# Development

## nKode Core

- [ ] track time it takes for people to login
- [ ] Get login interface svgs should be pre sorted when the client gets them. the client should have to receive the index and the svgs
- [ ] fuzz testing
- [ ] Everytime a user logins in, the refresh token is overwritten in the database. This means that you can login to one place at a time.
- [ ] hanko instead of okta?
- [ ] implement a lockout
- [ ] Build an nKode Cracker
- [ ] Secure against User enumeration
- [ ] Build an Icon Generator
- [ ] Steadily increase the number of icons over time

## Authentication & Security

- [ ] Jwt should be two key signature so our server can sign and anyone with a public key can verify
- [ ] Jwt signing keys should be in customer db
- [ ] What if apps could bring their keypad to NKode?

## Email Service

- [ ] Implement email retry if email fails to send or dlq
- [ ] Improve Email service
- [ ] Require email verification before first login
- [ ] Monitor Complains and Bounce

## API

- [ ] add swagger to the api (task for jordan)
- [ ] How do i rate limit api endpoint?

## Infrastructure

- [ ] Ask Danny about backing up to sesol servers
- [ ] Test server traffic
- [ ] Need alert when server is down; maybe with healthcheck and telegram or discord bot @due(2026-10-27)
- [ ] Need to see resource utilization @due(2026-10-27)
- [ ] Add goaccess to coolify servers

## Ideas

- [ ] Compare NKode to phone numbers. Can people remember icons better than numbers? Can the remember more
- [ ] NKode file sharing