first commit

2026-03-24 16:03:04 +00:00
commit df40cc57e1
80 changed files with 16766 additions and 0 deletions
--- a/backend/internal/interfaces/handlers/note_handler.go
+++ b/backend/internal/interfaces/handlers/note_handler.go
@@ -0,0 +1,266 @@
+package handlers
+
+import (
+	"encoding/json"
+	"net/http"
+	"strconv"
+
+	"github.com/gorilla/mux"
+	"go.mongodb.org/mongo-driver/v2/bson"
+
+	"github.com/noteapp/backend/internal/application/dto"
+	"github.com/noteapp/backend/internal/application/services"
+	"github.com/noteapp/backend/internal/interfaces/middleware"
+)
+
+// NoteHandler handles note endpoints
+type NoteHandler struct {
+	noteService *services.NoteService
+}
+
+// NewNoteHandler creates a new note handler
+func NewNoteHandler(noteService *services.NoteService) *NoteHandler {
+	return &NoteHandler{
+		noteService: noteService,
+	}
+}
+
+// CreateNote creates a new note
+func (h *NoteHandler) CreateNote(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodPost {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	spaceID := mux.Vars(r)["spaceId"]
+	userID, err := middleware.GetUserIDFromContext(r.Context())
+	if err != nil {
+		http.Error(w, "Unauthorized", http.StatusUnauthorized)
+		return
+	}
+
+	spaceObjID, _ := bson.ObjectIDFromHex(spaceID)
+	userObjID, _ := bson.ObjectIDFromHex(userID)
+
+	var req dto.CreateNoteRequest
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		http.Error(w, "Invalid request body", http.StatusBadRequest)
+		return
+	}
+
+	note, err := h.noteService.CreateNote(r.Context(), spaceObjID, userObjID, &req)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusCreated)
+	json.NewEncoder(w).Encode(note)
+}
+
+// GetNote retrieves a note
+func (h *NoteHandler) GetNote(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodGet {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	vars := mux.Vars(r)
+	spaceID := vars["spaceId"]
+	noteID := vars["noteId"]
+
+	userID, err := middleware.GetUserIDFromContext(r.Context())
+	if err != nil {
+		http.Error(w, "Unauthorized", http.StatusUnauthorized)
+		return
+	}
+
+	spaceObjID, _ := bson.ObjectIDFromHex(spaceID)
+	noteObjID, _ := bson.ObjectIDFromHex(noteID)
+	userObjID, _ := bson.ObjectIDFromHex(userID)
+
+	note, err := h.noteService.GetNote(r.Context(), noteObjID, spaceObjID, userObjID)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusNotFound)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(note)
+}
+
+// GetNotesBySpace retrieves notes in a space
+func (h *NoteHandler) GetNotesBySpace(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodGet {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	spaceID := mux.Vars(r)["spaceId"]
+	userID, err := middleware.GetUserIDFromContext(r.Context())
+	if err != nil {
+		http.Error(w, "Unauthorized", http.StatusUnauthorized)
+		return
+	}
+
+	// Pagination
+	skip, _ := strconv.Atoi(r.URL.Query().Get("skip"))
+	limit, _ := strconv.Atoi(r.URL.Query().Get("limit"))
+	if limit == 0 || limit > 100 {
+		limit = 20
+	}
+
+	spaceObjID, _ := bson.ObjectIDFromHex(spaceID)
+	userObjID, _ := bson.ObjectIDFromHex(userID)
+
+	notes, err := h.noteService.GetNotesBySpace(r.Context(), spaceObjID, userObjID, skip, limit)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(notes)
+}
+
+// SearchNotes performs full-text search
+func (h *NoteHandler) SearchNotes(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodGet {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	spaceID := mux.Vars(r)["spaceId"]
+	query := r.URL.Query().Get("q")
+
+	if query == "" {
+		http.Error(w, "Missing search query", http.StatusBadRequest)
+		return
+	}
+
+	userID, err := middleware.GetUserIDFromContext(r.Context())
+	if err != nil {
+		http.Error(w, "Unauthorized", http.StatusUnauthorized)
+		return
+	}
+
+	spaceObjID, _ := bson.ObjectIDFromHex(spaceID)
+	userObjID, _ := bson.ObjectIDFromHex(userID)
+
+	notes, err := h.noteService.SearchNotes(r.Context(), spaceObjID, userObjID, query)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(notes)
+}
+
+// UpdateNote updates a note
+func (h *NoteHandler) UpdateNote(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodPut {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	vars := mux.Vars(r)
+	spaceID := vars["spaceId"]
+	noteID := vars["noteId"]
+
+	userID, err := middleware.GetUserIDFromContext(r.Context())
+	if err != nil {
+		http.Error(w, "Unauthorized", http.StatusUnauthorized)
+		return
+	}
+
+	var req dto.UpdateNoteRequest
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		http.Error(w, "Invalid request body", http.StatusBadRequest)
+		return
+	}
+
+	spaceObjID, _ := bson.ObjectIDFromHex(spaceID)
+	noteObjID, _ := bson.ObjectIDFromHex(noteID)
+	userObjID, _ := bson.ObjectIDFromHex(userID)
+
+	note, err := h.noteService.UpdateNote(r.Context(), noteObjID, spaceObjID, userObjID, &req)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(note)
+}
+
+// DeleteNote deletes a note
+func (h *NoteHandler) DeleteNote(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodDelete {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	vars := mux.Vars(r)
+	spaceID := vars["spaceId"]
+	noteID := vars["noteId"]
+
+	userID, err := middleware.GetUserIDFromContext(r.Context())
+	if err != nil {
+		http.Error(w, "Unauthorized", http.StatusUnauthorized)
+		return
+	}
+
+	spaceObjID, _ := bson.ObjectIDFromHex(spaceID)
+	noteObjID, _ := bson.ObjectIDFromHex(noteID)
+	userObjID, _ := bson.ObjectIDFromHex(userID)
+
+	if err := h.noteService.DeleteNote(r.Context(), noteObjID, spaceObjID, userObjID); err != nil {
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	w.WriteHeader(http.StatusNoContent)
+}
+
+// UnlockNote verifies a note password and returns full note content
+func (h *NoteHandler) UnlockNote(w http.ResponseWriter, r *http.Request) {
+	if r.Method != http.MethodPost {
+		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
+		return
+	}
+
+	vars := mux.Vars(r)
+	spaceID := vars["spaceId"]
+	noteID := vars["noteId"]
+
+	userID, err := middleware.GetUserIDFromContext(r.Context())
+	if err != nil {
+		http.Error(w, "Unauthorized", http.StatusUnauthorized)
+		return
+	}
+
+	var req dto.UnlockNoteRequest
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		http.Error(w, "Invalid request body", http.StatusBadRequest)
+		return
+	}
+
+	spaceObjID, _ := bson.ObjectIDFromHex(spaceID)
+	noteObjID, _ := bson.ObjectIDFromHex(noteID)
+	userObjID, _ := bson.ObjectIDFromHex(userID)
+
+	note, err := h.noteService.UnlockNote(r.Context(), noteObjID, spaceObjID, userObjID, req.Password)
+	if err != nil {
+		if err.Error() == "invalid note password" {
+			http.Error(w, err.Error(), http.StatusUnauthorized)
+			return
+		}
+		http.Error(w, err.Error(), http.StatusBadRequest)
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(note)
+}