alvaro/normogen
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
normogen/thoughts/research/2026-01-04-1840-normogen-mvp-definition.md
goose e72602d784 Initial commit: Project setup and documentation 
- Initialize Normogen health tracking platform
- Add comprehensive project documentation
- Add zero-knowledge encryption implementation guide
- Set up .gitignore for Rust/Node.js/mobile development
- Create README with project overview and roadmap

Project is currently in planning phase with no implementation code yet.
2026-02-14 11:11:06 -03:00

361 lines
11 KiB
Markdown
Raw Blame History

---
date: 2026-01-04T18:40:30-03:00
git_commit: N/A (not a git repository)
branch: N/A
repository: normogen
topic: "Normogen MVP Definition - Auth + Basic Health Tracking"
tags: [research, mvp, planning, requirements, open-questions]
status: complete
---
# Research: Normogen MVP Definition
## Research Question
Define the MVP (Minimum Viable Product) scope for Normogen based on stakeholder decision: basic health tracking + authentication.
## Summary
**MVP Scope:** Authentication system + Basic health tracking features
**Critical Decisions Made:**
- MVP will include user authentication and basic health tracking
- All other technical choices remain as open research questions
---
## MVP Requirements
### 1. Authentication System
#### Core Features
- User registration and login
- Secure password storage (hashing + salting)
- Session management
- Password reset flow
- Basic API authentication (JWT tokens)
#### User Model
```
User
- id: UUID
- email: string (unique)
- password_hash: string
- created_at: timestamp
- updated_at: timestamp
```
#### Security Requirements
- HTTPS only for production
- Password requirements enforcement
- Rate limiting on auth endpoints
- Secure session management
---
### 2. Basic Health Tracking
#### Core Health Metrics
Based on introduction.md and mobile health framework research (see `2026-01-05-mobile-health-frameworks-data.md`):
**Phase 1 - Manual Entry (MVP):**
**Tracked Metrics:**
- Weight (with timestamp)
- Height (with timestamp)
- Age (calculated from birthdate)
**Phase 2 - Mobile Integration (Post-MVP):**
Additional metrics available from Apple HealthKit and Google Health Connect:
- **Vitals:** Heart rate, blood pressure, body temperature, respiratory rate, SpO2
- **Activity:** Steps, distance, active energy/calories
- **Sleep:** Sleep duration and basic stages
- **Body Composition:** Body fat percentage, BMI
See research document for complete list of 50+ available data types.
**Data Model (MVP - Phase 1):**
```
Person
- id: UUID
- user_id: UUID (foreign key to User)
- name: string
- birthdate: date
- created_at: timestamp
HealthMetric
- id: UUID
- person_id: UUID (foreign key to Person)
- metric_type: enum (weight, height)
- value: decimal
- unit: string (kg, cm, etc.)
- recorded_at: timestamp
- created_at: timestamp
```
**Data Model (Phase 2 - Mobile Integration):**
```
-- Additional columns for mobile health framework integration
HealthMetric
- metric_source: enum (manual, healthkit, healthconnect, device)
- source_device_id: string (e.g., "com.apple.health.Health")
- accuracy: decimal (sensor accuracy 0.0-1.0)
- metadata: JSONB (platform-specific data)
-- New tables for sync tracking
health_metric_sources (platform, device_name, sync timestamps)
sync_history (import records, conflicts, errors)
```
#### Features (Phase 1 - MVP)
- Manual entry of weight and height
- View health metric history
- Basic chart/visualization of metrics over time
- Multiple person profiles (e.g., tracking children's data)
#### Features (Phase 2 - Mobile Integration)
- Automatic sync from Apple HealthKit (iOS)
- Automatic sync from Google Health Connect (Android)
- Background sync every 15-30 minutes
- Historical data import (last 30 days)
- Support for 50+ health data types
- Conflict resolution when same metric from multiple sources
---
## Out of Scope for MVP
Features from introduction.md that are **NOT** in MVP:
### Not Included (Future Phases)
- Lab results storage
- Medication tracking and reminders
- Medical appointments
- Period tracking
- Pregnancy tracking
- Dental information
- Illness records
- Phone app features (pill reminders, QR scanner, sensors)
- Plugin system
- Data sharing with external users
- Advanced encryption for partial access
- Mobile apps (MVP will be web-only)
---
## Technical Architecture for MVP
### Backend (Rust)
**Still needs research:**
- Web framework choice (Actix, Axum, Rocket)
- Database selection (PostgreSQL, MongoDB, SQLite)
- ORM/database library choice
- Authentication library selection
### Frontend (Node.js Web)
**Still needs research:**
- Frontend framework (React, Vue, Svelte, plain JS)
- UI component library
- State management approach
- Build tool choice
### Database Schema (MVP)
```sql
-- Users table
CREATE TABLE users (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
email VARCHAR(255) UNIQUE NOT NULL,
password_hash VARCHAR(255) NOT NULL,
created_at TIMESTAMP DEFAULT NOW(),
updated_at TIMESTAMP DEFAULT NOW()
);
-- Persons table (for multi-person tracking)
CREATE TABLE persons (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
name VARCHAR(255) NOT NULL,
birthdate DATE,
created_at TIMESTAMP DEFAULT NOW()
);
-- Health metrics table
CREATE TABLE health_metrics (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
person_id UUID NOT NULL REFERENCES persons(id) ON DELETE CASCADE,
metric_type VARCHAR(50) NOT NULL, -- 'weight', 'height'
value DECIMAL(10, 2) NOT NULL,
unit VARCHAR(20) NOT NULL, -- 'kg', 'cm', 'lbs', 'in'
