Phase 3: Domain-Modell + Decks/Cards/Reviews-CRUD
Domain (@cards/domain):
- zod-Schemas SSOT für Deck, Card, Review, StudySession, FsrsSettings,
Tools (cards.create + cards.search Input/Output)
- CardType-Discriminated-Union: MVP basic+basic-reverse, Future-Set
(cloze, type-in, image-occlusion, audio, multiple-choice) für
Schema-stable-Migration vorbereitet
- validateFieldsForType() Pure-Function pro CardType
- FSRS-Adapter über ts-fsrs v5.3.2: newReview, gradeReview,
subIndexCount, toFsrsCard/fromFsrsCard ISO↔Date-Roundtrip
- Encryption-Hinweis: reviews bleiben PLAINTEXT (Scheduler quert
täglich `due <= now`, siehe Lessons §3)
Drizzle-Schemas (apps/api/src/db/schema, alles in pgSchema('cards')):
- decks, cards, card_tags, reviews (PK card_id+sub_index), study_sessions,
tags (deck-skopiert), media_refs (verweist auf mana-media), import_jobs
- _schema.ts-Pattern um Zirkular-Imports zu vermeiden (Lesson aus
mana-share/-events während F-0)
- Hot-Path-Index reviews_user_due_idx für Scheduler-Queries
Routes (apps/api/src/routes):
- POST/GET/PATCH/DELETE /api/v1/decks (Deck-CRUD)
- POST/GET/PATCH/DELETE /api/v1/cards (Card-CRUD mit Auto-Reviews-Init:
beim Card-Insert werden N Reviews via subIndexCount(type) angelegt,
in einer Transaktion)
- GET /api/v1/reviews/due (Hot-Path, optional deck_id-Filter, Limit 500)
- POST /api/v1/reviews/:cardId/:subIndex/grade (FSRS-State-Transition,
per-Deck FSRS-Settings)
Auth: Stub-Middleware liest X-User-Id-Header (Phase 2 ersetzt durch
@mana/shared-hono authMiddleware mit JWKS-Cache).
Tests (vitest, Hono app.request()):
- @cards/domain: fsrs.test.ts (newReview, gradeReview Roundtrip,
Rating-Mapping), schemas.test.ts (zod-strict-Variants, Field-Type-
Validation, hex-Color)
- apps/api: decks.test.ts + cards.test.ts + reviews.test.ts —
Auth-Gate + Input-Validation. Volle DB-Integrationstests folgen mit
pg-mem oder testcontainers in späterer Phase.
Cleanup: types.ts entfernt, zod-Schemas sind SSOT (z.infer für Types).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Till
parent
8605b1b517
commit
45a47e0ffd
31 changed files with 1897 additions and 106 deletions
27
apps/api/src/middleware/auth.ts
Normal file
27
apps/api/src/middleware/auth.ts
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
import type { Context, MiddlewareHandler } from 'hono';
|
||||
|
||||
/**
|
||||
* Auth-Middleware-Stub für Phase 3.
|
||||
*
|
||||
* Heute (Dev): liest `X-User-Id`-Header.
|
||||
* Phase 2 (echt): validiert User-JWT gegen mana-auth JWKS und extrahiert
|
||||
* `sub`-Claim als userId.
|
||||
*
|
||||
* Implementations-Notiz: Phase 2 schwenkt auf `@mana/shared-hono`'s
|
||||
* `authMiddleware()` um, das den JWKS-Cache verwaltet.
|
||||
*/
|
||||
export type AuthVars = { userId: string };
|
||||
|
||||
export const authMiddleware: MiddlewareHandler<{ Variables: AuthVars }> = async (c, next) => {
|
||||
const userId = c.req.header('X-User-Id');
|
||||
if (!userId) {
|
||||
return c.json({ error: 'unauthenticated', detail: 'X-User-Id header missing (dev stub)' }, 401);
|
||||
}
|
||||
c.set('userId', userId);
|
||||
await next();
|
||||
};
|
||||
|
||||
/** Helper zum Auslesen des userId aus dem Context (typed). */
|
||||
export function getUserId(c: Context<{ Variables: AuthVars }>): string {
|
||||
return c.get('userId');
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue