Last Updated: 2025-12-24

Current Status

Completed Phases:

✅ Phase 1: Database Schema & Queries (user_settings, daily_summaries tables)
✅ Phase 2: AI Service Layer (OpenRouter integration with xiaomi/mimo-v2-flash:free model)

Current Issue:

🔄 iOS Shortcuts debugging - shortcut sends GET instead of POST to /api/content
✅ Backend validated via curl from iSH terminal - works perfectly
❌ iOS Shortcuts making unexpected GET requests despite being configured for POST

Project Overview

Enhancing iOS Share Sheet Backend with AI-powered daily summaries and PWA frontend.

Bearer Token (for testing)

Token: OmjRJn2c3JEm_1bUFwLwmX_DZtxWUsvBaVHZca18BUY

Backend URL

https://jaballadares--019b2ebadc2370e4a6e633077cdb8332.web.val.run

Test User

Email: jb@saluamigo.com
Name: John B.

Phase 1: Database Foundation ✅ COMPLETE

Files Created:

backend/database/migrations_v2.ts - New tables for user settings and daily summaries
backend/database/queries_v2.ts - Date-range and summary query functions

Files Modified:

shared/types.ts - Added UserSettings and DailySummary interfaces
backend/index.ts - Runs v2 migrations on startup

Database Tables:

user_settings (userId, emailEnabled, smsEnabled, smsPhone, summaryTime,
               timezone, summaryTone, summaryLength, includeContentTypes,
               createdAt, updatedAt)

daily_summaries (id, userId, summary, contentItemsCount, contentTypes,
                 generatedAt, deliveredAt, createdAt)

Phase 2: AI Service Layer ✅ COMPLETE

Files Created:

backend/services/aiService.ts - AI summary generation with OpenRouter/Groq/Straico
backend/services/emailService.ts - Email delivery via Val Town std/email
backend/services/smsService.ts - SMS delivery via Zapier webhooks

Files Modified:

backend/routes/content.ts - Added test endpoints for AI functionality
backend/routes/auth.ts - Added test endpoints for authentication bypass

Environment Variables (configured in Val Town):

AI_PROVIDER=openrouter
AI_API_KEY=sk-or-v1-...
AI_BASE_URL=https://openrouter.ai/api/v1

Test Endpoints Added:

POST /api/content/ai-summary-test - Generate summary from last 24h content
POST /api/content/add-sample-data - Add 7 sample content items
GET /api/content/ai-test - Test AI service configuration
POST /api/content/test-email - Send test email
POST /api/auth/test-create-token - Create bearer token (bypasses auth)
POST /api/auth/test-login - Test login (bypasses WebAuthn)
GET /backend/test/createUser - Create user account (no WebAuthn)

Testing Phase 2:

# Test page
https://www.val.town/x/jaballadares/test-phase2

# Or manual testing:
curl -X POST "https://jaballadares.../api/content/ai-summary-test" \
  -H "Authorization: Bearer OmjRJn2c3JEm_1bUFwLwmX_DZtxWUsvBaVHZca18BUY"

Current Debugging Issue: iOS Shortcuts

Problem

iOS Shortcuts "Get Contents of URL" action sends GET requests instead of POST to /api/content, despite being configured for POST method with headers and body.

What Works ✅

# This curl command from iSH terminal works perfectly:
curl -X POST \
  "https://jaballadares--019b2ebadc2370e4a6e633077cdb8332.web.val.run/api/content" \
  -H "Authorization: Bearer OmjRJn2c3JEm_1bUFwLwmX_DZtxWUsvBaVHZca18BUY" \
  -H "Content-Type: application/json" \
  -d '{"type":"text","content":"Test from iSH","title":"iSH Test"}'

# Returns: {"success":true,"id":"...","message":"Content saved successfully"}

What Doesn't Work ❌

iOS Shortcuts configured with:
- Method: POST
- URL: https://jaballadares.../api/content
- Headers: Authorization + Content-Type
- Request Body: JSON with type/content/title
But Val Town logs show: GET /api/content 401 Unauthorized with NO Authorization header

Enhanced Logging Added

Just deployed to backend/routes/content.ts:

Logs ALL incoming requests with method, URL, headers, body
Logs bearer token validation steps
Shows exactly what iOS Shortcuts is sending

Log output format:

=== INCOMING REQUEST ===
Timestamp: ...
Method: GET or POST
URL: /api/content
Headers: {...}
Body: {...}
========================

=== BEARER TOKEN CHECK ===
Auth header: Bearer...
✅ Auth successful for user: jb@saluamigo.com

User Action Item

Investigate why iOS Shortcuts sends GET instead of POST:

Check Val Town logs after running shortcut
Verify shortcut configuration (screenshot showed correct POST method)
May need to try alternative iOS Shortcuts approach
Consider if iOS version or Shortcuts version has bugs

Remaining Phases (From Plan)

Phase 3: Cron Jobs - Automated Daily Summaries

Create Val Town cron jobs to generate and deliver summaries daily
File: cron/generateDailySummaries.cron.tsx
File: cron/deliverSummaries.cron.tsx
Add Zapier webhook integration for SMS delivery

Phase 4: Frontend - Settings & Summary History UI

frontend/components/Settings.tsx - User preferences for summaries
frontend/components/Summaries.tsx - View past summaries
backend/routes/settings.ts - Settings API endpoints
backend/routes/summaries.ts - Summaries API endpoints

