@knotpad/app 0.1.0

package/lib/mcp-handler.ts

@@ -0,0 +1,31 @@
+import { NextRequest, NextResponse } from "next/server";
+import { verifyMcpToken, extractBearerToken, McpTokenPayload } from "@/lib/mcp-auth";
+import { rateLimit, getClientIp } from "@/lib/rate-limit";
+
+export type McpContext = McpTokenPayload & { alias: string | null };
+
+// 120 requests per minute per IP — generous for agent polling, tight enough to block abuse
+const MCP_RATE_LIMIT_MAX = 120;
+const MCP_RATE_LIMIT_WINDOW_MS = 60_000;
+
+export async function withMcpAuth(
+  req: NextRequest,
+  handler: (ctx: McpContext) => Promise<NextResponse>
+): Promise<NextResponse> {
+  const ip = getClientIp(req);
+  const rl = rateLimit(`mcp:${ip}`, MCP_RATE_LIMIT_MAX, MCP_RATE_LIMIT_WINDOW_MS);
+  if (rl.limited) {
+    return NextResponse.json(
+      { error: "Too many requests" },
+      { status: 429, headers: { "Retry-After": String(rl.retryAfter) } }
+    );
+  }
+
+  const token = extractBearerToken(req.headers.get("authorization"));
+  if (!token) return NextResponse.json({ error: "Missing token" }, { status: 401 });
+
+  const ctx = await verifyMcpToken(token);
+  if (!ctx) return NextResponse.json({ error: "Invalid or revoked token" }, { status: 401 });
+
+  return handler(ctx);
+}

package/lib/mcp-url.test.ts

@@ -0,0 +1,12 @@
+import { describe, expect, it } from "vitest";
+import { getMcpUrl } from "@/lib/mcp-url";
+
+describe("getMcpUrl", () => {
+  it("prefers the explicit MCP URL", () => {
+    expect(getMcpUrl("https://app.example.com", "https://mcp.example.com")).toBe("https://mcp.example.com");
+  });
+
+  it("derives the MCP URL from the app URL when no explicit value is set", () => {
+    expect(getMcpUrl("http://localhost:3000", undefined)).toBe("http://localhost:3000/mcp");
+  });
+});

package/lib/mcp-url.ts

@@ -0,0 +1,7 @@
+export function getMcpUrl(appUrl: string, explicitMcpUrl?: string): string {
+  if (explicitMcpUrl) {
+    return explicitMcpUrl;
+  }
+
+  return `${appUrl.replace(/\/$/, "")}/mcp`;
+}

package/lib/mentions.test.ts

@@ -0,0 +1,45 @@
+import { describe, it, expect } from "vitest";
+import { resolveAssignee, normalizeHandle } from "@/lib/mentions";
+
+// Minimal fake tx exposing only what resolveAssignee touches.
+function fakeTx(members: Array<{ userId: string; user: { name: string | null; email: string | null } }>) {
+  return { workspaceMember: { findMany: async () => members } } as never;
+}
+
+const members = [
+  { userId: "u1", user: { name: "John Doe", email: "john@acme.com" } },
+  { userId: "u2", user: { name: null, email: "alice@acme.com" } },
+];
+
+describe("resolveAssignee", () => {
+  it("matches a name handle even though the editor strips spaces", async () => {
+    // editor builds "@johndoe" from "John Doe"
+    const r = await resolveAssignee(fakeTx(members), "ws", "@johndoe");
+    expect(r).toEqual({ assigneeId: "u1", assigneeType: "HUMAN" });
+  });
+
+  it("matches a bare email local-part", async () => {
+    const r = await resolveAssignee(fakeTx(members), "ws", "@alice");
+    expect(r.assigneeId).toBe("u2");
+  });
+
+  it("does not ambiguously prefix-match emails", async () => {
+    // "@al" must NOT resolve to alice@ (old startsWith bug)
+    const r = await resolveAssignee(fakeTx(members), "ws", "@al");
+    expect(r.assigneeId).toBeNull();
+  });
+
+  it("treats @agent as an agent, not a human", async () => {
+    const r = await resolveAssignee(fakeTx(members), "ws", "@agent");
+    expect(r).toEqual({ assigneeId: null, assigneeType: "AGENT" });
+  });
+
+  it("returns no assignee for a null handle", async () => {
+    const r = await resolveAssignee(fakeTx(members), "ws", null);
+    expect(r).toEqual({ assigneeId: null, assigneeType: "HUMAN" });
+  });
+
+  it("normalizeHandle strips @, case, and whitespace", () => {
+    expect(normalizeHandle("@John Doe")).toBe("johndoe");
+  });
+});

