@lastbrain/app 0.1.23 → 0.1.25

package/src/layouts/AdminLayout.tsx

@@ -1,7 +1,5 @@
 "use client";
 
-import type { PropsWithChildren } from "react";
-
-export function AdminLayout({ children }: PropsWithChildren<{}>) {
+export function AdminLayout({ children }: { children: React.ReactNode }) {
   return <div className="pt-18 px-2 md:px-5">{children}</div>;
 }

package/src/layouts/AppProviders.tsx

@@ -1,12 +1,10 @@
 "use client";
 
-import type { PropsWithChildren } from "react";
 import { createContext, useContext, useMemo } from "react";
 import { getModuleConfigs } from "../modules/module-loader.js";
-import { Header, ToastProvider } from "@lastbrain/ui";
+import { ToastProvider } from "@lastbrain/ui";
 import { useAuthSession } from "../auth/useAuthSession.js";
 import type { User } from "@supabase/supabase-js";
-import { useRouter } from "next/navigation.js";
 
 const ModuleContext = createContext(getModuleConfigs());
 const NotificationContext = createContext({ messages: [] as string[] });
@@ -32,7 +30,7 @@ export function useAuth() {
   return useContext(AuthContext);
 }
 
-export function AppProviders({ children }: PropsWithChildren<{}>) {
+export function AppProviders({ children }: { children: React.ReactNode }) {
   const modules = useMemo(() => getModuleConfigs(), []);
   const notifications = useMemo(() => ({ messages: [] as string[] }), []);
   const { user, loading, isSuperAdmin } = useAuthSession();

package/src/layouts/AuthLayout.tsx

@@ -1,7 +1,5 @@
 "use client";
 
-import type { PropsWithChildren } from "react";
-
-export function AuthLayout({ children }: PropsWithChildren<{}>) {
+export function AuthLayout({ children }: { children: React.ReactNode }) {
   return <div className="pt-18  px-2 md:px-5 ">{children}</div>;
 }

package/src/layouts/PublicLayout.tsx

@@ -1,7 +1,5 @@
 "use client";
 
-import type { PropsWithChildren } from "react";
-
-export function PublicLayout({ children }: PropsWithChildren<{}>) {
+export function PublicLayout({ children }: { children: React.ReactNode }) {
   return <section className=" px-4 ">{children}</section>;
 }

package/src/layouts/RootLayout.tsx

@@ -1,11 +1,10 @@
 "use client";
 
-import type { PropsWithChildren } from "react";
 import { ThemeProvider } from "next-themes";
 import { AppProviders } from "./AppProviders.js";
 
 // Note: L'app Next.js doit importer son propre globals.css dans son layout
-export function RootLayout({ children }: PropsWithChildren<{}>) {
+export function RootLayout({ children }: { children: React.ReactNode }) {
   return (
     <html lang="fr" suppressHydrationWarning>
       <body className="min-h-screen">

package/src/scripts/db-init.ts

@@ -1,4 +1,4 @@
-import { spawn, spawnSync, execSync, execFileSync } from "node:child_process";
+import { spawn, spawnSync, execSync as _execSync, execFileSync as _execFileSync } from "node:child_process";
 import fs from "node:fs";
 import path from "node:path";
 import { fileURLToPath } from "node:url";
@@ -282,7 +282,7 @@ async function main() {
   console.log("⚙️ Starting Supabase...");
   try {
     runSupabase("start");
-  } catch (error) {
+  } catch (_error) {
     console.warn("⚠️ Supabase start had issues, continuing...");
   }
 

package/src/scripts/db-migrations-sync.ts

@@ -13,7 +13,7 @@ function ensureDirectory(dir: string) {
   fs.mkdirSync(dir, { recursive: true });
 }
 
-enum CopyStrategy {
+enum _CopyStrategy {
   overwrite,
   skip,
 }

package/src/scripts/init-app.ts

@@ -75,17 +75,20 @@ export async function initApp(options: InitAppOptions) {
   // 4. Créer les fichiers de configuration
   await createConfigFiles(targetDir, force, useHeroUI);
 
-  // 5. Créer .gitignore et .env.local.example
+  // 5. Créer le système de proxy storage
+  await createStorageProxy(targetDir, force);
+
+  // 6. Créer .gitignore et .env.local.example
   await createGitIgnore(targetDir, force);
   await createEnvExample(targetDir, force);
 
