This has been reverted as of Nov, 2022. Fasten would be great as a single-page-app, however we ran into the following issues:

  • Webworkers were difficult to work with, the WW environment is very different from the browser js sandbox, and lots of libraries fail to work
  • CORS is incredibly difficult to work with

One of Fasten’s long term goals is to support a cloud deployment model with zero-knowledge encryption for your medical records.

While considering the implications of this, it became apparent that I may have to move a majority of the Server side logic to the client-side (Angular SPA).

This document is my scratchpad/work-in-progress notes as I work on sliming down the Golang Server to almost nothing, and migrate a majority of the logic to Angular.

Potential Issues with SPA model

  • Some healthcare providers require client id & client secret
  • Some healthcare providers speak protocols that are not web friendly - HL7 (how does auth work, what is this protocol)
  • Some healthcare providers do not support CORS.
  • Encrypted patient data would need to be synced to a central location from the client side, if the user wants to see the data from multiple devices - zero knowledge encryption
  • Progressive Web Apps (PWA) have an install flow that may be unfamiliar to most users.
  • Background refresh of data is difficult, only available while user is logged in.
  • multi-user roles become complicated

All of these issues need to be solved to implement Zero-knowledge encryption in Fasten


Security CouchDB

MultiUser CouchDB

CouchDB searching & pagination

Pouchdb Encrypted database

Filesystem Access API


Webworker Testing

Reverse Proxy to DB