package/lib/mentions.ts

@@ -0,0 +1,73 @@
+/**
+ * Mention handle resolution — shared by every note→task sync path so the
+ * matching rules can't drift between call sites.
+ *
+ * The editor builds handles from a member's name (preferred) or email:
+ *   @${(name ?? email).toLowerCase().replace(/\s+/g, "")}
+ * so resolution must normalise both sides identically. We also accept a bare
+ * email local-part (e.g. "@alice" for alice@acme.com) since people type that.
+ */
+
+import { prisma } from "@/lib/prisma";
+import { isAgentHandle } from "@/lib/task-parser";
+
+type Tx = Parameters<Parameters<typeof prisma.$transaction>[0]>[0];
+
+export type ResolvedAssignee = {
+  assigneeId: string | null;
+  assigneeType: "HUMAN" | "AGENT";
+};
+
+export type WorkspaceMemberWithUser = {
+  userId: string;
+  user: { id: string; name: string | null; email: string | null };
+};
+
+/** Strip a leading "@", lower-case, and remove whitespace. */
+export function normalizeHandle(handle: string): string {
+  return handle.replace(/^@/, "").toLowerCase().replace(/\s+/g, "");
+}
+
+/**
+ * Fetch all workspace members once so callers in a loop can pass the list in
+ * and avoid an N+1 per-task query.
+ */
+export async function fetchWorkspaceMembers(
+  tx: Tx,
+  workspaceId: string
+): Promise<WorkspaceMemberWithUser[]> {
+  return tx.workspaceMember.findMany({
+    where: { workspaceId },
+    include: { user: { select: { id: true, name: true, email: true } } },
+  });
+}
+
+/**
+ * Resolve an @mention handle to a workspace user.
+ * Pass `prefetchedMembers` (from `fetchWorkspaceMembers`) to avoid a DB query
+ * per call when resolving multiple tasks in a loop.
+ */
+export async function resolveAssignee(
+  tx: Tx,
+  workspaceId: string,
+  handle: string | null,
+  prefetchedMembers?: WorkspaceMemberWithUser[]
+): Promise<ResolvedAssignee> {
+  if (!handle) return { assigneeId: null, assigneeType: "HUMAN" };
+  if (isAgentHandle(handle)) return { assigneeId: null, assigneeType: "AGENT" };
+
+  const slug = normalizeHandle(handle);
+  const members = prefetchedMembers ?? await tx.workspaceMember.findMany({
+    where: { workspaceId },
+    include: { user: { select: { id: true, name: true, email: true } } },
+  });
+
+  const match = members.find((m) => {
+    const email = (m.user.email ?? "").toLowerCase().replace(/\s+/g, "");
+    const nameSlug = (m.user.name ?? "").toLowerCase().replace(/\s+/g, "");
+    const emailLocal = email.split("@")[0];
+    return slug === nameSlug || slug === email || slug === emailLocal;
+  });
+
+  return { assigneeId: match?.userId ?? null, assigneeType: "HUMAN" };
+}

