DevPulse: DevLog #3 – Ship Day

Today was the day DevPulse went live. After two devlogs of architecture and backend work, this session was about closing the loop — wiring the frontend, surviving some brutal debugging, and actually deploying to production.

The Dashboard Comes Alive

The frontend was the last big piece. I built the full dashboard in vanilla JS and HTML — stat cards with live counters, a real-time activity feed, language bars, share/embed section, and settings. No framework, just clean DOM manipulation talking directly to the C++ backend over WebSockets.

The design follows the same philosophy as the backend: minimal dependencies, maximum control.

The Bug That Broke Everything

This is the one I’ll remember.

I opened dashboard.js in my editor, made some changes, and the app broke completely. The dashboard was permanently stuck on “Loading…” — nothing rendered, no errors I could find at first.

After digging into the network tab I found the real culprit: the file was 0 bytes. My editor had crashed mid-save and truncated the entire file to nothing. Docker had then faithfully copied the empty file into the container, so loadMe was never defined — hence the ReferenceError: Can't find variable: loadMe in the console.

On top of that, the first time I logged in via GitHub OAuth, the JS files were being fetched by GitHub’s servers (140.82.121.5), not my browser — which meant the browser never got them at all. The inline bootstrap script fired before the files loaded and called a function that didn’t exist yet.

The fix was twofold: restore the file, and move the bootstrap IIFE into dashboard.js itself so it only runs once the file is actually parsed.

Landing Page Redesign

The original landing page was functional but generic. I rebuilt it from scratch:

• Grid background with an indigo glow orb
• Space Mono for all numbers and code elements, DM Sans for body copy
• Bento grid feature layout
• Terminal mockup showing the webhook flow in real time
• Live demo profile preview with animated commit ticker
• Scroll reveal animations on every section

The goal was for it to feel like a real product, not a side project.

Demo Account

Since reviewers can’t sign in with their own GitHub to see the dashboard, I hardcoded a demo account (hackclub-demo) that seeds itself on every server startup via seedDemoAccount() in main.cpp. It has realistic stats, language breakdown, and activity feed entries — all inserted directly via SQLite at boot. No CLI, no manual steps, survives every deploy.

Deployment

Deployed to Fly.io with a persistent SQLite volume. The whole stack — C++ binary, static files, SQLite DB — runs in a single 512MB container. Cold starts are fast because there’s no runtime to boot, just an executable.

Fly config gotcha: I had both [http_service] and [[services]] defined, which caused duplicate port binding. Removed the [[services]] block and the health check was pointed at /health which didn’t exist — changed it to /.

What’s Live

• devpulse.fly.dev
• devpulse.fly.dev/u/hackclub-demo
• Embeddable SVG badge: ![DevPulse](https://devpulse.fly.dev/badge/hackclub-demo)

DevPulse: DevLog #2 – Wiring the C++ Engine
Today was about integration. I moved from standalone service headers to a fully functional main.cpp.

• Hardened Headers: I implemented addSecurityHeaders() to inject CSP (Content Security Policy), HSTS, and X-XSS protection into every response.
• The Session Handshake: I built a custom session extractor. It doesn’t just read a cookie; it validates the token length and uses a secure safeCompare to prevent timing attacks.
• CSRF Protection: Implemented a double-submit cookie pattern for state-changing requests, ensuring that the dashboard isn’t vulnerable to cross-site exploits.
• The Stats & Badge Engine
  One of the coolest parts of today was building the SVG Badge Generator.
  Instead of just serving JSON, I wrote a C++ helper that dynamically generates SVG code. This allows users to embed their “DevPulse” directly into their GitHub READMEs.
• JSON Composition: I wrote buildProfileJson, which aggregates data from the user table, the stats cache, and the activity feed into a single, optimized response. This minimizes database round-trips and keeps the “Pulse” fast.
• Performance & Rate Limiting
• Privacy-First Rate Limiting: I implemented an IP-based rate limiter, but with a twist: I hash the user’s IP address before storing it to avoid keeping PII (Personally Identifiable Information) in the memory/DB logs.
• Environment Management: Wrote a custom .env loader to handle secrets like GitHub Client IDs without hardcoding them into the binary.
• The C++ Advantage
  The more I build, the more I see why C++ is the right choice for this. The way the server handles WebSockets and background threads for stats refreshing is incredibly lightweight compared to a typical Node.js overhead.
  Current Stack Progress:
• Security Middleware (Headers/CSRF)
• Session & Auth Logic
• Dynamic SVG Generation
• SQLite Integration
  Next up: Building the Frontend of DevPulse

MINOR UPDATE
I optimized FocusForge mobile version so it’s easier to use and looking better, I also added user input validation on all fields to prevent attacks such as SQL injection and XSS. additionally I change some UI elements so its more polished and complete looking. Any suggestions or improvements are welcome :)

DevPulse: DevLog #1 – Core Architecture & Security Hardening
Today’s focus was on laying the groundwork for the backend.

