mcp-server
Verified Safeby ferazzeid
Overview
Provides a Model Context Protocol (MCP) server for ChatGPT apps, enabling voice-controlled interaction with FastNow, a health and fitness application for tracking fasting, nutrition, and weight.
Installation
npm startEnvironment Variables
- PORT
- NODE_ENV
- SUPABASE_URL
- SUPABASE_ANON_KEY
- SUPABASE_SERVICE_ROLE_KEY
Security Notes
The server demonstrates good security practices by implementing OAuth 2.0 with PKCE, validating user tokens against a Supabase `oauth_apps` table using a service role key, and enforcing user data isolation via `user_id` in database queries. It also properly handles authentication errors with `WWW-Authenticate` headers. A noteworthy workaround is employed using an `X-OAuth-Token` custom header when proxying to Supabase Edge Functions to bypass Supabase's platform-level JWT validation, which is a known issue for non-JWT OAuth tokens. While CORS `origin: '*'` is used, which is acceptable for platform integrations, a tighter restriction could be considered for a strictly defined production environment. No hardcoded sensitive API keys or dangerous functions like `eval` were found.
Similar Servers
hevy-mcp
This server acts as a Model Context Protocol (MCP) interface, enabling AI assistants to interact with the Hevy fitness tracking app's API to manage workout data, routines, exercise templates, folders, and webhook subscriptions.
fastify-mcp-server
A Fastify plugin providing a streamable HTTP transport for the Model Context Protocol (MCP), enabling AI assistants to interact with services.
fastify-mcp
Integrates Model Context Protocol (MCP) server functionality into Fastify web applications, supporting streamable HTTP and legacy HTTP+SSE transports.
mcp-python-starter
A feature-complete Model Context Protocol (MCP) server template in Python for developing AI applications and agents.