@lastbrain/app 0.1.22 → 0.1.24

package/src/scripts/init-app.ts

@@ -75,17 +75,20 @@ export async function initApp(options: InitAppOptions) {
   // 4. Créer les fichiers de configuration
   await createConfigFiles(targetDir, force, useHeroUI);
 
-  // 5. Créer .gitignore et .env.local.example
+  // 5. Créer le système de proxy storage
+  await createStorageProxy(targetDir, force);
+
+  // 6. Créer .gitignore et .env.local.example
   await createGitIgnore(targetDir, force);
   await createEnvExample(targetDir, force);
 
-  // 6. Créer la structure Supabase avec migrations
+  // 7. Créer la structure Supabase avec migrations
   await createSupabaseStructure(targetDir, force);
 
-  // 7. Ajouter les scripts NPM
+  // 8. Ajouter les scripts NPM
   await addScriptsToPackageJson(targetDir);
 
-  // 8. Enregistrer les modules sélectionnés
+  // 9. Enregistrer les modules sélectionnés
   if (withAuth || selectedModules.length > 0) {
     await saveModulesConfig(targetDir, selectedModules, withAuth);
   }
@@ -192,6 +195,62 @@ async function ensurePackageJson(targetDir: string, projectName: string) {
   }
 }
 
+/**
+ * Récupère les versions actuelles des packages LastBrain depuis npm ou le monorepo
+ */
+function getLastBrainVersions(targetDir: string): {
+  app: string;
+  core: string;
+  ui: string;
+  moduleAuth: string;
+} {
+  const targetIsInMonorepo = fs.existsSync(path.join(targetDir, "../../../packages/core/package.json")) ||
+                               fs.existsSync(path.join(targetDir, "../../packages/core/package.json"));
+
+  if (targetIsInMonorepo) {
+    // Dans le monorepo, utiliser workspace:*
+    return {
+      app: "workspace:*",
+      core: "workspace:*",
+      ui: "workspace:*",
+      moduleAuth: "workspace:*",
+    };
+  }
+
+  // Hors monorepo, lire les versions depuis les package.json locaux (plus fiable que "latest")
+  try {
+    // Essayer de lire depuis node_modules/@lastbrain (si init-app a été installé)
+    const appPkgPath = path.join(__dirname, "../../package.json");
+    
+    if (fs.existsSync(appPkgPath)) {
+      const appPkg = JSON.parse(fs.readFileSync(appPkgPath, "utf-8"));
+      const appVersion = `^${appPkg.version}`;
+      
+      // Lire les versions des dépendances de @lastbrain/app
+      const coreDep = appPkg.dependencies?.["@lastbrain/core"];
+      const uiDep = appPkg.dependencies?.["@lastbrain/ui"];
+      const authDep = appPkg.dependencies?.["@lastbrain/module-auth"];
+      
+      return {
+        app: appVersion,
+        core: coreDep || appVersion,
+        ui: uiDep || appVersion,
+        moduleAuth: authDep || appVersion,
+      };
+    }
+  } catch (error) {
+    console.warn(chalk.yellow("⚠️  Impossible de lire les versions locales, utilisation de 'latest'"));
+  }
+
+  // Fallback: utiliser "latest"
+  return {
+    app: "latest",
+    core: "latest",
+    ui: "latest",
+    moduleAuth: "latest",
+  };
+}
+
 async function addDependencies(
   targetDir: string,
   useHeroUI: boolean,
@@ -203,33 +262,30 @@ async function addDependencies(
 
   console.log(chalk.yellow("\n📦 Configuration des dépendances..."));
 
-  // Détecter si on est dans le monorepo (développement local)
-  // Vérifier si le projet cible est à l'intérieur du monorepo
-  const targetIsInMonorepo = fs.existsSync(path.join(targetDir, "../../../packages/core/package.json")) ||
-                               fs.existsSync(path.join(targetDir, "../../packages/core/package.json"));
-  const latestVersion = targetIsInMonorepo ? "workspace:*" : "latest";
+  const versions = getLastBrainVersions(targetDir);
   
   // Dependencies
   const requiredDeps: Record<string, string> = {
     next: "^15.0.3",
     react: "^18.3.1",
     "react-dom": "^18.3.1",
-    "@lastbrain/app": latestVersion,
-    "@lastbrain/core": latestVersion,
-    "@lastbrain/ui": latestVersion,
+    "@lastbrain/app": versions.app,
+    "@lastbrain/core": versions.core,
+    "@lastbrain/ui": versions.ui,
     "next-themes": "^0.4.6",
   };
 
