Next.js reaction trainer with 1v1 rooms backed by Supabase.

1. Install deps:

   npm install

2. Create env file:

   cp .env.example .env.local

3. Start dev server:

   npm run dev

Supabase CLI is used for schema migrations in supabase/migrations.

1. Initialize/login/link (hosted project):

   npx supabase login
   npx supabase link --project-ref <your-project-ref>

2. Apply migrations to your linked project:

   npx supabase db push

3. Add keys to .env.local:
   • NEXT_PUBLIC_SUPABASE_URL
   • NEXT_PUBLIC_SUPABASE_ANON_KEY
   • SUPABASE_SERVICE_ROLE_KEY (required for admin code API route)
   • DASHBOARD_KEY (shared secret for /dashboard)

• Current 1v1 tables are intentionally open to anon and authenticated roles so no-auth room sharing works immediately.
• If you add auth later, tighten RLS policies in supabase/migrations/20260216214509_duel_tables.sql.
• The app now includes login/signup UI using Supabase Auth (email + password).

Signup now requires a one-time access code and enforcement happens in Supabase (not just frontend). Login requires username + password only.

After running migrations, create codes in Supabase SQL editor:

insert into public.signup_access_codes (code, note)
values
  ('ALPHA001', 'founder batch'),
  ('ALPHA002', 'founder batch');

Inspect unused codes:

select code, note, created_at
from public.signup_access_codes
where consumed_at is null
order by created_at desc;

Inspect consumed codes:

select code, note, consumed_at, consumed_by
from public.signup_access_codes
where consumed_at is not null
order by consumed_at desc;

You can create/revoke codes from the app at /dashboard.

Requirements:

• Be logged in to the app.
• Provide DASHBOARD_KEY in the page input.

The page supports:

• Listing current codes
• Creating new unused one-time codes
• Revoking unused codes