feat: add reminders page, BMad skills upgrade, MCP server refactor

- Add reminders page with navigation support
- Upgrade BMad builder module to skills-based architecture
- Refactor MCP server: extract tools and auth into separate modules
- Add connections cache, custom AI provider support
- Update prisma schema and generated client
- Various UI/UX improvements and i18n updates
- Add service worker for PWA support

Made-with: Cursor

keep-notes/app/api/notes/route.ts

@@ -1,25 +1,26 @@
 import { NextRequest, NextResponse } from 'next/server'
 import prisma from '@/lib/prisma'
-import { CheckItem } from '@/lib/types'
-
-// Helper to parse JSON fields
-function parseNote(dbNote: any) {
-  return {
-    ...dbNote,
-    checkItems: dbNote.checkItems ? JSON.parse(dbNote.checkItems) : null,
-    labels: dbNote.labels ? JSON.parse(dbNote.labels) : null,
-    images: dbNote.images ? JSON.parse(dbNote.images) : null,
-  }
-}
+import { auth } from '@/auth'
+import { parseNote } from '@/lib/utils'
 
 // GET /api/notes - Get all notes
 export async function GET(request: NextRequest) {
+  const session = await auth()
+  if (!session?.user?.id) {
+    return NextResponse.json(
+      { success: false, error: 'Unauthorized' },
+      { status: 401 }
+    )
+  }
+
   try {
     const searchParams = request.nextUrl.searchParams
     const includeArchived = searchParams.get('archived') === 'true'
     const search = searchParams.get('search')
 
-    let where: any = {}
+    let where: any = {
+      userId: session.user.id
+    }
     
     if (!includeArchived) {
       where.isArchived = false
@@ -46,6 +47,7 @@ export async function GET(request: NextRequest) {
       data: notes.map(parseNote)
     })
   } catch (error) {
+    console.error('Error fetching notes:', error)
     return NextResponse.json(
       { success: false, error: 'Failed to fetch notes' },
       { status: 500 }
@@ -55,6 +57,14 @@ export async function GET(request: NextRequest) {
 
 // POST /api/notes - Create a new note
 export async function POST(request: NextRequest) {
+  const session = await auth()
+  if (!session?.user?.id) {
+    return NextResponse.json(
+      { success: false, error: 'Unauthorized' },
+      { status: 401 }
+    )
+  }
+
   try {
     const body = await request.json()
     const { title, content, color, type, checkItems, labels, images } = body
@@ -68,6 +78,7 @@ export async function POST(request: NextRequest) {
 
     const note = await prisma.note.create({
       data: {
+        userId: session.user.id,
         title: title || null,
         content: content || '',
         color: color || 'default',
@@ -83,6 +94,7 @@ export async function POST(request: NextRequest) {
       data: parseNote(note)
     }, { status: 201 })
   } catch (error) {
+    console.error('Error creating note:', error)
     return NextResponse.json(
       { success: false, error: 'Failed to create note' },
       { status: 500 }
@@ -92,6 +104,14 @@ export async function POST(request: NextRequest) {
 
 // PUT /api/notes - Update an existing note
 export async function PUT(request: NextRequest) {
+  const session = await auth()
+  if (!session?.user?.id) {
+    return NextResponse.json(
+      { success: false, error: 'Unauthorized' },
+      { status: 401 }
+    )
+  }
+
   try {
     const body = await request.json()
     const { id, title, content, color, type, checkItems, labels, isPinned, isArchived, images } = body
@@ -103,6 +123,24 @@ export async function PUT(request: NextRequest) {
       )
     }
 
+    const existingNote = await prisma.note.findUnique({
+      where: { id }
+    })
+
+    if (!existingNote) {
+      return NextResponse.json(
+        { success: false, error: 'Note not found' },
+        { status: 404 }
+      )
+    }
+
+    if (existingNote.userId !== session.user.id) {
+      return NextResponse.json(
+        { success: false, error: 'Forbidden' },
+        { status: 403 }
+      )
+    }
+
     const updateData: any = {}
     
     if (title !== undefined) updateData.title = title
@@ -125,6 +163,7 @@ export async function PUT(request: NextRequest) {
       data: parseNote(note)
     })
   } catch (error) {
+    console.error('Error updating note:', error)
     return NextResponse.json(
       { success: false, error: 'Failed to update note' },
       { status: 500 }
@@ -134,6 +173,14 @@ export async function PUT(request: NextRequest) {
 
 // DELETE /api/notes?id=xxx - Delete a note
 export async function DELETE(request: NextRequest) {
+  const session = await auth()
+  if (!session?.user?.id) {
+    return NextResponse.json(
+      { success: false, error: 'Unauthorized' },
+      { status: 401 }
+    )
+  }
+
   try {
     const searchParams = request.nextUrl.searchParams
     const id = searchParams.get('id')
@@ -145,6 +192,24 @@ export async function DELETE(request: NextRequest) {
       )
     }
 
+    const existingNote = await prisma.note.findUnique({
+      where: { id }
+    })
+
+    if (!existingNote) {
+      return NextResponse.json(
+        { success: false, error: 'Note not found' },
+        { status: 404 }
+      )
+    }
+
+    if (existingNote.userId !== session.user.id) {
+      return NextResponse.json(
+        { success: false, error: 'Forbidden' },
+        { status: 403 }
+      )
+    }
+
     await prisma.note.delete({
       where: { id }
     })
@@ -154,6 +219,7 @@ export async function DELETE(request: NextRequest) {
       message: 'Note deleted successfully'
     })
   } catch (error) {
+    console.error('Error deleting note:', error)
     return NextResponse.json(
       { success: false, error: 'Failed to delete note' },
       { status: 500 }