   // Ajouter module-auth si demandé
   if (withAuth) {
-    requiredDeps["@lastbrain/module-auth"] = latestVersion;
+    requiredDeps["@lastbrain/module-auth"] = versions.moduleAuth;
   }
 
   // Ajouter les autres modules sélectionnés
   for (const moduleName of selectedModules) {
     const moduleInfo = AVAILABLE_MODULES.find(m => m.name === moduleName);
     if (moduleInfo && moduleInfo.package !== "@lastbrain/module-auth") {
-      requiredDeps[moduleInfo.package] = latestVersion;
+      // Pour les autres modules, utiliser "latest" ou la version depuis le package
+      requiredDeps[moduleInfo.package] = versions.app; // Utiliser la même version que app
     }
   }
 
@@ -270,6 +326,7 @@ async function addDependencies(
     requiredDeps["@heroui/switch"] = "^2.2.24";
     requiredDeps["@heroui/table"] = "^2.2.27";
     requiredDeps["@heroui/tabs"] = "^2.2.24";
+    requiredDeps["@heroui/system"] = "^2.4.23"; // Ajout pour HeroUIProvider
     requiredDeps["@heroui/toast"] = "^2.0.17";
     requiredDeps["@heroui/tooltip"] = "^2.2.24";
     requiredDeps["@heroui/user"] = "^2.2.22";
@@ -1009,21 +1066,11 @@ async function addScriptsToPackageJson(targetDir: string) {
     build: "next build",
     start: "next start",
     lint: "next lint",
-    lastbrain: targetIsInMonorepo 
-      ? "pnpm exec lastbrain"
-      : "node node_modules/@lastbrain/app/dist/cli.js",
-    "build:modules": targetIsInMonorepo
-      ? "pnpm exec lastbrain module:build"
-      : "node node_modules/@lastbrain/app/dist/scripts/module-build.js",
-    "db:migrations:sync": targetIsInMonorepo
-      ? "pnpm exec lastbrain db:migrations:sync"
-      : "node node_modules/@lastbrain/app/dist/scripts/db-migrations-sync.js",
-    "db:init": targetIsInMonorepo
-      ? "pnpm exec lastbrain db:init"
-      : "node node_modules/@lastbrain/app/dist/scripts/db-init.js",
-    "readme:create": targetIsInMonorepo
-      ? "pnpm exec lastbrain readme:create"
-      : "node node_modules/@lastbrain/app/dist/scripts/readme-build.js",
+    lastbrain: "node node_modules/@lastbrain/app/dist/cli.js",
+    "build:modules": "node node_modules/@lastbrain/app/dist/scripts/module-build.js",
+    "db:migrations:sync": "node node_modules/@lastbrain/app/dist/scripts/db-migrations-sync.js",
+    "db:init": "node node_modules/@lastbrain/app/dist/scripts/db-init.js",
+    "readme:create": "node node_modules/@lastbrain/app/dist/scripts/readme-build.js",
   };
 