Security & Input Handling (security.h)
I started by implementing a dedicated security header. Since C++ gives you direct memory access, I wanted to address the OWASP Top 10 from the first line of code.

• Sanitization: Implemented manual input filtering to prevent SQL injection and XSS.
• CSRF/Headers: Started logic for secure cookie handling and security headers.
• Database Schema & User Logic
  I finalized the SQLite schema. I decided to decouple the users table from a stats_cache table. This allows the background worker to update GitHub activity (commits, languages, streaks) without locking the primary user record. The user_service.h now handles the CRUD operations for user profiles and maps DB rows to C++ structs.
• GitHub Integration (github_service.h)
  This module handles the OAuth 2.0 handshake. I’m using the CPR (C++ Requests) library to interface with GitHub’s REST API.
• OAuth Flow: Handled the exchange of the temporary code for an access token.
• Data Fetching: Wrote the logic to fetch user JSON data. The main challenge here is safely parsing nested JSON fields (using nlohmann/json) into local database types while handling potential API rate limits or malformed responses.
• Real-time State (ws_manager.h)
  To achieve the “Pulse” effect, I built a WebSocket connection manager. It tracks active client connections and provides an interface for the backend to “push” updates to the frontend. This means when a GitHub webhook or a background refresh triggers a change in stats, the dashboard can update instantly without a page reload.
• Next Steps:
  The skeleton is functional. Tomorrow, I’ll be working on the background refresh thread—it needs to cycle through the database and update stats for all users every 10–15 minutes without blocking the main event loop.

DEVLOG #6
Today i added a proper landing page so anyone landing on the repo immediately understands what the app does.On the UI side, I introduced dashboard stats, including total exams, next exam countdown, and completion rate. This turns the dashboard from a static list into something that actually communicates progress and status at a glance.I added a 404 page to handle broken routes cleanly, which is a small detail but makes the app feel more complete and intentional.
I also reworded the email reminder sent with a custom template instead of plain text. Finally, I implemented an AI study plan system with a local fallback algorithm, so the app can still generate structured study schedules even when external AI services are unavailable. It keeps the core feature functional no matter what.

DEVLOG #5
Today I pushed FocusForge forward in a meaningful way. I expanded accessibility by adding full translations in Greek, Spanish, French, and Italian. This opens the product to a much wider audience and improves usability for non English users.
I also implemented Google Sign In and Sign Up. This reduces friction in the onboarding flow and makes account creation faster and more reliable. Alongside that, I fixed multiple UI and logic bugs that were affecting consistency and user experience. The interface is now cleaner, more predictable, and easier to navigate.Overall, this update focused on usability, accessibility, and stability.
Next step is to integrate AI powered study plan creation. The goal is to generate personalized plans based on user data.

DEVLOG #4
Today I made solid progress on Focus Forge. I implemented a full dark mode to improve usability in low-light environments and optimized the mobile experience for better responsiveness and layout consistency. I fixed bugs related to updating exams to ensure data integrity and a smoother user flow. I also integrated email reminders using SendGrid so users can receive timely notifications before exams. On the security side, I added input validation for username, password, and email fields to reduce risks like SQL injection, and introduced a temporary 10-minute suspension after 5 failed login attempts to protect against brute-force attacks. Next step I will add Spanish and French translations and add AI to create personalized study plans

DEVLOG #3
Today I pushed a major update to FocusForge. I built out the full frontend and aligned the UI with a consistent design system, improving layout, spacing, and overall usability. I also fixed several bugs across authentication flows, including login and registration logic, form validation, and state handling.
Next step is to fix some bugs when trying to update an exam and then add more features like email reminders.

DEVLOG #2
Today i connected my SQLite database to the API properly and started handling real user data
I implemented login and register routes using Crow, added password hashing with SHA-256, and built a simple session system with tokens so users can stay logged in. It’s not perfect, but it works.
After that, I added the core feature: subjects. Users can now add subjects with difficulty, deadlines, and grades, and then fetch them through the dashboard API. Seeing actual data come back as JSON felt like a big step forward.
I also fixed a bunch of annoying bugs, mostly typos and missing includes that wasted way too much time. Setting up OpenSSL and Asio on macOS was also not fun, but it’s finally compiling and running.
Right now, the backend is stable enough to connect to the frontend. Next step is improving validation, cleaning the code, and making the UI.