-  // 6. Créer la structure Supabase avec migrations
+  // 7. Créer la structure Supabase avec migrations
   await createSupabaseStructure(targetDir, force);
 
-  // 7. Ajouter les scripts NPM
+  // 8. Ajouter les scripts NPM
   await addScriptsToPackageJson(targetDir);
 
-  // 8. Enregistrer les modules sélectionnés
+  // 9. Enregistrer les modules sélectionnés
   if (withAuth || selectedModules.length > 0) {
     await saveModulesConfig(targetDir, selectedModules, withAuth);
   }
@@ -289,6 +292,7 @@ async function addDependencies(
   // Ajouter les dépendances HeroUI si nécessaire
   if (useHeroUI) {
     // Tous les packages HeroUI nécessaires (car @lastbrain/ui les ré-exporte)
+    requiredDeps["@heroui/system"] = "^2.4.23";
     requiredDeps["@heroui/theme"] = "^2.4.23";
     requiredDeps["@heroui/accordion"] = "^2.2.24";
     requiredDeps["@heroui/alert"] = "^2.2.27";
@@ -1050,33 +1054,26 @@ async function addScriptsToPackageJson(targetDir: string) {
   const targetIsInMonorepo = fs.existsSync(path.join(targetDir, "../../../packages/core/package.json")) ||
                                fs.existsSync(path.join(targetDir, "../../packages/core/package.json"));
 
-  let scriptsPrefix = "node node_modules/@lastbrain/app/dist/scripts/";
+  let scriptsPrefix = "lastbrain";
   
-  if (targetIsInMonorepo) {
-    // Dans un monorepo, utiliser pnpm exec pour résoudre correctement les workspace packages
-    scriptsPrefix = "pnpm exec lastbrain ";
+  if (!targetIsInMonorepo) {
+    // Hors monorepo, utiliser le chemin direct vers le CLI
+    scriptsPrefix = "node node_modules/@lastbrain/app/dist/cli.js";
   }
 
   const scripts = {
+    predev: targetIsInMonorepo 
+      ? "pnpm --filter @lastbrain/core build && pnpm --filter @lastbrain/ui build && pnpm --filter @lastbrain/module-auth build && pnpm --filter @lastbrain/module-ai build"
+      : "echo 'No prebuild needed outside monorepo'",
     dev: "next dev",
     build: "next build",
     start: "next start",
     lint: "next lint",
-    lastbrain: targetIsInMonorepo 
-      ? "pnpm exec lastbrain"
-      : "node node_modules/@lastbrain/app/dist/cli.js",
-    "build:modules": targetIsInMonorepo
-      ? "pnpm exec lastbrain module:build"
-      : "node node_modules/@lastbrain/app/dist/scripts/module-build.js",
-    "db:migrations:sync": targetIsInMonorepo
-      ? "pnpm exec lastbrain db:migrations:sync"
-      : "node node_modules/@lastbrain/app/dist/scripts/db-migrations-sync.js",
-    "db:init": targetIsInMonorepo
-      ? "pnpm exec lastbrain db:init"
-      : "node node_modules/@lastbrain/app/dist/scripts/db-init.js",
-    "readme:create": targetIsInMonorepo
-      ? "pnpm exec lastbrain readme:create"
-      : "node node_modules/@lastbrain/app/dist/scripts/readme-build.js",
+    lastbrain: targetIsInMonorepo ? "lastbrain" : "node node_modules/@lastbrain/app/dist/cli.js",
+    "build:modules": `${scriptsPrefix} module:build`,
+    "db:migrations:sync": `${scriptsPrefix} db:migrations:sync`,
+    "db:init": `${scriptsPrefix} db:init`,
+    "readme:create": `${scriptsPrefix} readme:create`,
   };
 
   pkg.scripts = { ...pkg.scripts, ...scripts };
@@ -1128,3 +1125,349 @@ async function saveModulesConfig(
   await fs.writeJson(modulesConfigPath, { modules }, { spaces: 2 });
   console.log(chalk.green("✓ Configuration des modules sauvegardée"));
 }
+
+async function createStorageProxy(targetDir: string, force: boolean) {
+  console.log(chalk.yellow("\n🗂️  Création du système de proxy storage..."));
+
+  // Créer le dossier lib
+  const libDir = path.join(targetDir, "lib");
+  await fs.ensureDir(libDir);
+
+  // 1. Créer lib/bucket-config.ts
+  const bucketConfigPath = path.join(libDir, "bucket-config.ts");
+  if (!fs.existsSync(bucketConfigPath) || force) {
+    const bucketConfigContent = `/**
+ * Storage configuration for buckets and access control
+ */
+
+export interface BucketConfig {
+  name: string;
+  isPublic: boolean;
+  description: string;
+  allowedFileTypes?: string[];
+  maxFileSize?: number; // in bytes
+  customAccessControl?: (userId: string, filePath: string) => boolean;
+}
+
+export const BUCKET_CONFIGS: Record<string, BucketConfig> = {
+  avatar: {
+    name: "avatar",
+    isPublic: true,
+    description: "User profile pictures and avatars",
+    allowedFileTypes: ["image/jpeg", "image/png", "image/webp", "image/gif"],
+    maxFileSize: 10 * 1024 * 1024, // 10MB
+  },
+  app: {
+    name: "app",
+    isPublic: false,
+    description: "Private user files and documents",
+    maxFileSize: 100 * 1024 * 1024, // 100MB
+    customAccessControl: (userId: string, filePath: string) => {
+      // Users can only access files in their own folder (app/{userId}/...)
+      return filePath.startsWith(\`\${userId}/\`);
+    },
+  },
+  // Example for future buckets:
+  // public: {
+  //   name: "public",
+  //   isPublic: true,
+  //   description: "Publicly accessible files like logos, banners",
+  //   allowedFileTypes: ["image/jpeg", "image/png", "image/webp", "application/pdf"],
+  //   maxFileSize: 50 * 1024 * 1024, // 50MB
+  // },
+  // documents: {
+  //   name: "documents",
+  //   isPublic: false,
+  //   description: "Private documents requiring authentication",
+  //   allowedFileTypes: ["application/pdf", "application/msword", "text/plain"],
+  //   maxFileSize: 25 * 1024 * 1024, // 25MB
+  // },
+};
+
+/**
+ * Get bucket configuration
+ */
+export function getBucketConfig(bucketName: string): BucketConfig | null {
+  return BUCKET_CONFIGS[bucketName] || null;
+}
+
+/**
+ * Check if bucket is public
+ */
+export function isPublicBucket(bucketName: string): boolean {
+  const config = getBucketConfig(bucketName);
+  return config?.isPublic ?? false;
+}
+
+/**
+ * Check if user has access to a specific file
+ */
+export function hasFileAccess(bucketName: string, userId: string, filePath: string): boolean {
+  const config = getBucketConfig(bucketName);
+  if (!config) return false;
+
+  // Public buckets are accessible to everyone
+  if (config.isPublic) return true;
+
+  // Private buckets require authentication
+  if (!userId) return false;
+
+  // Apply custom access control if defined
+  if (config.customAccessControl) {
+    return config.customAccessControl(userId, filePath);
+  }
+
+  return true;
+}
+
+/**
+ * Validate file type for bucket
+ */
+export function isValidFileType(bucketName: string, contentType: string): boolean {
+  const config = getBucketConfig(bucketName);
+  if (!config || !config.allowedFileTypes) return true;
+
+  return config.allowedFileTypes.includes(contentType);
+}
+
+/**
+ * Check if file size is within bucket limits
+ */
+export function isValidFileSize(bucketName: string, fileSize: number): boolean {
+  const config = getBucketConfig(bucketName);
+  if (!config || !config.maxFileSize) return true;
+
+  return fileSize <= config.maxFileSize;
+}`;
+
+    await fs.writeFile(bucketConfigPath, bucketConfigContent);
+    console.log(chalk.green("✓ lib/bucket-config.ts créé"));
+  }
+
+  // 2. Créer lib/storage.ts
+  const storagePath = path.join(libDir, "storage.ts");
+  if (!fs.existsSync(storagePath) || force) {
+    const storageContent = `/**
+ * Build storage proxy URL for files in Supabase buckets
+ * 
+ * @param bucket - The bucket name (e.g., "avatar", "app")
+ * @param path - The file path within the bucket
+ * @returns Proxied URL (e.g., "/api/storage/avatar/user_128_123456.webp")
+ */
+export function buildStorageUrl(bucket: string, path: string): string {
+  // Remove leading slash if present
+  const cleanPath = path.startsWith("/") ? path.slice(1) : path;
+  
+  // Remove bucket prefix from path if present (e.g., "avatar/file.jpg" -> "file.jpg")
+  const pathWithoutBucket = cleanPath.startsWith(bucket + "/") 
+    ? cleanPath.slice(bucket.length + 1)
+    : cleanPath;
+  
+  return \`/api/storage/\${bucket}/\${pathWithoutBucket}\`;
+}
+
+/**
+ * Extract bucket and path from a storage URL
+ * 
+ * @param url - Storage URL (can be proxied URL or Supabase public URL)
+ * @returns Object with bucket and path, or null if not a valid storage URL
+ */
+export function parseStorageUrl(url: string): { bucket: string; path: string } | null {
+  // Handle proxy URLs like "/api/storage/avatar/file.jpg"
+  const proxyMatch = url.match(/^\\/api\\/storage\\/([^\\/]+)\\/(.+)$/);
+  if (proxyMatch) {
+    return {
+      bucket: proxyMatch[1],
+      path: proxyMatch[2]
+    };
+  }
+  
+  // Handle Supabase public URLs
+  const supabaseMatch = url.match(/\\/storage\\/v1\\/object\\/public\\/([^\\/]+)\\/(.+)$/);
+  if (supabaseMatch) {
+    return {
+      bucket: supabaseMatch[1],