   pkg.scripts = { ...pkg.scripts, ...scripts };
@@ -1075,3 +1122,349 @@ async function saveModulesConfig(
   await fs.writeJson(modulesConfigPath, { modules }, { spaces: 2 });
   console.log(chalk.green("✓ Configuration des modules sauvegardée"));
 }
+
+async function createStorageProxy(targetDir: string, force: boolean) {
+  console.log(chalk.yellow("\n🗂️  Création du système de proxy storage..."));
+
+  // Créer le dossier lib
+  const libDir = path.join(targetDir, "lib");
+  await fs.ensureDir(libDir);
+
+  // 1. Créer lib/bucket-config.ts
+  const bucketConfigPath = path.join(libDir, "bucket-config.ts");
+  if (!fs.existsSync(bucketConfigPath) || force) {
+    const bucketConfigContent = `/**
+ * Storage configuration for buckets and access control
+ */
+
+export interface BucketConfig {
+  name: string;
+  isPublic: boolean;
+  description: string;
+  allowedFileTypes?: string[];
+  maxFileSize?: number; // in bytes
+  customAccessControl?: (userId: string, filePath: string) => boolean;
+}
+
+export const BUCKET_CONFIGS: Record<string, BucketConfig> = {
+  avatar: {
+    name: "avatar",
+    isPublic: true,
+    description: "User profile pictures and avatars",
+    allowedFileTypes: ["image/jpeg", "image/png", "image/webp", "image/gif"],
+    maxFileSize: 10 * 1024 * 1024, // 10MB
+  },
+  app: {
+    name: "app",
+    isPublic: false,
+    description: "Private user files and documents",
+    maxFileSize: 100 * 1024 * 1024, // 100MB
+    customAccessControl: (userId: string, filePath: string) => {
+      // Users can only access files in their own folder (app/{userId}/...)
+      return filePath.startsWith(\`\${userId}/\`);
+    },
+  },
+  // Example for future buckets:
+  // public: {
+  //   name: "public",
+  //   isPublic: true,
+  //   description: "Publicly accessible files like logos, banners",
+  //   allowedFileTypes: ["image/jpeg", "image/png", "image/webp", "application/pdf"],
+  //   maxFileSize: 50 * 1024 * 1024, // 50MB
+  // },
+  // documents: {
+  //   name: "documents",
+  //   isPublic: false,
+  //   description: "Private documents requiring authentication",
+  //   allowedFileTypes: ["application/pdf", "application/msword", "text/plain"],
+  //   maxFileSize: 25 * 1024 * 1024, // 25MB
+  // },
+};
+
+/**
+ * Get bucket configuration
+ */
+export function getBucketConfig(bucketName: string): BucketConfig | null {
+  return BUCKET_CONFIGS[bucketName] || null;
+}
+
+/**
+ * Check if bucket is public
+ */
+export function isPublicBucket(bucketName: string): boolean {
+  const config = getBucketConfig(bucketName);
+  return config?.isPublic ?? false;
+}
+
+/**
+ * Check if user has access to a specific file
+ */
+export function hasFileAccess(bucketName: string, userId: string, filePath: string): boolean {
+  const config = getBucketConfig(bucketName);
+  if (!config) return false;
+
+  // Public buckets are accessible to everyone
+  if (config.isPublic) return true;
+
+  // Private buckets require authentication
+  if (!userId) return false;
+
+  // Apply custom access control if defined
+  if (config.customAccessControl) {
+    return config.customAccessControl(userId, filePath);
+  }
+
+  return true;
+}
+
+/**
+ * Validate file type for bucket
+ */
+export function isValidFileType(bucketName: string, contentType: string): boolean {
+  const config = getBucketConfig(bucketName);
+  if (!config || !config.allowedFileTypes) return true;
+
+  return config.allowedFileTypes.includes(contentType);
+}
+
+/**
+ * Check if file size is within bucket limits
+ */
+export function isValidFileSize(bucketName: string, fileSize: number): boolean {
+  const config = getBucketConfig(bucketName);
+  if (!config || !config.maxFileSize) return true;
+
+  return fileSize <= config.maxFileSize;
+}`;
+
+    await fs.writeFile(bucketConfigPath, bucketConfigContent);
+    console.log(chalk.green("✓ lib/bucket-config.ts créé"));
+  }
+
+  // 2. Créer lib/storage.ts
+  const storagePath = path.join(libDir, "storage.ts");
+  if (!fs.existsSync(storagePath) || force) {
+    const storageContent = `/**
+ * Build storage proxy URL for files in Supabase buckets
+ * 
+ * @param bucket - The bucket name (e.g., "avatar", "app")
+ * @param path - The file path within the bucket
+ * @returns Proxied URL (e.g., "/api/storage/avatar/user_128_123456.webp")
+ */
+export function buildStorageUrl(bucket: string, path: string): string {
+  // Remove leading slash if present
+  const cleanPath = path.startsWith("/") ? path.slice(1) : path;
+  
+  // Remove bucket prefix from path if present (e.g., "avatar/file.jpg" -> "file.jpg")
+  const pathWithoutBucket = cleanPath.startsWith(bucket + "/") 
+    ? cleanPath.slice(bucket.length + 1)
+    : cleanPath;
+  
+  return \`/api/storage/\${bucket}/\${pathWithoutBucket}\`;
+}
+
+/**
+ * Extract bucket and path from a storage URL
+ * 
+ * @param url - Storage URL (can be proxied URL or Supabase public URL)
+ * @returns Object with bucket and path, or null if not a valid storage URL
+ */
+export function parseStorageUrl(url: string): { bucket: string; path: string } | null {
+  // Handle proxy URLs like "/api/storage/avatar/file.jpg"
+  const proxyMatch = url.match(/^\\/api\\/storage\\/([^\\/]+)\\/(.+)$/);
+  if (proxyMatch) {
+    return {
+      bucket: proxyMatch[1],
+      path: proxyMatch[2]
+    };
+  }
+  
+  // Handle Supabase public URLs
+  const supabaseMatch = url.match(/\\/storage\\/v1\\/object\\/public\\/([^\\/]+)\\/(.+)$/);
+  if (supabaseMatch) {
+    return {
+      bucket: supabaseMatch[1],
