DRONA AI is a modern, full-stack fitness application that uses an AI assistant (powered by Groq/LLaMA) to generate customized workout and diet plans through a voice conversation. It is built to be fast, secure, and fully personalized, storing all user data securely in a serverless database.
- Voice Assistant: Users interact with the AI coach via voice (Vapi) to define their fitness goals, body stats (age, height, weight), available workout days, and dietary restrictions.
- AI Generation (Groq/LLaMA): The backend uses a specialized Large Language Model (LLM) to instantly process the conversation and output a structured, personalized Workout Plan and a Diet Plan in JSON format.
- Plan Persistence: The generated plans are instantly saved to the user's profile in the database.
- Secure Authentication: User login and management are handled entirely by Clerk.
- Automatic Deactivation: When a new plan is created, the system automatically deactivates the user's previous active plan, ensuring only one plan is current at any time.
- Profile Dashboard: Users can view, switch between, and review all their generated historical plans.
| Screenshot | Description | Placeholder |
|---|---|---|
| Login/Signup | User authentication screen via Clerk. |  |
|
| Voice Assistant Interface | The main conversational screen where the user interacts with the AI. | 
|
| Profile Dashboard | The profile page showing a list of generated plans and the active plan details. | 
|
| Workout Plan View | Detailed view of a generated workout plan (exercises, sets, reps). | 
|
| Diet Plan View | Detailed view of a generated diet plan (calories, meals, foods). | 
|
The project follows a secure, serverless architecture that prevents common vulnerabilities like SQL injection and cross-site scripting (XSS).
| Security Component | Implementation Detail | Why It's Secure |
|---|---|---|
| Authentication | Clerk | Handles user creation, sessions, and tokens (JWTs), ensuring passwords/sensitive login details never touch your database or server code. |
| Data Integrity | Convex Internal ID (or Email) | Plans are linked to the user via a unique, immutable identifier (the secure Clerk ID or the primary email address). This prevents plan hijacking even if names or other details change. |
| Database Access | Convex Rules | All read/write operations (Mutations/Queries) are secured by Convex's serverless functions. Users can only fetch plans that match their authenticated session ID or email address. |
| Webhooks | Svix Verification | All Clerk webhooks (for user creation/updates) are cryptographically signed and verified using the svix library, ensuring that only genuine messages from Clerk are processed. |
| Category | Technology | Purpose |
|---|---|---|
| Frontend | Next.js (React) | Modern web framework for the user interface. |
| Authentication | Clerk | Comprehensive user management and secure session handling. |
| Voice Interface | Vapi | Orchestrates the real-time, low-latency voice conversation and connects it to the backend webhook. |
| Database / Backend | Convex | Real-time, full-stack serverless platform for storage, functions (Mutations/Queries), and secure authentication handling. |
| AI Generation | Groq (LLaMA 3.1) | Provides ultra-fast, structured responses to generate the diet and workout plans. |
| Styling | Tailwind CSS / ShadCN | Utility-first CSS framework for rapid, consistent styling. |
Follow these steps to get a local copy of CodeFlex AI running.
You need accounts and API keys for the following services:
- Clerk: For user authentication.
- Convex: For the database and backend functions.
- Groq: For the LLM API (Fast AI generation).
- Vapi: For the conversational voice interface.
git clone [YOUR_REPO_URL]
cd codeflex-ainpm install
# or
yarn installCreate a file named .env.local in your project root and fill in the necessary API keys and URLs.
# Clerk Keys
NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY=pk_live_...
CLERK_SECRET_KEY=sk_live_...
NEXT_PUBLIC_CLERK_FRONTEND_API_URL=https://[YOUR-CLERK-SLUG].clerk.accounts.dev
# Convex App URL (find this in your Convex dashboard)
NEXT_PUBLIC_CONVEX_URL=https://[YOUR-CONVEX-SLUG].convex.cloud
# Groq API Key
GROQ_API_KEY=gsk_...
# Vapi
NEXT_PUBLIC_VAPI_PUBLIC_KEY=[YOUR-VAPI-PUBLIC-KEY]
VAPI_API_KEY=[YOUR-VAPI-SECRET-KEY]
# Clerk Webhook Secret (for Svix verification)
CLERK_WEBHOOK_SECRET=whsec_... Create a file named convex/auth.config.js and point it to your Clerk domain:
// convex/auth.config.js
export default {
providers: [
{
// MUST match your Clerk Frontend API URL without the trailing slash
domain: "https://[YOUR-CLERK-SLUG].clerk.accounts.dev",
// MUST match the JWT Template name created in Clerk (Step 5)
applicationID: "convex",
},
],
};In your Clerk Dashboard:
- Navigate to JWT Templates.
- Create a new template named exactly
convex. - This ensures Clerk issues the required tokens for Convex authentication.
In one terminal tab, start the Convex development server:
npx convex devIn a second terminal tab, start the Next.js frontend:
npm run devYour project should now be running locally at http://localhost:3000.
Contributions are welcome! Please fork the repository and submit a pull request for new features or bug fixes.
This project is licensed under the MIT License.
Author : Code0era