package/lib/note-crypto.ts

@@ -0,0 +1,108 @@
+/**
+ * Transparent note encryption-at-rest layer — server-side AES-256-GCM.
+ *
+ * Encryption policy:
+ *   - Local-only mode (IS_CLOUD=false, no CLOUD_DATABASE_URL):
+ *     Notes are stored as plaintext in PGlite. The data never leaves the
+ *     user's device, so encryption is unnecessary and would only create
+ *     a footgun (lose ENCRYPTION_PEPPER → lose all notes).
+ *
+ *   - Cloud mode (IS_CLOUD=true) or local with cloud sync (CLOUD_DATABASE_URL):
+ *     Notes are always encrypted before storage. This protects data at rest
+ *     in the cloud DB (Neon). The server holds the key (ENCRYPTION_PEPPER).
+ *
+ * Two sets of helpers, kept for call-site clarity:
+ *   encryptContent / decryptContent   → API routes / MCP (primary `prisma`)
+ *   encryptForSync / decryptFromSync  → sync-worker talking to either DB
+ * Both behave identically. Decryption is safe to call on plaintext (returns
+ * it unchanged) so legacy rows and local-only data don't throw.
+ *
+ * Only note.content is encrypted. Titles, ids, timestamps, and task data stay
+ * plaintext so they remain queryable.
+ */
+
+import { prisma, getCloudPrisma } from "@/lib/prisma";
+import { encryptNote, decryptNote, generateSalt, isEncrypted } from "@/lib/encryption";
+
+// ── Cloud check ─────────────────────────────────────────────────────────────
+// Encryption is only needed when data may reach the cloud DB. In local-only
+// mode (no cloud sync), notes stay plaintext on the user's own device.
+function isCloudEnabled(): boolean {
+  return process.env.IS_CLOUD === "true" || !!process.env.CLOUD_DATABASE_URL;
+}
+
+// ── Salt cache ────────────────────────────────────────────────────────────────
+// Per-workspace salt persisted in the workspace row. Cached in-process to avoid
+// an extra round-trip on every note read/write.
+
+const saltCache = new Map<string, string>();
+
+async function getWorkspaceSalt(workspaceId: string): Promise<string> {
+  const cached = saltCache.get(workspaceId);
+  if (cached) return cached;
+
+  const workspace = await prisma.workspace.findUnique({
+    where: { id: workspaceId },
+    select: { encryptionSalt: true },
+  });
+
+  if (workspace?.encryptionSalt) {
+    saltCache.set(workspaceId, workspace.encryptionSalt);
+    return workspace.encryptionSalt;
+  }
+
+  // First time for this workspace: generate and persist the salt.
+  const salt = generateSalt();
+  await prisma.workspace.update({
+    where: { id: workspaceId },
+    data: { encryptionSalt: salt },
+  });
+  // Mirror to Neon so the migration step can find the salt alongside the workspace record.
+  // Non-fatal: if the cloud write fails, the migration endpoint will copy the workspace row.
+  const cloud = getCloudPrisma();
+  if (cloud) {
+    cloud.workspace.update({ where: { id: workspaceId }, data: { encryptionSalt: salt } }).catch(() => {});
+  }
+  saltCache.set(workspaceId, salt);
+  return salt;
+}
+
+function getPepper(): string {
+  const pepper = process.env.ENCRYPTION_PEPPER;
+  if (!pepper) {
+    throw new Error(
+      "[Brief] ENCRYPTION_PEPPER env var is required to encrypt notes at rest. " +
+      "Generate one with: openssl rand -base64 32"
+    );
+  }
+  return pepper;
+}
+
+// ── Public helpers ──────────────────────────────────────────────────────────
+
+export async function encryptContent(
+  content: string,
+  workspaceId: string
+): Promise<string> {
+  if (!isCloudEnabled()) return content; // local-only: store plaintext
+  if (isEncrypted(content)) return content; // never double-encrypt
+  const salt = await getWorkspaceSalt(workspaceId);
+  return encryptNote(content, getPepper(), salt);
+}
+
+export async function decryptContent(
+  content: string,
+  workspaceId: string
+): Promise<string> {
+  if (!isEncrypted(content)) return content; // plaintext or local-only safety
+  const salt = await getWorkspaceSalt(workspaceId);
+  return decryptNote(content, getPepper(), salt);
+}
+
+// Sync-worker aliases — identical behaviour, named for call-site intent.
+export const encryptForSync = encryptContent;
+export const decryptFromSync = decryptContent;
+
+export function invalidateSaltCache(workspaceId: string): void {
+  saltCache.delete(workspaceId);
+}

