DEV Community: LePhuongTrung

I Built an "AI Meal Planner." It Almost Produced a Nutritionally Invalid Plan.

LePhuongTrung — Sun, 24 May 2026 09:05:19 +0000

Last week, my constraint-optimization engine suggested I live on nothing but protein powder and frozen peas for 7 days to stay under my $27/week budget. It wasn't trying to be funny; it was a logical failure in my multi-step agentic workflow.

I’m a NestJS engineer. I thought I could solve "budget meal prep" with a clean schema and a prompt. I was wrong. Building this for the Google I/O 2026 challenge wasn't about building a demo; it was about fixing a system that kept breaking in the messiest ways possible.

1. The "Failure" Moment: The Gap Between Logic and Reality

My initial MVP was simple: feed the API a budget, get back a JSON list of meals.

The Failure: The model hallucinated prices based on global averages, not my local market. My engine accepted the hallucinated price as "ground truth," resulting in a plan that was technically within budget but nutritionally invalid (missing critical micronutrients).

The Insight: AI isn't an "optimizer"; it's a "generator." I had to shift my architecture from a Single-Prompt Request to a Multi-Step Validation Loop.

2. Quantitative Results: Measuring the Drift

I didn't just "fix" the prompts; I implemented a hard constraint-validation layer. Here is how the system improved after I introduced the Zod-based Fallback Strategy:

3. The Implementation: Failing Safely

I learned that you cannot JSON.parse() your way to a production app. My agentic workflow now treats AI output as "untrusted input."

// The Reality: Handling LLM non-determinism in NestJS
async optimizeBudget(budget: number): Promise<MealPlan> {
  try {
    const raw = await this.gemini.ask(budget);
    // Schema validation ensures we never crash on malformed AI output
    return MealPlanSchema.parse(JSON.parse(raw)); 
  } catch (e) {
    // When AI reasoning drifts, we don't return an invalid plan. 
    // We pivot to a deterministic "safe-mode" heuristic.
    console.error("AI reasoning drift detected, falling back to deterministic heuristic.");
    return this.staticMealService.getFallbackPlan(budget);
  }
}

4. What Google I/O 2026 Taught Me

This year’s I/O keynotes shifted my perspective on "Deterministic Agentic Workflows."

Serverless is a feature: I moved my reasoning logic to Cloud Run. During Sunday-night traffic spikes, the system auto-scales. I only pay for compute when the agent is actually "thinking."
Firestore as the Ambient Glue: By using Firestore, my meal plan isn't just a web app state—it’s an ambient data stream that syncs instantly to my mobile device. It’s the "ambient computing" vision I saw on stage, applied to my own grocery list.

5. Conclusion: The Real Goal

The goal was never just to build an AI meal planner. It was to build a system that fails safely.

As developers, we are moving into an era where AI is no longer a "nice-to-have" feature; it is a core dependency. If we cannot build systems that fail gracefully when the LLM hallucinates, we aren't building software—we're just building technical debt.

The Live Mess: lephuongtrung

How I Built an Intelligent, Budget-Friendly Meal Planner to Refactor My Fitness Journey

LePhuongTrung — Sun, 24 May 2026 04:01:36 +0000

Every software engineer knows the concept of refactoring—improving the internal structure of code without changing its external behavior. But a few months ago, I decided to apply this exact mindset to a different kind of system: my own body.

As a full-stack developer navigating a serious fitness and body recomposition journey, I quickly hit a major bottleneck that wasn't code-related. It was meal prepping. Calculating macro targets (Protein, Carbs, Fats) manually on Excel is tedious. Worse, trying to balance those nutrient goals with a strict weekly budget while avoiding foods I dislike felt like solving an NP-hard problem every single Sunday.

So, instead of complaining, I did what any developer would do: I built a web application to automate it.

The Core Product Workflow
I designed the application to be completely streamlined, focusing on constraints that matter to real people: fitness goals, budget restrictions, and personal food preferences.

Dynamic Constraint Setting (Goal & Budget) The workflow starts by letting the user choose their fitness direction—either Cut (caloric deficit for fat loss) or Bulk (caloric surplus for clean muscle gain).

Next is the strict budget input. The system is smart enough to calculate a baseline budget based on the user's physical metrics. If you try to input an unrealistic budget, the system warns you. For my current cutting phase, I locked in a budget of 700,000 VND/week (~$27 USD).

Figure 1: English localized UI for goal and weekly budget configuration (700,000 VND / ~$27 USD).

Preference Filtering (Blacklisting Ingredients) We all have foods we absolutely refuse to eat. Whether it's pork liver, specific greens, or seafood, the app allows users to toggle off ingredients. The backend algorithm dynamically excludes these food items from the pool before generating the menu.

Figure 2: Ingredient blacklist interface showing localized Vietnamese data layer mapped against an English UI framework.

