feat: App mobile Expo + API mobile dédiée
Some checks failed
CI / Lint, Unit Tests & Build (push) Failing after 1m21s
CI / Deploy production (on server) (push) Has been skipped

memento-mobile/ (Expo + React Native + expo-router):
- Auth: login email/password → Bearer token (expo-secure-store)
- Layout: guard auth → redirect /(auth)/login ou /(tabs)/home
- Tabs: Accueil, Carnets, Recherche, Profil
- Screens: login, home (recent notes + quick actions), notebooks list,
  note viewer (WebView HTML), search (texte), notebook detail, profile
- Design: tokens brand-accent (#A47148), ink, concrete, paper, border
- lib/config.ts: API_URL dev/prod configurable
- lib/api.ts: apiFetch avec Bearer token automatique
- lib/store.ts: Zustand auth store (login/logout/restore)

memento-note/ (API mobile dédiée):
- lib/mobile-auth.ts: createMobileToken / verifyMobileToken (HMAC-SHA256, 90j)
- POST /api/mobile/auth/login: email+password → token + user
- GET /api/mobile/auth/me: valider token, retourner profil
- GET /api/mobile/notebooks: liste carnets avec nb notes
- GET /api/mobile/notes: notes récentes (filtre par carnet optionnel)
- GET /api/mobile/notes/[id]: contenu complet d'une note
- GET /api/mobile/search: recherche fulltext titre+contenu

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This commit is contained in:
Antigravity
2026-05-29 15:53:13 +00:00
parent c7d2e35ea6
commit aeedb2846f
27 changed files with 1228 additions and 10 deletions

View File

@@ -0,0 +1,45 @@
import { NextRequest, NextResponse } from 'next/server'
import prisma from '@/lib/prisma'
import bcrypt from 'bcryptjs'
import { createMobileToken } from '@/lib/mobile-auth'
export async function POST(req: NextRequest) {
try {
const { email, password } = await req.json()
if (!email || !password) {
return NextResponse.json({ error: 'Email et mot de passe requis' }, { status: 400 })
}
const user = await prisma.user.findUnique({
where: { email: email.toLowerCase().trim() },
select: {
id: true, name: true, email: true, password: true,
subscription: { select: { tier: true } },
},
})
if (!user?.password) {
return NextResponse.json({ error: 'Identifiants invalides' }, { status: 401 })
}
const valid = await bcrypt.compare(password, user.password)
if (!valid) {
return NextResponse.json({ error: 'Identifiants invalides' }, { status: 401 })
}
const token = createMobileToken(user.id)
return NextResponse.json({
token,
user: {
id: user.id,
name: user.name,
email: user.email,
tier: user.subscription?.tier ?? 'FREE',
},
})
} catch (e) {
console.error('[mobile/auth/login]', e)
return NextResponse.json({ error: 'Erreur serveur' }, { status: 500 })
}
}

View File

@@ -0,0 +1,25 @@
import { NextRequest, NextResponse } from 'next/server'
import prisma from '@/lib/prisma'
import { getMobileUserId } from '@/lib/mobile-auth'
export async function GET(req: NextRequest) {
const userId = getMobileUserId(req)
if (!userId) return NextResponse.json({ error: 'Non autorisé' }, { status: 401 })
const user = await prisma.user.findUnique({
where: { id: userId },
select: {
id: true, name: true, email: true,
subscription: { select: { tier: true } },
},
})
if (!user) return NextResponse.json({ error: 'Introuvable' }, { status: 404 })
return NextResponse.json({
id: user.id,
name: user.name,
email: user.email,
tier: user.subscription?.tier ?? 'FREE',
})
}