package/lib/note-sync.ts

@@ -0,0 +1,201 @@
+/**
+ * Helpers for keeping notes ↔ tasks in sync.
+ * - Snapshot management (base content for three-way merge)
+ * - Note badge updates when task status changes
+ * - Re-parse note content into tasks after edits
+ */
+
+import { prisma } from "@/lib/prisma";
+import type { PrismaClient, Priority } from "@/app/generated/prisma/client";
+import { parseTasksFromMarkdown } from "@/lib/task-parser";
+import { resolveAssignee } from "@/lib/mentions";
+import { encryptForSync, decryptFromSync } from "@/lib/note-crypto";
+
+// --- Snapshot store (noteSnapshots field in SyncState) ---
+
+type Snapshots = Record<string, string>; // noteId → content
+
+export async function getOrCreateSyncState(workspaceId: string, db: PrismaClient = prisma) {
+  const existing = await db.syncState.findUnique({ where: { workspaceId } });
+  if (existing) return existing;
+  return db.syncState.create({ data: { workspaceId } });
+}
+
+export async function getSnapshots(
+  workspaceId: string,
+  db: PrismaClient = prisma
+): Promise<{ snapshots: Snapshots; version: number }> {
+  const state = await db.syncState.findUnique({ where: { workspaceId } });
+  const version = state?.snapshotVersion ?? 0;
+  if (!state?.noteSnapshots) return { snapshots: {}, version };
+  try {
+    // Snapshots hold note content (the three-way-merge base), so the JSON blob
+    // is encrypted at rest. Values inside the parsed map are plaintext.
+    const json = await decryptFromSync(state.noteSnapshots, workspaceId);
+    return { snapshots: JSON.parse(json) as Snapshots, version };
+  } catch {
+    return { snapshots: {}, version };
+  }
+}
+
+export async function saveSnapshots(
+  workspaceId: string,
+  snapshots: Snapshots,
+  expectedVersion?: number,
+  db: PrismaClient = prisma
+): Promise<void> {
+  const blob = await encryptForSync(JSON.stringify(snapshots), workspaceId);
+
+  if (expectedVersion !== undefined) {
+    // Optimistic concurrency: only write if the version hasn't changed since we read.
+    // Protects against concurrent writes from multiple Node.js instances (cloud mode).
+    const updated = await db.syncState.updateMany({
+      where: { workspaceId, snapshotVersion: expectedVersion },
+      data: { noteSnapshots: blob, snapshotVersion: { increment: 1 } },
+    });
+    if (updated.count === 0) {
+      throw new Error("Snapshot version conflict — another process updated concurrently");
+    }
+    return;
+  }
+
+  await db.syncState.upsert({
+    where: { workspaceId },
+    update: { noteSnapshots: blob, snapshotVersion: { increment: 1 } },
+    create: { workspaceId, noteSnapshots: blob, snapshotVersion: 1 },
+  });
+}
+
+// Per-workspace serialization: getSnapshots → mutate → saveSnapshots is a
+// read-modify-write of one JSON blob, so concurrent single-note updates within
+// this process would clobber each other. Chain them per workspace.
+// For multi-instance protection, saveSnapshots uses optimistic concurrency.
+const snapshotChains = new Map<string, Promise<unknown>>();
+
+function withSnapshotLock<T>(workspaceId: string, fn: () => Promise<T>): Promise<T> {
+  const prev = snapshotChains.get(workspaceId) ?? Promise.resolve();
+  const next = prev.then(fn, fn);
+  // Keep the chain alive but don't let rejections poison the next caller.
+  snapshotChains.set(workspaceId, next.catch(() => {}));
+  return next;
+}
+
+export async function saveSnapshot(
+  workspaceId: string,
+  noteId: string,
+  content: string,
+  db: PrismaClient = prisma