Phase 5: Frontend Modernization - PWA Foundation

PWA manifest and service worker
Client-side routing
Mobile-first navigation
Performance optimizations

Phase 6: Polish & Advanced Features

Dark mode toggle
Export functionality (PDF, Markdown, text)
Accessibility improvements
Lighthouse score > 90

Files Modified This Session

Backend Logging Enhancement

File: backend/routes/content.ts

Added comprehensive logging middleware:

// Logs ALL requests to /api/content
content.use("/*", async (c, next) => {
  console.log("=== INCOMING REQUEST ===");
  console.log("Timestamp:", new Date().toISOString());
  console.log("Method:", c.req.method);
  console.log("URL:", c.req.url);
  console.log("Path:", c.req.path);
  console.log("Headers:", Object.fromEntries(c.req.header()));
  console.log("Body:", body || "(empty)");
  await next();
});

// Enhanced bearer token logging
async function requireBearerToken(c: any, next: any) {
  console.log("=== BEARER TOKEN CHECK ===");
  console.log("Auth header:", authHeader ? authHeader.substring(0, 20) + "..." : "(none)");
  // ... detailed logging through auth flow
}

Setup Page UI Fix (NOT YET PUSHED)

File: frontend/components/Setup.tsx

Fixed misleading UI that claimed downloadable iOS shortcut existed:

Changed Step 2 from "Download iOS Shortcut" to "Create the iOS Shortcut"
Added detailed manual instructions for creating shortcut
Removed fake download button
Status: Fixed locally, not pushed to Val Town per user request

Quick Reference Commands

Test Content Creation (via curl)

curl -X POST "https://jaballadares--019b2ebadc2370e4a6e633077cdb8332.web.val.run/api/content" \
  -H "Authorization: Bearer OmjRJn2c3JEm_1bUFwLwmX_DZtxWUsvBaVHZca18BUY" \
  -H "Content-Type: application/json" \
  -d '{"type":"text","content":"Test note","title":"Test"}'

Generate AI Summary (last 24h)

curl -X POST "https://jaballadares--019b2ebadc2370e4a6e633077cdb8332.web.val.run/api/content/ai-summary-test" \
  -H "Authorization: Bearer OmjRJn2c3JEm_1bUFwLwmX_DZtxWUsvBaVHZca18BUY"

Add Sample Data (7 items)

curl -X POST "https://jaballadares--019b2ebadc2370e4a6e633077cdb8332.web.val.run/api/content/add-sample-data" \
  -H "Authorization: Bearer OmjRJn2c3JEm_1bUFwLwmX_DZtxWUsvBaVHZca18BUY"

Create New Bearer Token (if needed)

curl -X POST "https://jaballadares--019b2ebadc2370e4a6e633077cdb8332.web.val.run/api/auth/test-create-token" \
  -H "Content-Type: application/json" \
  -d '{"email":"jb@saluamigo.com"}'

Test Email

# Must be logged in via browser first
curl -X POST "https://jaballadares--019b2ebadc2370e4a6e633077cdb8332.web.val.run/api/content/test-email" \
  -H "Content-Type: application/json"

Important Notes

Authentication Methods

Web Session (for dashboard): Cookie-based auth via /api/auth/test-login
Bearer Token (for iOS Shortcuts): Authorization header with Bearer token

Database Tables

users - User accounts
web_authn_credentials - Passkeys (not used currently)
bearer_tokens - API access tokens for shortcuts
content_items - Captured content (text, images, URLs)
user_settings - Summary preferences (email, SMS, tone, length, timezone)
daily_summaries - Generated daily summaries

AI Configuration

Provider: OpenRouter
Model: xiaomi/mimo-v2-flash:free (free tier)
Fallback: Can switch to Groq or Straico via env vars
Tone Options: professional, casual, detailed, brief, balanced
Length Options: short, medium, long

Next Session Priorities

HIGH PRIORITY: Resolve iOS Shortcuts GET vs POST issue
- Check Val Town logs after running shortcut
- Verify what iOS Shortcuts is actually sending
- Try alternative approaches if needed
After iOS Shortcuts works:
- Test end-to-end flow (iOS capture → content stored)
- Deploy Phase 3 (Cron Jobs)
- Build Phase 4 (Settings & Summaries UI)
Nice to have:
- Push Setup.tsx fix (remove fake download button)
- Test email delivery
- Generate and view first real daily summary

Val Town Resources

Dashboard: https://www.val.town/x/jaballadares/sharesheet_thing
Console/Logs: https://www.val.town/x/jaballadares/sharesheet_thing (view logs in browser)
Test Page: https://www.val.town/x/jaballadares/test-phase2
Backend Source: Mounted at /backend in this repo

Questions to Investigate

Why does iOS Shortcuts send GET instead of POST?
- iOS version compatibility?
- Shortcuts app bug?
- Request body formatting issue?
- SSL/certificate issue causing fallback?
Why is Authorization header not being sent?
- iOS security stripping the header?
- URL encoding issue?
- Shortcuts app limitation?
Workarounds to try:
- Use URL parameters instead of headers for token?
- Use different iOS Shortcuts action?
- Build custom iOS app instead of Shortcuts?
- Use third-party automation tool?

Good luck with the debugging! The backend is solid - just need to figure out what iOS Shortcuts is doing differently than curl. 🚀

jaballadares

sharesheet_thing

iOS Share Sheet Backend - Work In Progress