memento-mobile/ (Expo + React Native + expo-router): - Auth: login email/password → Bearer token (expo-secure-store) - Layout: guard auth → redirect /(auth)/login ou /(tabs)/home - Tabs: Accueil, Carnets, Recherche, Profil - Screens: login, home (recent notes + quick actions), notebooks list, note viewer (WebView HTML), search (texte), notebook detail, profile - Design: tokens brand-accent (#A47148), ink, concrete, paper, border - lib/config.ts: API_URL dev/prod configurable - lib/api.ts: apiFetch avec Bearer token automatique - lib/store.ts: Zustand auth store (login/logout/restore) memento-note/ (API mobile dédiée): - lib/mobile-auth.ts: createMobileToken / verifyMobileToken (HMAC-SHA256, 90j) - POST /api/mobile/auth/login: email+password → token + user - GET /api/mobile/auth/me: valider token, retourner profil - GET /api/mobile/notebooks: liste carnets avec nb notes - GET /api/mobile/notes: notes récentes (filtre par carnet optionnel) - GET /api/mobile/notes/[id]: contenu complet d'une note - GET /api/mobile/search: recherche fulltext titre+contenu Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
38 lines
1.3 KiB
TypeScript
38 lines
1.3 KiB
TypeScript
/**
|
|
* Mobile auth helper — validates Bearer token and returns userId
|
|
* Token format: base64(userId:timestamp:hmac)
|
|
*/
|
|
import { createHmac } from 'crypto'
|
|
|
|
const SECRET = process.env.NEXTAUTH_SECRET || 'fallback-secret'
|
|
|
|
export function createMobileToken(userId: string): string {
|
|
const ts = Date.now()
|
|
const payload = `${userId}:${ts}`
|
|
const sig = createHmac('sha256', SECRET).update(payload).digest('hex').slice(0, 16)
|
|
return Buffer.from(`${payload}:${sig}`).toString('base64url')
|
|
}
|
|
|
|
export function verifyMobileToken(token: string): string | null {
|
|
try {
|
|
const decoded = Buffer.from(token, 'base64url').toString('utf-8')
|
|
const parts = decoded.split(':')
|
|
if (parts.length !== 3) return null
|
|
const [userId, ts, sig] = parts
|
|
const payload = `${userId}:${ts}`
|
|
const expected = createHmac('sha256', SECRET).update(payload).digest('hex').slice(0, 16)
|
|
if (sig !== expected) return null
|
|
// Token valid for 90 days
|
|
if (Date.now() - Number(ts) > 90 * 24 * 60 * 60 * 1000) return null
|
|
return userId
|
|
} catch {
|
|
return null
|
|
}
|
|
}
|
|
|
|
export function getMobileUserId(request: Request): string | null {
|
|
const auth = request.headers.get('Authorization')
|
|
if (!auth?.startsWith('Bearer ')) return null
|
|
return verifyMobileToken(auth.slice(7))
|
|
}
|