AI Handoff
Bloomify β€” AI Session Handoff
Everything an AI assistant needs to pick up this project cold
πŸ€–
For AI Assistants

Read this page before touching any code. It contains the critical rules that prevent corrupted commits and wasted time.

Repo & Stack

ItemValue
Repohttps://github.com/sonantechai/bloomify-portal
Latest commitd30778ce
FrontendReact 18, TypeScript, Vite, Cloudflare Pages
BackendCloudflare Worker (bloomify-api, env: bloomify)
DatabaseD1 β€” bloomify_db (ID: 65ce920d-2760-4918-a32a-e4aef9a58a83)
AuthJWT signed with JWT_SECRET Cloudflare secret
CurrencyPKR stored as paisa (Γ—100); display as Rs. X

Running Locally

# Install dependencies
npm install

# Start Vite dev server (frontend)
npm run dev

# Start Worker locally with D1 (separate terminal)
npx wrangler dev --env bloomify --local

The frontend proxies API calls to localhost:8787 in dev mode (configured in vite.config.ts). Ensure your local wrangler.toml has the correct D1 binding.

Known Gotchas

GotchaFix
CORS error after deployPermanent fix applied (commit d30778ce): origin is now hardcoded in worker.ts as const origin = 'https://bloomifyofficial.sonandigital.com' β€” no longer read from env var. Do NOT change this back to env.ALLOWED_ORIGIN. Root cause was: Pages project is named bloomifyofficial but original wrangler.toml had bloomify.sonandigital.com; FUSE-safe commits update git but not the disk file wrangler reads, so the wrong value kept being deployed.
Worker crashes with 500 + no CORS headersCaused by JWT_SECRET Cloudflare secret not being set for the bloomify environment. The error from crypto.subtle.importKey is: "DataError: Imported HMAC key length (0) must be a non-zero value…" Fix: npx wrangler secret put JWT_SECRET --env bloomify. A global try-catch is now in place in worker.ts so future crashes return proper JSON with CORS headers instead of a silent 500.
Admin login fails after manual DB resetPassword hash format is saltHex:hashHex β€” NOT the pbkdf2:sha256:... prefix format. Use the Worker's /api/admin/password endpoint or seed script to generate correct hashes
git push fails with "does not appear to be a git repository"FUSE-mounted workspace corrupts .git/config. User must fix from Windows terminal: del .git\config.lock, rebuild config lines with echo, then git remote add origin and push
Large file writes silently truncated on FUSEAlways write large files to /tmp via Python, hash from /tmp, never from the FUSE mount path. See CLAUDE.md for the full FUSE-safe commit pattern
FUSE-safe commits update git but NOT diskWrangler reads from the disk path, not from git. After a FUSE-safe commit, the disk file still has the old content. Use the Edit tool to update the disk file separately before deploying.

Deployment Checklist

  • D1 database created and migrations applied
  • Seed script run (creates admin user with correct password hash)
  • JWT_SECRET set as Cloudflare secret
  • ALLOWED_ORIGIN in wrangler.toml [env.bloomify] = https://bloomifyofficial.sonandigital.com
  • Worker deployed: npx wrangler deploy --env bloomify
  • Custom domain bloomify-api.sonandigital.com set in Cloudflare Worker settings
  • Cloudflare Pages project bloomify-portal connected to GitHub repo
  • Pages custom domain bloomifyofficial.sonandigital.com configured
  • Admin logi