+): Promise<void> {
+  await withSnapshotLock(workspaceId, async () => {
+    const { snapshots, version } = await getSnapshots(workspaceId, db);
+    snapshots[noteId] = content;
+    await saveSnapshots(workspaceId, snapshots, version, db);
+  });
+}
+
+export async function deleteSnapshot(
+  workspaceId: string,
+  noteId: string,
+  db: PrismaClient = prisma
+): Promise<void> {
+  await withSnapshotLock(workspaceId, async () => {
+    const { snapshots, version } = await getSnapshots(workspaceId, db);
+    delete snapshots[noteId];
+    await saveSnapshots(workspaceId, snapshots, version, db);
+  });
+}
+
+// --- Note badge update (inline status markers) ---
+
+const STATUS_COMMENT_RE = /\s*<!--task::[^>]*-->/g;
+const TASK_LINE_RE = /^(\s*)-\s+\[([ x])\]\s+(.+)$/;
+
+export async function updateNoteBadge(
+  noteId: string,
+  taskTitle: string,
+  newStatus: string,
+  db: PrismaClient = prisma
+): Promise<void> {
+  const note = await db.note.findUnique({ where: { id: noteId } });
+  if (!note) return;
+
+  const plain = await decryptFromSync(note.content, note.workspaceId);
+  const lines = plain.split("\n");
+  let changed = false;
+
+  for (let i = 0; i < lines.length; i++) {
+    const m = TASK_LINE_RE.exec(lines[i]);
+    if (!m) continue;
+
+    const lineTitle = m[3]
+      .replace(/@[\w-]+/g, "")
+      .replace(/<[^>]+>/g, "")
+      .replace(STATUS_COMMENT_RE, "")
+      .trim();
+
+    if (lineTitle !== taskTitle) continue;
+
+    // Flip the checkbox only; <!--task::STATUS--> comments are no longer written
+    // (nothing reads them and they caused spurious sync diffs).
+    const stripped = lines[i].replace(STATUS_COMMENT_RE, "");
+    const checkbox = newStatus === "DONE" ? "x" : " ";
+    const next = stripped.replace(/\[([ x])\]/, `[${checkbox}]`);
+    if (next !== lines[i]) { lines[i] = next; changed = true; }
+    break;
+  }
+
+  if (changed) {
+    const stored = await encryptForSync(lines.join("\n"), note.workspaceId);
+    await db.note.update({
+      where: { id: noteId },
+      data: { content: stored, version: { increment: 1 } },
+    });
+  }
+}
+
+// --- Re-parse note content → sync tasks (idempotent) ---
+
+export async function syncNoteToTasks(
+  noteId: string,
+  workspaceId: string,
+  db: PrismaClient = prisma
+): Promise<void> {
+  const note = await db.note.findUnique({
+    where: { id: noteId },
+    include: { tasks: true },
+  });
+  if (!note) return;
+
+  const plain = await decryptFromSync(note.content, workspaceId);
+  const parsed = parseTasksFromMarkdown(plain);
+  const existingByTitle = new Map(note.tasks.map((t) => [t.title, t]));
+
+  await db.$transaction(async (tx) => {
+    for (const p of parsed) {
+      if (existingByTitle.has(p.title)) {
+        existingByTitle.delete(p.title);
+        continue; // already exists, idempotent
+      }
+
+      const { assigneeId, assigneeType } = await resolveAssignee(tx, workspaceId, p.assigneeHandle);
+
+      const task = await tx.task.create({
+        data: {
+          title: p.title,
+          noteId,
+          workspaceId,
+          assigneeType,
+          assigneeId,
+          fileRefs: p.fileRefs,
+          ...(p.priority && { priority: p.priority as Priority }),
+        },
+      });
+
+      // Snippet is intentionally empty — computed from decrypted note content at
+      // read time (task-detail page) so no plaintext leaks into the DB.
+      await tx.taskReference.create({
+        data: { taskId: task.id, noteId, snippet: "" },
+      });
+    }
+  });
+}

