GymFlow is a full-stack gym management web application that helps gym owners manage members and allows gym members to track workouts, memberships, and nutrition.
- JWT based authentication with refresh tokens
- Role-based access control
- Secure password hashing
- Create and manage gym profile
- Generate gym codes for member registration
- View gym members and statistics
- Track payments and revenue
- Post notices to all gym members
- Manage trainers and bookings
- Join gyms using a unique gym code
- View membership details and expiry date
- Log workouts and exercises
- Track calories using AI food image analysis
- Book trainer sessions
- Receive gym notices and updates
- Real-time notifications using Socket.io
- Membership expiry reminders using Cron Jobs
- Workout and nutrition tracking
- Payment tracking system
- Responsive dashboards with analytics
- React
- Vite
- TailwindCSS
- Node.js
- Express.js
- MongoDB
- JWT Authentication
- Socket.io
git clone https://github.com/yourusername/gymflow.git
cd gymflow
## Getting Started
### Backend Setup
1. **Install dependencies**
```bash
cd backend
npm install- Create .env file
cp .env.example .env
# Edit .env with your configuration- Start MongoDB
# Local MongoDB
mongod
# Or use MongoDB Atlas connection string in .env- Run server
npm run dev # Development with nodemon
npm start # ProductionServer runs on http://localhost:5000
- Install dependencies
cd frontend
npm install- Create .env file (optional)
VITE_API_URL=http://localhost:5000/api
VITE_SOCKET_URL=http://localhost:5001- Run development server
npm run devFrontend runs on http://localhost:3000
PORT=5000
NODE_ENV=development
MONGODB_URI=mongodb://localhost:27017/gymflow
JWT_SECRET=your_secret_key
JWT_EXPIRY=15m
REFRESH_TOKEN_SECRET=your_refresh_secret
REFRESH_TOKEN_EXPIRY=7d
NUTRIENT_API_KEY=your_api_key
NUTRIENT_API_URL=https://api.logmeal.com/v2
FRONTEND_URL=http://localhost:3000
SOCKET_PORT=5001
VITE_API_URL=http://localhost:5000/api
VITE_SOCKET_URL=http://localhost:5001
- Access tokens expire in 15 minutes
- Refresh tokens valid for 7 days
- Refresh tokens stored in database for revocation
- Automatic token refresh on 401 response
- Socket.io for real-time updates
- Members receive instant notices
- Trainer availability updates
- Membership reminders
gym_owner: Can create gyms, manage members, post notices, view analyticsgym_member: Can join gyms, log workouts, track calories, book trainers
- Automatic daily check (9:00 AM)
- 7-day expiry warning system
- Members reminded via notifications
- Expired memberships auto-deactivated
- Upload food images
- API integration with nutrition databases
- Automatic macro calculation
- Daily nutrition tracking
- Multiple payment methods supported
- Transaction history
- Revenue analytics and graphs
- Refund management
β Password hashing with bcrypt β JWT authentication with refresh tokens β CORS protection β Helmet.js for security headers β Rate limiting on API routes β Input validation with Joi β Role-based access control β File upload restrictions (images only, max 5MB) β Token revocation on logout
Screenshots