MVP Complete: What We Built

January 6, 2026 4 min read

40+

API Endpoints

17

Frontend Pages

4

Hours Total

The MVP Sprint

With the architecture pivot complete and security hardening done, Sessions 4-5 focused on building out
all the core features. The goal: a fully functional application that users could actually use.

Backend Services

Each service follows the same pattern: encrypted storage, user isolation, and comprehensive CRUD operations.

Pillars Service

User-defined life categories for tracking

  • Create custom pillars (Family, Health, etc.)
  • Set targets and current values
  • Track pillar-specific entries
  • Color coding and icons

Daily Entries Service

Core journaling functionality

  • One entry per day per user
  • Encrypted content storage
  • Pillar linkage
  • Completion tracking

Feels Service

Emotional signal intelligence

  • Morning Pulse (mental state, strongest emotion)
  • EOD Reflection (energy, pressure/purpose)
  • What you’re avoiding
  • Honest notes

Habits Service

Morning routine tracking

  • Custom habit definitions
  • Daily completion tracking
  • Streak calculation
  • Order management

Moods Service

Mood tracking options

  • System-default moods
  • Custom mood creation
  • Emoji support
  • Archive/restore

Weekly Recaps Service

Weekly synthesis and patterns

  • Automated week detection
  • Pillar score aggregation
  • Pattern identification
  • Course corrections

API Endpoint Summary

Route Endpoints Methods
/api/auth/* 8 endpoints signup, login, verify-mfa, enable-mfa, refresh, logout, profile, password
/api/pillars/* 7 endpoints list, create, get, update, delete, reorder, scores
/api/entries/* 5 endpoints list, create, get-by-date, update, delete
/api/feels/* 5 endpoints list, create-morning, create-eod, get-by-date, history
/api/habits/* 10 endpoints list, create, update, delete, complete, uncomplete, streaks, reorder, today, history
/api/moods/* 8 endpoints list-system, list-custom, create, update, delete, archive, restore, log
/api/weekly/* 6 endpoints list, current, get-by-week, create, update, patterns

Frontend Pages

The Next.js frontend was built to match the API, with each major feature getting its own page: 

frontend/src/app/
├── (auth)/
│   ├── login/page.tsx
│   ├── register/page.tsx
│   ├── mfa-setup/page.tsx
│   └── mfa-verify/page.tsx
├── dashboard/page.tsx
├── morning-pulse/page.tsx     # Morning check-in
├── daily-entry/page.tsx       # Main journaling
├── eod-reflection/page.tsx    # End of day
├── weekly-recap/page.tsx      # Weekly synthesis
├── pillars/
│   ├── page.tsx               # Pillar list
│   └── [id]/page.tsx          # Pillar detail
├── settings/
│   ├── page.tsx
│   ├── profile/page.tsx
│   ├── security/page.tsx
│   └── preferences/page.tsx
├── legal/
│   ├── privacy/page.tsx
│   └── terms/page.tsx
└── contact/page.tsx

The Daily Flow

TimOS is designed around a specific daily workflow. Here’s how the pieces connect:

AM

Morning Pulse

  • Mental state check (Focused, Foggy, Anxious, Sharp, Overstimulated)
  • Strongest emotion (Joy, Dread, Pressure, Confidence, Guilt, Excitement)
  • What are you avoiding today?
  • Morning habits completion
Day

Daily Entry

  • Quick notes and captures throughout the day
  • Pillar-linked entries (Family moment, Health activity, etc.)
  • Progress bar showing completion
PM

EOD Reflection

  • What gave you energy today?
  • What drained your energy?
  • Pressure or Purpose? (Were you driven by pressure or purpose today?)
  • The truth you’re ignoring
  • One honest note to yourself
Weekly

Weekly Recap

  • Pillar scores aggregated for the week
  • Pattern identification (What kept showing up?)
  • Top accomplishments
  • Course corrections for next week

API Client Pattern

The frontend uses a centralized API client with automatic token handling: 

// frontend/src/lib/api.ts
const API_URL = process.env.NEXT_PUBLIC_API_URL || 'http://localhost:8000';

async function fetchWithAuth(
  endpoint: string,
  options: RequestInit = {}
): Promise {
  const token = localStorage.getItem('accessToken');

  const headers: HeadersInit = {
    'Content-Type': 'application/json',
    ...options.headers,
  };

  if (token) {
    headers['Authorization'] = `Bearer ${token}`;
  }

  const response = await fetch(`${API_URL}${endpoint}`, {
    ...options,
    headers,
  });

  // Handle token refresh
  if (response.status === 401) {
    const refreshed = await refreshToken();
    if (refreshed) {
      return fetchWithAuth(endpoint, options);
    }
    // Redirect to login
    window.location.href = '/login';
  }

  return response;
}

export const api = {
  get: (endpoint: string) =>
    fetchWithAuth(endpoint).then(r => r.json()),

  post: (endpoint: string, data: any) =>
    fetchWithAuth(endpoint, {
      method: 'POST',
      body: JSON.stringify(data),
    }).then(r => r.json()),

  put: (endpoint: string, data: any) =>
    fetchWithAuth(endpoint, {
      method: 'PUT',
      body: JSON.stringify(data),
    }).then(r => r.json()),

  delete: (endpoint: string) =>
    fetchWithAuth(endpoint, { method: 'DELETE' }).then(r => r.json()),
};
Sessions 4-5 Stats

Time spent: 4.0 hours combined
Manual estimate: 29.0 hours
ROI: 7.25x
Endpoints built: 40+
Pages created: 17

Key Takeaways

  • Consistent patterns (service + route + types) enable rapid development
  • Encrypted content requires decrypt-on-read for every service
  • User isolation (userId in every query) is non-negotiable
  • The daily flow (Morning → Day → EOD → Weekly) creates natural structure
  • Centralized API client simplifies auth token management
Secret Link