View File

@@ -0,0 +1,16 @@
import { NextRequest, NextResponse } from 'next/server'
import prisma from '@/lib/prisma'
import { getMobileUserId } from '@/lib/mobile-auth'
export async function GET(req: NextRequest) {
const userId = getMobileUserId(req)
if (!userId) return NextResponse.json({ error: 'Non autorisé' }, { status: 401 })
const notebooks = await prisma.notebook.findMany({
where: { userId, trashedAt: null },
include: { _count: { select: { notes: { where: { trashedAt: null } } } } },
orderBy: { order: 'asc' },
})
return NextResponse.json({ notebooks })
}

View File

@@ -0,0 +1,30 @@
import { NextRequest, NextResponse } from 'next/server'
import prisma from '@/lib/prisma'
import { getMobileUserId } from '@/lib/mobile-auth'
export async function GET(
req: NextRequest,
{ params }: { params: Promise<{ id: string }> }
) {
const userId = getMobileUserId(req)
if (!userId) return NextResponse.json({ error: 'Non autorisé' }, { status: 401 })
const { id } = await params
const note = await prisma.note.findFirst({
where: { id, userId, trashedAt: null },
select: {
id: true,
title: true,
content: true,
updatedAt: true,
createdAt: true,
color: true,
notebook: { select: { id: true, name: true } },
},
})
if (!note) return NextResponse.json({ error: 'Note introuvable' }, { status: 404 })
return NextResponse.json({ note })
}

View File

@@ -0,0 +1,43 @@
import { NextRequest, NextResponse } from 'next/server'
import prisma from '@/lib/prisma'
import { getMobileUserId } from '@/lib/mobile-auth'
export async function GET(req: NextRequest) {
const userId = getMobileUserId(req)
if (!userId) return NextResponse.json({ error: 'Non autorisé' }, { status: 401 })
const { searchParams } = new URL(req.url)
const notebookId = searchParams.get('notebookId')
const notes = await prisma.note.findMany({
where: {
userId,
trashedAt: null,
...(notebookId ? { notebookId } : {}),
},
select: {
id: true,
title: true,
updatedAt: true,
color: true,
notebook: { select: { name: true } },
},
orderBy: { updatedAt: 'desc' },
take: 50,
})
const notebookName = notebookId
? (await prisma.notebook.findUnique({ where: { id: notebookId }, select: { name: true } }))?.name
: undefined
return NextResponse.json({
notes: notes.map((n) => ({
id: n.id,
title: n.title,
updatedAt: n.updatedAt,
color: n.color,
notebookName: n.notebook?.name,
})),
...(notebookName ? { notebookName } : {}),
})
}

View File

@@ -0,0 +1,42 @@
import { NextRequest, NextResponse } from 'next/server'
import prisma from '@/lib/prisma'
import { getMobileUserId } from '@/lib/mobile-auth'
export async function GET(req: NextRequest) {
const userId = getMobileUserId(req)
if (!userId) return NextResponse.json({ error: 'Non autorisé' }, { status: 401 })
const { searchParams } = new URL(req.url)
const q = searchParams.get('q')?.trim()
if (!q) return NextResponse.json({ results: [] })
const notes = await prisma.note.findMany({
where: {
userId,
trashedAt: null,
OR: [
{ title: { contains: q, mode: 'insensitive' } },
{ content: { contains: q, mode: 'insensitive' } },
],
},
select: {
id: true,
title: true,
content: true,
notebook: { select: { name: true } },
},
take: 20,
orderBy: { updatedAt: 'desc' },
})
const results = notes.map((n) => ({
id: n.id,
title: n.title,
notebookName: n.notebook?.name,
snippet: n.content
? n.content.replace(/<[^>]*>/g, ' ').replace(/\s+/g, ' ').trim().slice(0, 160)
: '',
}))
return NextResponse.json({ results })
}

