About Weekfully
Weekfully — a shared family week planner.
Weekfully is a dead-simple weekly planner built for families. No accounts, no passwords, no app stores. You get a link, you share it, you plan your week. That's it.
It replaces the post-its on the fridge, the "did you see my message?" group chat, and the calendar with so many scribbles that nobody can read anything anymore.
How it works
When you create a board you get two links: an admin link (read & write) and a read-only link (view only). If you know the link, you have access. No login page, no password reset flow, no cookie banners. Share the admin link with family members who need to edit; give the read-only link to anyone who just needs to view the calendar.
Security & privacy
The link-in-URL model is intentionally simple: possession of the URL is the permission. It removes account friction, password resets, and cookie/session complexity. That makes sharing fast and keeps onboarding near zero.
The tradeoff is that URL secrecy becomes critical. Links can leak through copy/paste mistakes, screenshots, browser history on shared devices, or accidental forwarding. Admin links are especially sensitive because they allow edits and deletion.
We reduce the risk with several measures:
- Long, cryptographically random tokens (Base58-encoded UUID7) that are practically impossible to guess or brute-force.
- Separate admin and read-only links so you control who can edit.
- Strict
Referrer-Policy: no-referrerheaders so your token is never leaked to third-party sites through the Referer header (the single most dangerous exposure vector for URL tokens). - HTTPS everywhere — tokens are encrypted in transit.
- API authentication uses a Bearer token in the Authorization header, not a query parameter, so tokens stay out of server logs.
- No cookies or sessions are stored — nothing to steal via XSS or CSRF.
- Rate limiting on calendar views, board creation, and recovery flows to prevent scanning and abuse.
Still, this is not a high-security vault. Treat your board as something that lives on the public internet but is very, very hard to find. Don't put medical records, passwords, or highly personal information on it. If a link is exposed, use /igothacked to rotate both tokens and invalidate old URLs.
It is worth noting that a sufficiently motivated adversary — say, someone operating a transparent proxy at a telecom — can already observe most of what a user does online. URL-token auth doesn't make this worse; it's just honest about the threat model.
Best practice: share the admin link with family who need to edit, give read-only links to others who only need to view, and store both in a password manager right after board creation.
No cookies. Really.
Dark mode? It's a URL parameter: ?dark=1. Remove it and you're back to light mode. Internal links carry it forward automatically. No cookies are created, read, or harmed in the process.
Premium features
Premium boards unlock: 5-week view, full-year view, and JSON API access. Right now, every board is premium because we haven't built a payment system yet. Enjoy it while it lasts.
See /api-docs for the API reference.
FAQ
How do tokens work?
Each board has exactly one admin token and one read-only token. They are generated from UUID7-like entropy and encoded in Base58. If someone gets your link, they get access for that mode — nothing more, nothing less.
Can events span multiple days?
No. One event = one day. If dad is on a business trip for five days, add five entries — one per day, business-trip style. It keeps the data model simple and the calendar readable.
Can I reorder events within a day?
Not yet. Events are sorted by creation time. Reordering comes when we hit our first million in monthly earnings. We'll call you.
Can I drag events between days?
No. Remove and re-add. It builds character.
How does auto-refresh work?
The calendar refreshes automatically every 60 seconds so changes from other family members appear relatively quickly. There's also a manual refresh button if you're impatient.
How are events limited?
Each event entry is max 200 characters. You can have up to 20 events per day per board. The tile shows the first 3 and reveals the rest with a "more" tap.
#red and #green hashtags?
Put #red or #green anywhere in the event text and the entire card gets a colored background. Red = important/warning, green = confirmed/positive. If both are present, the first one wins. That's the entire color system.
What is editable in read-only mode?
Nothing. Navigation and view switching still work, but add/edit/delete actions and shared-notes editing are all disabled.
What does the reminder email contain?
/remind sends you admin links for every board tied to your email hash, including the first 50 characters of the shared notes as a label so you know which board is which.
What if I lose the admin link and never added an email?
Recovery is impossible. We know. We're sorry. This is why the creation screen warns you to save both links. Please use a password manager.
How does /igothacked work?
Enter your current admin token (or paste the full admin URL) and a new email. Weekfully clones your content to a brand new board with fresh tokens, deletes the old board, and sends the new links to your email. Both old URLs — admin and read-only — become invalid, so whoever had the leaked link loses access. This should not be used lightly: everyone who received the old links (both admin and read-only) will lose access.
How is privacy handled?
If you provide an email during board creation (or later), it is hashed immediately using HMAC-SHA256 with a server-side secret. The original email is never stored. We can look up boards by hash but can never reverse it to your email address, even if the database is compromised.