Smart Weekly Menu Generation Once you hit "Generate", the application builds a customized weekly meal plan. For instance, looking at my generated Sunday menu, the app successfully hit a highly optimized macro profile: 1350 kcal, 95g Protein, 199g Carbs, and 20g Fats. It broke the meals down into delicious, budget-friendly options like pan-seared tilapia fillets, boiled sweet potatoes, and steamed carrots.

Figure 3: Weekly view and single-day macro breakdown using localized clean-eating ingredients.

Consolidated Automated Shopping List The biggest time-saver is the automated grocery list aggregation. The app parses the entire week’s menu, calculates the exact weight needed for every ingredient, and presents a checkbox list.

According to the app, I needed exactly 1086g of tilapia fillet (costing around 84,972 VND) and 1053g of raw sweet potatoes (76,253 VND) for the week. The final calculated cost for the entire week came out to just 501,707 VND—well under my 700k budget!

Figure 4: Automated grocery list aggregating exact weights. The algorithm successfully optimized the total cost well below the 700k limit.

The Engineering Behind the Scenes (Tech Stack)
To keep the system highly responsive, type-safe, and capable of scaling into a mobile app later, I leveraged a modern full-stack ecosystem:

Frontend: React / Next.js with a dark-themed, sleek user interface optimized for scannability.

Backend: Node.js & NestJS managing the heavy data parsing, modular routing, and ingredient databases.

Language: TypeScript end-to-end to ensure robust type-safety across data payloads.

How the Algorithm Thinks
The fundamental challenge was mapping fluid monetary constraints against fixed nutritional values. The database stores individual ingredients with their respective market prices per gram and their nutritional profile (P/C/F per 100g).

The application core filters out the blacklisted items first, estimates the daily caloric target based on body data, and then executes a matching mechanism to find the cheapest combinations of ingredients that successfully fulfill the required macro distribution.

🌐 A Smart Approach to Hybrid Localization
If you look closely at the application screenshots, you will notice an interesting architectural choice: The Frontend UI is fully localized in English, while the dynamic dataset (ingredients like "Bắp bò tươi", "Chả lụa") remains in Vietnamese. This is a deliberate Hybrid Localization strategy.

Frontend Presentation Layer: All static text, user instructions, navigation buttons, and system alerts are handled via localization JSONs, making the application immediately friendly to an international audience or English-speaking expats.

Dynamic Data Layer: The core database—storing ingredient names, localized nutrition profiles, and historical market pricing—is kept in the regional language. Why? Because these items are tightly coupled with physical inventory at local Vietnamese supermarkets, traditional wet markets, and regional grocery costs.

By separating the UI translation layer from the localized data layer, the system remains highly accurate for the target market's budget calculation, while the codebase is structurally prepared to scale globally just by swapping the underlying ingredient database.

What’s Next?
Building this tool in public has drastically optimized my weekly developer routine and body metrics. No more guessing at the grocery store, no more macro calculation errors, and zero wasted budget.

Moving forward, I am planning to expand this system into a cross-platform mobile application, integrate voice-transcription AI to allow seamless hands-free food logging, implement an LLM-driven cooking instruction assistant, and expand multi-language localization to global ingredient databases.

🔗 Connect With Me & Follow the Journey
I am actively building this project in public and regularly sharing deep-dives, architectural updates, and my personal fitness transformation. Let's connect!

Discover my engineering work: Check out my personal project hub at lephuongtrung.id.vn to see my portfolio and active dev experiments.

Watch the app in action: Follow my "Refactor Body" series on TikTok @lephuongtrung to see real-world grocery shopping, meal prepping, and lifting routines.

How do you manage your meal preps and fitness goals as a developer? I’d love to hear your thoughts, feature ideas, or tech suggestions in the comments below!

Feel free to drop a comment, reaction, or follow my blog here on Hashnode if you want to see more content blending Software Engineering and FitTech!

Complete code Send mail on node JS for 60s

LePhuongTrung — Sat, 03 Dec 2022 04:53:02 +0000

Install Nodemailer

If you want to learn more about Nodemailer you can read here:
https://www.npmjs.com/package/nodemailer

Turn on the Terminal and type the following command to install

npm i nodemailer

Handling Send Mail

The outermost of the project creates the file as follows the following folder

Code handle send mail (sendMail.js)

const nodemailer = require("nodemailer");
const transport = nodemailer.createTransport({
  service: "Gmail",
  auth: {
    user: Email name you use to send,
    pass: Email password you use to send,
  },
});
module.exports.sendConfirmationEmail = (name, email) => {
  transport
    .sendMail({
      from: user,
      to: email,
      subject: "Confirm your registered account",
      html: `<h1>Email Confirmation</h1>
        <h2>Hello ${name}</h2>
        <p>You have successfully registered an account. Please confirm your email by clicking on the following link</p>
        </div>`,
    })
    .catch((err) => console.log(err));
};