View File

@@ -21,29 +21,29 @@ export function SettingsHelpBox({ title, steps, defaultOpen = false, className }
const [open, setOpen] = useState(defaultOpen)
return (
<div className={cn('rounded-xl border border-blue-200/60 dark:border-blue-800/30 bg-blue-50/50 dark:bg-blue-950/10 overflow-hidden', className)}>
<div className={cn('rounded-xl border border-border/50 bg-border/5 overflow-hidden', className)}>
<button
type="button"
onClick={() => setOpen((v) => !v)}
className="w-full flex items-center gap-2 px-4 py-3 text-left hover:bg-blue-100/40 dark:hover:bg-blue-900/10 transition-colors"
className="w-full flex items-center gap-2 px-4 py-3 text-left hover:bg-border/10 transition-colors"
>
<HelpCircle size={14} className="text-blue-500 dark:text-blue-400 shrink-0" />
<span className="text-[12px] font-semibold text-blue-700 dark:text-blue-300 flex-1">{title}</span>
<HelpCircle size={14} className="text-brand-accent shrink-0" />
<span className="text-[12px] font-semibold text-ink flex-1">{title}</span>
{open ? (
<ChevronUp size={13} className="text-blue-400 shrink-0" />
<ChevronUp size={13} className="text-concrete shrink-0" />
) : (
<ChevronDown size={13} className="text-blue-400 shrink-0" />
<ChevronDown size={13} className="text-concrete shrink-0" />
)}
</button>
{open && (
<ol className="px-4 pb-4 space-y-2">
<ol className="px-4 pb-4 space-y-2.5 border-t border-border/30 pt-3">
{steps.map((step, i) => (
<li key={i} className="flex items-start gap-2.5">
<span className="w-5 h-5 rounded-full bg-blue-100 dark:bg-blue-900/40 text-blue-600 dark:text-blue-300 text-[10px] font-bold flex items-center justify-center shrink-0 mt-0.5">
<span className="w-5 h-5 rounded-full bg-brand-accent/10 text-brand-accent text-[10px] font-bold flex items-center justify-center shrink-0 mt-0.5">
{step.icon ?? i + 1}
</span>
<span className="text-[12px] text-blue-800 dark:text-blue-200 leading-relaxed">
<span className="text-[12px] text-concrete leading-relaxed">
{step.text}
{step.link && (
<>
@@ -52,7 +52,7 @@ export function SettingsHelpBox({ title, steps, defaultOpen = false, className }
href={step.link.href}
target="_blank"
rel="noopener noreferrer"
className="inline-flex items-center gap-0.5 underline underline-offset-2 font-medium hover:text-blue-600"
className="inline-flex items-center gap-0.5 text-brand-accent underline underline-offset-2 font-medium hover:opacity-80"
>
{step.link.label}
<ExternalLink size={10} />

View File

@@ -0,0 +1,37 @@
/**
* Mobile auth helper — validates Bearer token and returns userId
* Token format: base64(userId:timestamp:hmac)
*/
import { createHmac } from 'crypto'
const SECRET = process.env.NEXTAUTH_SECRET || 'fallback-secret'
export function createMobileToken(userId: string): string {
const ts = Date.now()
const payload = `${userId}:${ts}`
const sig = createHmac('sha256', SECRET).update(payload).digest('hex').slice(0, 16)
return Buffer.from(`${payload}:${sig}`).toString('base64url')
}
export function verifyMobileToken(token: string): string | null {
try {
const decoded = Buffer.from(token, 'base64url').toString('utf-8')
const parts = decoded.split(':')
if (parts.length !== 3) return null
const [userId, ts, sig] = parts
const payload = `${userId}:${ts}`
const expected = createHmac('sha256', SECRET).update(payload).digest('hex').slice(0, 16)
if (sig !== expected) return null
// Token valid for 90 days
if (Date.now() - Number(ts) > 90 * 24 * 60 * 60 * 1000) return null
return userId
} catch {
return null
}
}
export function getMobileUserId(request: Request): string | null {
const auth = request.headers.get('Authorization')
if (!auth?.startsWith('Bearer ')) return null
return verifyMobileToken(auth.slice(7))
}