+      path: supabaseMatch[2]
+    };
+  }
+  
+  return null;
+}
+
+/**
+ * Convert a Supabase storage path to proxy URL
+ * 
+ * @param storagePath - Path like "avatar/file.jpg" or "app/user/file.pdf"
+ * @returns Proxied URL
+ */
+export function storagePathToProxyUrl(storagePath: string): string {
+  const parts = storagePath.split("/");
+  if (parts.length < 2) {
+    throw new Error("Invalid storage path format");
+  }
+  
+  const bucket = parts[0];
+  const path = parts.slice(1).join("/");
+  
+  return buildStorageUrl(bucket, path);
+}
+
+/**
+ * List of public buckets that don't require authentication
+ */
+export const PUBLIC_BUCKETS = ["avatar"];
+
+/**
+ * List of private buckets that require authentication
+ */
+export const PRIVATE_BUCKETS = ["app"];
+
+/**
+ * Check if a bucket is public
+ */
+export function isPublicBucket(bucket: string): boolean {
+  return PUBLIC_BUCKETS.includes(bucket);
+}
+
+/**
+ * Check if a bucket is private
+ */
+export function isPrivateBucket(bucket: string): boolean {
+  return PRIVATE_BUCKETS.includes(bucket);
+}`;
+
+    await fs.writeFile(storagePath, storageContent);
+    console.log(chalk.green("✓ lib/storage.ts créé"));
+  }
+
+  // 3. Créer app/api/storage/[bucket]/[...path]/route.ts
+  const apiStorageDir = path.join(targetDir, "app", "api", "storage", "[bucket]", "[...path]");
+  await fs.ensureDir(apiStorageDir);
+  
+  const routePath = path.join(apiStorageDir, "route.ts");
+  if (!fs.existsSync(routePath) || force) {
+    const routeContent = `import { NextRequest, NextResponse } from "next/server";
+import { getSupabaseServerClient } from "@lastbrain/core/server";
+import { getBucketConfig, hasFileAccess } from "@/lib/bucket-config";
+
+/**
+ * GET /api/storage/[bucket]/[...path]
+ * Proxy for Supabase Storage files with clean URLs and access control
+ * 
+ * Examples:
+ * - /api/storage/avatar/user_128_123456.webp
+ * - /api/storage/app/user/documents/file.pdf
+ */
+export async function GET(
+  request: NextRequest,
+  props: { params: Promise<{ bucket: string; path: string[] }> }
+) {
+  try {
+    const { bucket, path } = await props.params;
+    const filePath = path.join("/");
+
+    // Check if bucket exists in our configuration
+    const bucketConfig = getBucketConfig(bucket);
+    if (!bucketConfig) {
+      return new NextResponse("Bucket not allowed", { status: 403 });
+    }
+
+    const supabase = await getSupabaseServerClient();
+    let userId: string | null = null;
+
+    // Get user for private buckets or custom access control
+    if (!bucketConfig.isPublic) {
+      const { data: { user }, error: authError } = await supabase.auth.getUser();
+      
+      if (authError || !user) {
+        return new NextResponse("Unauthorized", { status: 401 });
+      }
+
+      userId = user.id;
+    }
+
+    // Check file access permissions
+    if (!hasFileAccess(bucket, userId || "", filePath)) {
+      return new NextResponse("Forbidden - Access denied to this file", { status: 403 });
+    }
+
+    // Get file from Supabase Storage
+    const { data: file, error } = await supabase.storage
+      .from(bucket)
+      .download(filePath);
+
+    if (error) {
+      console.error("Storage download error:", error);
+      if (error.message.includes("not found")) {
+        return new NextResponse("File not found", { status: 404 });
+      }
+      return new NextResponse("Storage error", { status: 500 });
+    }
+
+    if (!file) {
+      return new NextResponse("File not found", { status: 404 });
+    }
+
+    // Convert blob to array buffer
+    const arrayBuffer = await file.arrayBuffer();
+
+    // Determine content type from file extension
+    const getContentType = (filename: string): string => {
+      const ext = filename.toLowerCase().split(".").pop();
+      const mimeTypes: Record<string, string> = {
+        // Images
+        jpg: "image/jpeg",
+        jpeg: "image/jpeg",
+        png: "image/png",
+        gif: "image/gif",
+        webp: "image/webp",
+        svg: "image/svg+xml",
+        // Documents
+        pdf: "application/pdf",
+        doc: "application/msword",
+        docx: "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
+        xls: "application/vnd.ms-excel",
+        xlsx: "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
+        // Text
+        txt: "text/plain",
+        csv: "text/csv",
+        // Videos
+        mp4: "video/mp4",
+        avi: "video/x-msvideo",
+        mov: "video/quicktime",
+        // Audio
+        mp3: "audio/mpeg",
+        wav: "audio/wav",
+        // Archives
+        zip: "application/zip",
+        rar: "application/x-rar-compressed",
+      };
+      return mimeTypes[ext || ""] || "application/octet-stream";
+    };
+
+    const contentType = getContentType(filePath);
+
+    // Create response with proper headers
+    const response = new NextResponse(arrayBuffer, {
+      status: 200,
+      headers: {
+        "Content-Type": contentType,
+        "Cache-Control": "public, max-age=31536000, immutable", // Cache for 1 year
+        "Content-Length": arrayBuffer.byteLength.toString(),
+      },
+    });
+
+    return response;
+
+  } catch (error) {
+    console.error("Storage proxy error:", error);
+    return new NextResponse("Internal server error", { status: 500 });
+  }
+}`;
+
+    await fs.writeFile(routePath, routeContent);
+    console.log(chalk.green("✓ app/api/storage/[bucket]/[...path]/route.ts créé"));
+  }
+
+  console.log(chalk.green("✓ Système de proxy storage configuré"));
+}