DEVLOG #1
Today I focused on building the core backend for FocusForge, mainly the authentication system and database layer. I set up SQLite with two main tables, users and subjects, and wrote an initialization function so the database creates itself automatically on startup. This removed the need for any manual setup and made the project easier to run and deploy.
I designed structured data models for users, subjects, and sessions to keep the code organized and avoid mixing database logic with application logic. I also implemented password hashing using SHA-256, ensuring that passwords are stored securely instead of in plain text.
On the backend side, I created reusable database functions for inserting and loading users and subjects. These functions use prepared statements to prevent SQL injection and keep the code clean and scalable. I also added basic session management using an unordered map, generating a token on login to track authenticated users.
Finally, I set up a simple web server using Crow and implemented the first API endpoint for login. The flow takes a username and password, hashes the input, compares it with the stored value, and returns a session token if successful.
This stage establishes a solid backend foundation with authentication, database integration, and API handling. Next, I plan to complete registration, improve validation, and connect the frontend to the backend.

Prodexa is officially live! After weeks of development, the dashboard now fully supports role-based access, letting managers handle products, sales, and sub-users, while employees have a streamlined view of only what they need. Products can be added, searched, and updated with live stock tracking, low-stock alerts, and accurate pricing with discounts and VAT. Sales are tied to customers and automatically update stock, and the database persists all data reliably. User management is secure, with password validation and session-based access, and the front-end ensures smooth input validation and role-specific views. All major bugs are fixed, including duplicate users, employee product visibility, and sale updates.Any suggestions are welcome.
You can try Prodexa at: https://prodexa8.fly.dev/

• Updated backend to allow employees to see manager-added products, sales, and customers.
• Fixed stock alert checks to prevent negative inventory.
• Streamlined save/update logic for products and sales.
• Tested multi-user visibility across managers and employees.
  Almost ready for release — next devlog will be the last.

• added delete option to sales and customers
• fixed bugs on customers
• minor cosmetic improvements and fixes

Features:
Enhanced sales report generation with dynamic month/year selection.
Improved product table UI for better readability and navigation.
Session token validation added for secure access.

Bug Fixes:
Fixed frontend request issue for current user data.
Resolved menu bar dropdown loading problem.
Corrected price calculation with discount and VAT.
Fixed table styling inconsistencies across dark mode.

Upcoming Features:
Print and PDF export for reports.
Advanced filtering and sorting for products and sales.
Real-time notifications for stock and sales alerts.
Integration with third-party analytics tools.

NEW FEATURES

• Monthly sales report showing units sold, sales made, revenue,cost,profit of the month
• Multi-User management(almost complete)

FIXES

• Multiple bug fixes on backend and frontend
• Minor cosmetic improvements

UPCOMING FEATURES

• Full multi-user management
• Role based permissions(manager,cashier)
• Charts for sales report
• Option to export or print reports

NEW FEATURES

• Added view and add sales function
• New landing page

FIXES

• Fixed sales not showing

UPCOMING FEATURES

• Sales infographics
• User control
• User management

FEATURES ADDED:

• View products function so users are able to see all their products and their relevant information
• Add products function so users can add products to their inventory
• Edit products function so users are able to edit all of the products field either searching by their code or name
• Session tokens to enable multiple users to haver different accounts and inventory
• Password hashing for better security
  -Terms and conditions the user must agree to use the service

FIXES

• Products not showing or register if on other user has the same product code

UPCOMING FEATURES

• View sales function for users to see the sales they made
• Add sale function to let users make sales
• Sales infographics to enable users to see the best and worst performing product or brand and their total sales

Features Added:

• Dashboard page(still not functional)
• Implemented the logout functionality in the frontend. Clicking the button now correctly clears the session token from local storage.
• Updated dashboard layout to center content boxes horizontally with proper spacing. Log out - button is positioned at the top right and “Contact Us” at the bottom of the box.

Fixes:

• Fixed JSON handling in C++ backend for product data responses.
• Corrected compilation errors related to event listeners and undeclared identifiers.
• Adjusted CSS to ensure boxes align horizontally and remain responsive.

Notes / Next Steps:

• Verify session clearing works consistently across multiple browsers.
• Continue refining backend integration for dashboard data.

implemented crow to c++ to handle http requests and created the login and register page which work but still need to make the dashboard page.Still have a lot of things before considering it a MVP.Will fully released it before March 31st.Any tips, improvements or suggestions are welcome.

Intergrated fully sqlite and stoped using files to store data.Added log in or add user option with different menu and permissions based on user position.Also added audit logs to see user log in and log out time and sales audits to view which user sold what product, brand , quantity, price, discount and total value of products.Now working on adding infographics option to see sale trends,most and least profitable products, best selling product and brand.Any tips or suggestions are welcome.

I’m working on my first project! This is so exciting. I can’t wait to share more updates as I build.