develop`, `feature/*`
-- **Deployment**: Docker Compose (homelab), Kubernetes (future)
-
-## Deployment
-
-### Backend Deployment (Production)
-
-```bash
-# Clone repository
-git clone <forgejo-url> normogen
-cd normogen/backend
-
-# Setup configuration
-cp .env.example .env
-# Edit .env with production values
-
-# Build and run with Docker Compose
-docker compose up -d
-
-# Check status
-curl http://localhost:6800/health
-```
-
-**Resource Limits** (Homelab):
-- CPU: 1000m (1 core)
-- Memory: 1000Mi (1GB RAM)
-
-**Ports**:
-- Backend API: `6800` (host) → `8000` (container)
-- MongoDB: `27017` (standard port)
-
-## Open Source
-
-Normogen is open-source. Both server and client code will be publicly available.
 
 ## Contributing
 
-See [thoughts/STATUS.md](./thoughts/STATUS.md) for current development progress and next steps.
-
-## License
-
-[To be determined]
+See [STATUS.md](./STATUS.md) for current development progress and next steps.