package/src/scripts/module-add.ts

@@ -87,9 +87,7 @@ export async function addModule(moduleName: string, targetDir: string) {
   }
 
   // 5. Copier les migrations du module
-  let copiedMigrationFiles: string[] = [];
-  
-  if (module.hasMigrations) {
+    const copiedMigrationFiles: string[] = [];  if (module.hasMigrations) {
     console.log(chalk.yellow("\n📋 Copie des migrations du module..."));
 
     // Trouver le chemin du module installé

package/src/scripts/script-runner.ts

@@ -0,0 +1,28 @@
+import { spawn } from "child_process";
+import path from "path";
+
+/**
+ * Exécute un script via node en ajustant le chemin
+ */
+export async function runScript(scriptName: string, args: string[] = []) {
+  return new Promise<void>((resolve, reject) => {
+    const scriptPath = path.join(__dirname, `${scriptName}.js`);
+    
+    const child = spawn("node", [scriptPath, ...args], {
+      stdio: "inherit",
+      env: { ...process.env, PROJECT_ROOT: process.cwd() }
+    });
+
+    child.on("close", (code) => {
+      if (code === 0) {
+        resolve();
+      } else {
+        reject(new Error(`Script ${scriptName} exited with code ${code}`));
+      }
+    });
+
+    child.on("error", (error) => {
+      reject(error);
+    });
+  });
+}