package/lib/note-title.ts

@@ -0,0 +1,93 @@
+// Extract a human-readable title from raw markdown content.
+// Strips common markdown syntax and returns the first meaningful sentence,
+// capped at 80 characters so it fits nicely in sidebars and card labels.
+
+const MAX_AUTO_TITLE_LEN = 80;
+
+export function extractTitleFromContent(content: string): string | null {
+  if (!content || !content.trim()) return null;
+
+  const lines = content.split("\n");
+  for (const raw of lines) {
+    let line = raw.trim();
+    if (!line) continue;
+
+    // Strip heading markers
+    line = line.replace(/^#{1,6}\s*/, "");
+
+    // Strip task checkbox prefix
+    line = line.replace(/^\s*-\s+\[[ x]\]\s*/, "");
+
+    // Strip bold / italic / strikethrough markers
+    line = line.replace(/(\*{1,2}|_{1,2}|~{2})([^*_~]+)\1/g, "$2");
+
+    // Strip inline code backticks
+    line = line.replace(/`([^`]+)`/g, "$1");
+
+    // Strip markdown links → keep only the text part
+    line = line.replace(/\[([^\]]+)\]\([^)]+\)/g, "$1");
+
+    // Strip bare URLs
+    line = line.replace(/https?:\/\/\S+/g, "");
+
+    // Strip HTML tags
+    line = line.replace(/<[^>]+>/g, "");
+
+    // Strip image syntax
+    line = line.replace(/!\[[^\]]*\]\([^)]+\)/g, "");
+
+    // Strip note/task refs
+    line = line.replace(/\[\[[^\]]+\]\]/g, "");
+    line = line.replace(/\(\([^)]+\)\)/g, "");
+
+    // Strip mention handles
+    line = line.replace(/@[\w-]+/g, "");
+
+    // Strip file references <...>
+    line = line.replace(/<[^>]+>/g, "");
+
+    // Strip date/date-ranges
+    line = line.replace(/\d{4}-\d{2}-\d{2}(\.\.\d{4}-\d{2}-\d{2})?/g, "");
+
+    // Strip remaining markdown list markers
+    line = line.replace(/^(\s*[-*+]|\d+\.)\s+/, "");
+
+    // Clean up whitespace
+    line = line.replace(/\s+/g, " ").trim();
+
+    if (!line) continue;
+
+    // Cap length at first sentence boundary if possible, otherwise first 4 words
+    let title = line;
+    const sentenceEnd = title.search(/[.!?](\s|$)/);
+    if (sentenceEnd !== -1 && sentenceEnd > 0) {
+      title = title.slice(0, sentenceEnd + 1);
+    } else {
+      // No punctuation — grab the first 4 words
+      const words = title.split(" ");
+      if (words.length > 4) {
+        title = words.slice(0, 4).join(" ");
+      }
+    }
+    if (title.length > MAX_AUTO_TITLE_LEN) {
+      title = title.slice(0, MAX_AUTO_TITLE_LEN);
+      // Don't chop mid-word
+      const lastSpace = title.lastIndexOf(" ");
+      if (lastSpace > 20) title = title.slice(0, lastSpace);
+    }
+
+    title = title.trim();
+    if (title) return title;
+  }
+
+  return null;
+}
+
+export function autoTitle(content: string, currentTitle?: string): string {
+  // Only auto-title if the user hasn't explicitly named it
+  if (currentTitle && currentTitle.trim() && currentTitle.trim() !== "Untitled") {
+    return currentTitle.trim();
+  }
+  const extracted = extractTitleFromContent(content);
+  return extracted ?? "Untitled";
+}