Handling Router

Code handle router (router.js)
Add the following code to the router .js

const sendMail = require("../utils/sendMail");
router.post("/sendmail", async (req, res, next) => {
  try {
    sendMail.sendConfirmationEmail(req.body.name, req.body.email);
    return res.status(200).send("Oke");
  } catch (err) {
    console.log("🚀 ~ file: Routers.js:11 ~ router.post ~ err", err);
    next(err);
  }
});

Run test results

Here I use insomnia to test API

Check mail

Conclusion

We have successfully implemented email notification functionality using Nodemailer. In the next posts, we will explore deeper into system architecture and security. You can follow all my upcoming technical insights and lifestyle updates at Lê Phương Trung - Middle Fullstack Developer.

If you do not understand something, feel free to message me or join our Zalo community: Join Node.js Backend Group to exchange knowledge about Node.js and Backend development!

Fix CORS policy error on Nodejs with 2 super simple steps

LePhuongTrung — Sat, 03 Dec 2022 03:57:50 +0000

What is CORS?

Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served.

How does CORS policy error show?

Access to XMLHttpRequest at 'http://localhost:3333/user/Login' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

How to fix CORS policy error on nodejs?

Step 1: Install CORS

npm i cors

Step 2: put CORS in request Open the app.js file and add the following 3 lines.

var cors = require('cors')
var app = express()
app.use(cors())

Also, you can add some more customizations here: https://www.npmjs.com/package/cors

Conclusion

Fixing CORS is one of the first steps to making your backend production-ready. You can follow my blog updates, fitness journey, and more full-stack web development tips directly at Lê Phương Trung - Middle Fullstack Developer.

If you do not understand something, you can message me or join this group Zalo: Link, to exchange knowledge about BackEnd NodejsBackEnd Nodejs

User Security - P1 How to encrypt password in Nodejs?

LePhuongTrung — Sun, 27 Nov 2022 10:10:01 +0000

With any software provider, there is also a responsibility that is to protect user information. Data breaches can cause millions of dollars in damages, and according to Imperva, the US has the highest data breach costs.

One of the ways to secure user information is to encrypt confidential information. This article will guide you to encrypt passwords with Bcrypt in Node.js. If you want to check out more backend best practices or follow my fullstack coding journey, feel free to visit Lê Phương Trung Hub.

Step 1 Install the necessary dependencies

in your Project open terminal and enter command

npm install bcrypt
npm install dotenv

in the package.json file the dependencies section has "bcrypt": "^5.1.0" and "dotenv": "^16.0.3",, which is ok
Note the version may change depending on the time of installation (currently the latest version)

Step 2 Define environment variable

in the outermost create file .env
SALT: number of data hashes

SALT=10

Step 3 HashPassword

create a new founder named utils, in utils create a new file named handlePassword

const bcrypt = require("bcrypt");

const hashPassword = async (plainPassword) => {
  try {
    const hashPassword = await bcrypt.hash(plainPassword, parseInt(process.env.SALT));
    return hashPassword ;
  } catch (error) {
    console.log("🚀 ~ file: bcrypt.js ~ line 12 ~ hashPassword ~ error", error);
    return error;
  }
};

module.exports = {
  hashPassword,
};

Step 4 Handle Controller

in the outermost create the Controller folder, in the controller create the file Auth.js

const UserModel = require("../Database/Models/User");
const { hashPassword } = require("../utils/bcrypt");

const signUp = async (req, res, next) => {
  try {
    let data = req.body;
    //look in database User has email entered yet
    const findAccount = await UserModel.findOne({email : data.email});
    if (!data.email || !data.fullName || !data.password) return res.status(412).send("You have not filled in the required information");
    if (findAccount ) {
      return res.status(403).send("The email has already been registered");
    };

    const hashedPassword = await hashPassword(data.password);
    const createNewAccount = await UserModel.create({
      ...data,
      password: hashedPassword,
    });
    if (!createNewAccount ) {
      return res.status(500).send("Internal server error");
    }
    return res.status(200).send(create);
  } catch (err) {
    console.log("🚀 ~ file: Controllers.js ~ line 34 ~ signUp ~ err", err);
    next(err);
  }
};

Step 5 Handle router

in the outermost create the Router folder, in the Router folder create the file AuthRouter.js

var express = require("express");
var router = express.Router();
const AuthController = require("../Controllers/Auth");

router.post("/register", AuthController.signUp);

module.exports = router;

In the additional App.js file:

var authRouter = require("./Router/AuthRouter");

app.use("/user", userRouter);

//IIFE
(async () => {
  await database.connectDatabase();
})();

Conclusion

With today's post we have done the password hashing, tomorrow we will continue with 2 articles: login and send verified mail.
If you do not understand something, you can message me or join this group Zalo: Link, to exchange knowledge about BackEnd Nodejs