recorded_at TIMESTAMP NOT NULL,
created_at TIMESTAMP DEFAULT NOW()
);
-- Indexes for performance
CREATE INDEX idx_health_metrics_person ON health_metrics(person_id);
CREATE INDEX idx_health_metrics_type ON health_metrics(metric_type);
CREATE INDEX idx_health_metrics_recorded ON health_metrics(recorded_at DESC);
```
---
## API Endpoints (MVP)
### Authentication
```
POST /api/auth/register - Register new user
POST /api/auth/login - Login user
POST /api/auth/logout - Logout user
POST /api/auth/refresh - Refresh JWT token
POST /api/auth/forgot-password - Initiate password reset
POST /api/auth/reset-password - Complete password reset
```
### Persons
```
GET /api/persons - List all persons for current user
POST /api/persons - Create new person profile
GET /api/persons/:id - Get person details
PUT /api/persons/:id - Update person details
DELETE /api/persons/:id - Delete person profile
```
### Health Metrics
```
GET /api/persons/:id/metrics - Get all metrics for a person
POST /api/persons/:id/metrics - Add new metric
GET /api/persons/:id/metrics/:type - Get metrics by type (weight/height)
DELETE /api/persons/:id/metrics/:metricId - Delete a metric entry
```
---
## User Stories (MVP)
### Authentication
1. As a new user, I can register with email and password
2. As a registered user, I can login with my credentials
3. As a logged-in user, I can logout securely
4. As a user who forgot their password, I can reset it via email
### Health Tracking
5. As a user, I can create profiles for myself and family members
6. As a user, I can record weight for any person in my account
7. As a user, I can record height for any person in my account
8. As a user, I can view a history of weight/height changes over time
9. As a user, I can see a simple chart showing weight trends
---
## MVP Success Criteria
### Functional Requirements
- [ ] User can register and login
- [ ] User can create multiple person profiles
- [ ] User can add weight and height measurements
- [ ] User can view historical data in a list
- [ ] User can see basic trend visualization
- [ ] Data persists across sessions
- [ ] User can delete their own data
### Non-Functional Requirements
- [ ] All passwords are hashed (never stored plaintext)
- [ ] API is secured with authentication on all endpoints
- [ ] Responsive web interface works on mobile browsers
- [ ] Application can handle 1000+ users
- [ ] Database queries complete in <100ms
- [ ] API response time <200ms for 95% of requests
### Security Requirements
- [ ] HTTPS in production
- [ ] SQL injection prevention
- [ ] XSS protection
- [ ] CSRF protection
- [ ] Input validation on all endpoints
- [ ] Rate limiting on auth endpoints
---
## Open Questions Requiring Further Research
### Priority 1 (Blocking for MVP)
1. **Rust Web Framework**
- Options: Actix, Axum, Rocket
- Criteria: Performance, ecosystem, learning curve, async support
- Research needed: Benchmark comparison, community adoption
2. **Database Selection**
- Options: PostgreSQL, MongoDB, SQLite
- Criteria: Query complexity, scaling needs, deployment simplicity
- Research needed: Data modeling comparison, hosting costs
3. **Authentication Library**
- Options: Custom JWT implementation, existing auth crates
- Criteria: Security audit history, maintenance status
- Research needed: Available crate reviews
4. **Frontend Framework**
- Options: React, Vue, Svelte, plain JavaScript
- Criteria: Bundle size, learning curve, ecosystem
- Research needed: Performance comparison for simple apps
### Priority 2 (Important but Not Blocking)
5. **ORM vs Raw SQL**
- Options: Diesel, SeaORM, sqlx, raw SQL
- Research needed: Type safety vs flexibility tradeoff
6. **Testing Framework**
- Unit tests, integration tests, E2E tests
- Research needed: Best practices for Rust + web testing
7. **Deployment Strategy**
- Docker setup, hosting provider (AWS, DigitalOcean, Railway?)
- Research needed: Cost comparison, ease of deployment
8. **UI Component Library**
- Material UI, Tailwind, Chakra UI, custom CSS
- Research needed: Speed of development for MVP
### Priority 3 (Nice to Have)
9. **Monitoring & Logging**
- Application performance monitoring
- Error tracking (Sentry, etc.)
10. **CI/CD Pipeline**
- GitHub Actions, GitLab CI, etc.
- Automated testing, deployment automation
---
## Next Steps
1. **Research Priority 1 questions** (Rust framework, database, auth library, frontend)
2. **Initialize Git repository**
3. **Create project structure** with chosen tech stack
4. **Implement authentication system** (register, login, JWT)
5. **Design and implement database schema** for users, persons, health metrics
6. **Build basic CRUD API** for persons and metrics
7. **Create simple web frontend** for auth and health tracking
8. **Add basic chart visualization** for trends
9. **Test end-to-end user flows**
10. **Deploy MVP**
---
## File References
**Design Document:**
- `/home/asoliver/desarrollo/normogen/introduction.md:1-82` - Complete project vision
**Research Document:**
- `/home/asoliver/desarrollo/normogen/thoughts/research/2026-01-04-1739-normogen-codebase-documentation.md` - Initial codebase assessment
**This Document:**
- `/home/asoliver/desarrollo/normogen/thoughts/research/2026-01-04-1840-normogen-mvp-definition.md`
---
## Notes
- MVP is intentionally simple to validate core concepts
- Future phases will add features from introduction.md
- Plugin system and advanced encryption deferred to post-MVP
- Mobile apps deferred to post-MVP (web-only for now)
- Focus on getting working code into users' hands quickly
Reference in a new issue View git blame Copy permalink