Files
Momento/memento-note/app/api/mobile/notes/[id]/route.ts
Antigravity a84c7e80d6
All checks were successful
CI / Lint, Unit Tests & Build (push) Successful in 6m13s
CI / Deploy production (on server) (push) Successful in 24s
fix(critique): 2 régressions introduites par les fixes précédents
Bug #1 — Memory Echo cassé (runtime crash):
- lib/ai/services/memory-echo.service.ts: lignes adjustedThreshold restaurées
- Cause: sed console.log avait supprimé les lignes de définition
- Effet: findConnections() crashait (ReferenceError)

Bug #2 — Auth mobile totalement cassée (sécurité):
- 14 routes app/api/mobile/*/: getMobileUserId(req) → await getMobileUserId(req)
- Cause: verifyMobileToken devenu async mais callers non mis à jour
- Effet: auth bypassée (Promise truthy au lieu de string)

i18n:
- searchModal.* + insightsView.* propagés dans 13 locales (EN fallback)
2026-07-05 16:53:36 +00:00

88 lines
2.6 KiB
TypeScript

import { NextRequest, NextResponse } from 'next/server'
import prisma from '@/lib/prisma'
import { getMobileUserId } from '@/lib/mobile-auth'
export async function GET(
req: NextRequest,
{ params }: { params: Promise<{ id: string }> }
) {
const userId = await getMobileUserId(req)
if (!userId) return NextResponse.json({ error: 'Non autorisé' }, { status: 401 })
const { id } = await params
const note = await prisma.note.findFirst({
where: { id, userId, trashedAt: null },
select: {
id: true,
title: true,
content: true,
updatedAt: true,
createdAt: true,
color: true,
notebook: { select: { id: true, name: true } },
},
})
if (!note) return NextResponse.json({ error: 'Note introuvable' }, { status: 404 })
return NextResponse.json({ note })
}
export async function PUT(
req: NextRequest,
{ params }: { params: Promise<{ id: string }> }
) {
const userId = await getMobileUserId(req)
if (!userId) return NextResponse.json({ error: 'Non autorisé' }, { status: 401 })
const { id } = await params
const { title, content } = await req.json().catch(() => ({}))
const existing = await prisma.note.findFirst({ where: { id, userId, trashedAt: null } })
if (!existing) return NextResponse.json({ error: 'Note introuvable' }, { status: 404 })
const htmlContent = content !== undefined ? buildHtmlContent(content) : existing.content
const note = await prisma.note.update({
where: { id },
data: {
...(title?.trim() ? { title: title.trim() } : {}),
content: htmlContent,
updatedAt: new Date(),
},
select: { id: true, title: true, updatedAt: true },
})
return NextResponse.json({ note })
}
export async function DELETE(
req: NextRequest,
{ params }: { params: Promise<{ id: string }> }
) {
const userId = await getMobileUserId(req)
if (!userId) return NextResponse.json({ error: 'Non autorisé' }, { status: 401 })
const { id } = await params
const note = await prisma.note.findFirst({ where: { id, userId, trashedAt: null } })
if (!note) return NextResponse.json({ error: 'Note introuvable' }, { status: 404 })
await prisma.note.update({ where: { id }, data: { trashedAt: new Date() } })
return NextResponse.json({ ok: true })
}
function buildHtmlContent(text: string): string {
if (!text.trim()) return '<p></p>'
if (text.trimStart().startsWith('<')) return text
return text
.split('\n')
.map((line) => `<p>${line.trim() ? escapeHtml(line) : ''}</p>`)
.join('')
}
function escapeHtml(s: string) {
return s.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;')
}