+      path: supabaseMatch[2]
+    };
+  }
+  
+  return null;
+}
+
+/**
+ * Convert a Supabase storage path to proxy URL
+ * 
+ * @param storagePath - Path like "avatar/file.jpg" or "app/user/file.pdf"
+ * @returns Proxied URL
+ */
+export function storagePathToProxyUrl(storagePath: string): string {
+  const parts = storagePath.split("/");
+  if (parts.length < 2) {
+    throw new Error("Invalid storage path format");
+  }
+  
+  const bucket = parts[0];
+  const path = parts.slice(1).join("/");
+  
+  return buildStorageUrl(bucket, path);
+}
+
+/**
+ * List of public buckets that don't require authentication
+ */
+export const PUBLIC_BUCKETS = ["avatar"];
+
+/**
+ * List of private buckets that require authentication
+ */
+export const PRIVATE_BUCKETS = ["app"];
+
+/**
+ * Check if a bucket is public
+ */
+export function isPublicBucket(bucket: string): boolean {
+  return PUBLIC_BUCKETS.includes(bucket);
+}
+
+/**
+ * Check if a bucket is private
+ */
+export function isPrivateBucket(bucket: string): boolean {
+  return PRIVATE_BUCKETS.includes(bucket);
+}`;
+
+    await fs.writeFile(storagePath, storageContent);
+    console.log(chalk.green("✓ lib/storage.ts créé"));
+  }
+
+  // 3. Créer app/api/storage/[bucket]/[...path]/route.ts
+  const apiStorageDir = path.join(targetDir, "app", "api", "storage", "[bucket]", "[...path]");
+  await fs.ensureDir(apiStorageDir);
+  
+  const routePath = path.join(apiStorageDir, "route.ts");
+  if (!fs.existsSync(routePath) || force) {
+    const routeContent = `import { NextRequest, NextResponse } from "next/server";
+import { getSupabaseServerClient } from "@lastbrain/core/server";
+import { getBucketConfig, hasFileAccess } from "@/lib/bucket-config";
+
+/**
+ * GET /api/storage/[bucket]/[...path]
+ * Proxy for Supabase Storage files with clean URLs and access control
+ * 
+ * Examples:
+ * - /api/storage/avatar/user_128_123456.webp
+ * - /api/storage/app/user/documents/file.pdf
+ */
+export async function GET(
+  request: NextRequest,
+  props: { params: Promise<{ bucket: string; path: string[] }> }
+) {
+  try {
+    const { bucket, path } = await props.params;
+    const filePath = path.join("/");
+
+    // Check if bucket exists in our configuration
+    const bucketConfig = getBucketConfig(bucket);
+    if (!bucketConfig) {
+      return new NextResponse("Bucket not allowed", { status: 403 });
+    }
+
+    const supabase = await getSupabaseServerClient();
+    let userId: string | null = null;
+
+    // Get user for private buckets or custom access control
+    if (!bucketConfig.isPublic) {
+      const { data: { user }, error: authError } = await supabase.auth.getUser();
+      
+      if (authError || !user) {
+        return new NextResponse("Unauthorized", { status: 401 });
+      }
+
+      userId = user.id;
+    }
+
+    // Check file access permissions
+    if (!hasFileAccess(bucket, userId || "", filePath)) {
+      return new NextResponse("Forbidden - Access denied to this file", { status: 403 });
+    }
+
+    // Get file from Supabase Storage
+    const { data: file, error } = await supabase.storage
+      .from(bucket)
+      .download(filePath);
+
+    if (error) {
+      console.error("Storage download error:", error);
+      if (error.message.includes("not found")) {
+        return new NextResponse("File not found", { status: 404 });
+      }
+      return new NextResponse("Storage error", { status: 500 });
+    }
+
+    if (!file) {
+      return new NextResponse("File not found", { status: 404 });
+    }
+
+    // Convert blob to array buffer
+    const arrayBuffer = await file.arrayBuffer();
+
+    // Determine content type from file extension
+    const getContentType = (filename: string): string => {
+      const ext = filename.toLowerCase().split(".").pop();
+      const mimeTypes: Record<string, string> = {
+        // Images
+        jpg: "image/jpeg",
+        jpeg: "image/jpeg",
+        png: "image/png",
+        gif: "image/gif",
+        webp: "image/webp",
+        svg: "image/svg+xml",
+        // Documents
+        pdf: "application/pdf",
+        doc: "application/msword",
+        docx: "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
+        xls: "application/vnd.ms-excel",
+        xlsx: "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
+        // Text
+        txt: "text/plain",
+        csv: "text/csv",
+        // Videos
+        mp4: "video/mp4",
+        avi: "video/x-msvideo",
+        mov: "video/quicktime",
+        // Audio
+        mp3: "audio/mpeg",
+        wav: "audio/wav",
+        // Archives
+        zip: "application/zip",
+        rar: "application/x-rar-compressed",
+      };
+      return mimeTypes[ext || ""] || "application/octet-stream";
+    };
+
+    const contentType = getContentType(filePath);
+
+    // Create response with proper headers
+    const response = new NextResponse(arrayBuffer, {
+      status: 200,
+      headers: {
+        "Content-Type": contentType,
+        "Cache-Control": "public, max-age=31536000, immutable", // Cache for 1 year
+        "Content-Length": arrayBuffer.byteLength.toString(),
+      },
+    });
+
+    return response;
+
+  } catch (error) {
+    console.error("Storage proxy error:", error);
+    return new NextResponse("Internal server error", { status: 500 });
+  }
+}`;
+
+    await fs.writeFile(routePath, routeContent);
+    console.log(chalk.green("✓ app/api/storage/[bucket]/[...path]/route.ts créé"));
+  }
+
+  console.log(chalk.green("✓ Système de proxy storage configuré"));
+}

