Did you test the app from someone elses device or internet endpoint? What are the security reprications of that? Adding a mechanism to default to read only where appropriate, would also side step the need for users and/or authentication.
Did you try (or test) the app through a VPN gateway (where the server is not actually available publically (and therefore cant be hacked - I’m the one with the “butally simple firewall”).
If you have some sort of “read-only” feature as default (on top of some sort of “read-write” device whitelist), you could use (what I call) keyless entry, where you just have to know what the current “key” is, and not a “password” that can be hacked. You can then change the initiator that provides the “key” within the page content. That way you can also change the type of “key” or how the key is presented at will. Without the initiator, you dont even get access to the key, and as the only user, only you know what the key is, where it is, and how to operate it. One you are done in read/write mode, you just remove the initiator, and there is no trace of the “key”
(sorry to be vague and not “show” or “tell” details, but it would defeat the purpose of you impliment an keyless entry).
I totally understand the exponential impact of adding users. I think if you add some thing like I mentioned, you can make the source available publicly, and others can add the “I want to track this thing” parts for you, allowing a “presets” library (maybe?).
I say that, because I believe alot of people (and I dont mean a small “alot of people” - I mean a huge “alot of people” - over time) would use this, especially if they could choose from a “list of things to track”, or for less net interactive based tracking, just add something themselves.
(And maybe this is one of the underlying thoughts of the judges, based on its usefulness, as why your a #devember2021 finalist) this project would allow maintenace and expansion of the public single-user version (available as source), if you got some other “entity” to pay for helping add those additions, whereby they also provide a private multi-user version.
Its just a usefult tool:
- I can see a company wanting to make it available to 15,000 employees per month (at their leasure).
- I can see some companies paying dearly for a custom in-house version.
- I can also see some “granny” tracking her cross-word skills, or her local bingo hall “winning numbers”.
- I can see little Jenny tracking her “lemonade stand” over the summer break.
- I can see little Johnny tracking his after school “dog walking business”.
- (hell) I might even use it to track unfinished project interaction
Actually, this is the sort of project that would go well on “The Dragons Den”, if you knew what those above 2 paragraphs entailed, you could maintain 100% ownership, while only taking 5-10% of profits.
If you could load a “tracked item” with historical data, then it has the ability to be used for projections as well, or “market trends”.
I am 100% sure (now that you have made it) that someone else will come along with a commercial or free multi-user version (payed for with ads or by selling tracking data), and especially so at this time when a lot of people are force to be at home with the internet.
I am pretty sure there are people in Poland willing to provide enough (backing, accumen, resources, personnel), so you can still do “your thing” without being loaded down with “providing others options they want”.
Anyway, I hope you get alot of use out of it, and expand it as you change your “I would like to track …” focus, and yes I think it would work nicely as a “soft” time-card for “employees & volunteers” etc… (my initial reservations being it would be a “hard” or “strict” version - thanks again for prooving me wrong).
Cheers
Paul