package/src/scripts/module-create.ts

@@ -45,10 +45,36 @@ function parseTablesList(input: string): string[] {
     .filter((t) => t.length > 0);
 }
 
+/**
+ * Récupère les versions actuelles des packages LastBrain
+ */
+function getLastBrainPackageVersions(rootDir: string): { core: string; ui: string } {
+  try {
+    const corePackageJson = JSON.parse(
+      fs.readFileSync(path.join(rootDir, "packages", "core", "package.json"), "utf-8")
+    );
+    const uiPackageJson = JSON.parse(
+      fs.readFileSync(path.join(rootDir, "packages", "ui", "package.json"), "utf-8")
+    );
+    
+    return {
+      core: `^${corePackageJson.version}`,
+      ui: `^${uiPackageJson.version}`,
+    };
+  } catch (error) {
+    console.warn(chalk.yellow("⚠️  Impossible de lire les versions des packages, utilisation des versions par défaut"));
+    return {
+      core: "^0.1.0",
+      ui: "^0.1.4",
+    };
+  }
+}
+
 /**
  * Génère le contenu du package.json
  */
-function generatePackageJson(moduleName: string, slug: string): string {
+function generatePackageJson(moduleName: string, slug: string, rootDir: string): string {
+  const versions = getLastBrainPackageVersions(rootDir);
   const buildConfigExport = `./${slug}.build.config`;
   return JSON.stringify(
     {
@@ -58,14 +84,14 @@ function generatePackageJson(moduleName: string, slug: string): string {
       type: "module",
       main: "dist/index.js",
       types: "dist/index.d.ts",
-      files: ["dist", "supabase"],
+      files: ["dist", "src", "supabase"],
       scripts: {
         build: "tsc -p tsconfig.json",
         dev: "tsc -p tsconfig.json --watch",
       },
       dependencies: {
-        "@lastbrain/core": "workspace:0.1.0",
-        "@lastbrain/ui": "workspace:0.1.0",
+        "@lastbrain/core": versions.core,
+        "@lastbrain/ui": versions.ui,
         react: "^19.0.0",
         "lucide-react": "^0.554.0",
         "react-dom": "^19.0.0",
@@ -560,7 +586,7 @@ async function createModuleStructure(config: ModuleConfig, rootDir: string) {
   console.log(chalk.yellow("  📄 package.json"));
   await fs.writeFile(
     path.join(moduleDir, "package.json"),
-    generatePackageJson(config.moduleName, config.slug)
+    generatePackageJson(config.moduleName, config.slug, rootDir)
   );
 
   // Créer tsconfig.json