feat(codev): M1 - NocoDB table schema + 3 endpoints API + runtimeConfig

server/api/codev/auth.post.ts

@@ -0,0 +1,31 @@
+import { z } from 'zod'
+
+const AuthSchema = z.object({
+  password: z.string().min(1).max(100),
+})
+
+export default defineEventHandler(async (event) => {
+  const body = await readBody(event)
+  const parsed = AuthSchema.safeParse(body)
+
+  if (!parsed.success) {
+    throw createError({ statusCode: 422, statusMessage: 'Mot de passe invalide' })
+  }
+
+  const config = useRuntimeConfig()
+  const expected = config.codevPassword || 'merci'
+
+  if (parsed.data.password.trim().toLowerCase() !== expected.trim().toLowerCase()) {
+    throw createError({ statusCode: 401, statusMessage: 'Mauvais mot de passe' })
+  }
+
+  setCookie(event, 'codev_session', 'ok', {
+    httpOnly: true,
+    sameSite: 'lax',
+    secure: process.env.NODE_ENV === 'production',
+    maxAge: 60 * 60 * 24, // 24h
+    path: '/',
+  })
+
+  return { status: 200, ok: true }
+})

server/api/codev/fiches.get.ts

@@ -0,0 +1,31 @@
+import type { CodevFiche } from '~/types/codev'
+
+export default defineEventHandler(async (event): Promise<{ list: CodevFiche[] }> => {
+  const config = useRuntimeConfig()
+  const tableId = config.codevTableId
+
+  if (!tableId) {
+    throw createError({ statusCode: 500, message: 'codevTableId non configuré' })
+  }
+
+  const url = `${config.nocodbUrl}/api/v2/tables/${tableId}/records?sort=created_at&limit=200`
+
+  const data: any = await $fetch(url, {
+    headers: { 'xc-token': config.nocodbToken },
+  }).catch(() => ({ list: [] }))
+
+  // Mapper chaque record NocoDB vers CodevFiche
+  const list: CodevFiche[] = (data?.list ?? []).map((r: any) => ({
+    id: r.Id ?? r.id,
+    nom: r.nom || '',
+    besoin: r.besoin || '',
+    offre: r.offre || '',
+    hashtags: (r.hashtags || '')
+      .split(',')
+      .map((h: string) => h.trim().toLowerCase().replace(/^#/, ''))
+      .filter(Boolean),
+    created_at: r.created_at || r.CreatedAt || new Date().toISOString(),
+  }))
+
+  return { list }
+})

server/api/codev/fiches.post.ts

@@ -0,0 +1,63 @@
+import { z } from 'zod'
+
+const FicheSchema = z.object({
+  nom: z.string().min(2).max(50).trim(),
+  besoin: z.string().min(5).max(300).trim(),
+  offre: z.string().min(5).max(300).trim(),
+  hashtags: z.array(z.string().max(30)).max(3).default([]),
+})
+
+export default defineEventHandler(async (event) => {
+  const body = await readBody(event)
+  const parsed = FicheSchema.safeParse(body)
+
+  if (!parsed.success) {
+    throw createError({
+      statusCode: 422,
+      statusMessage: 'Validation échouée',
+      data: parsed.error.flatten().fieldErrors,
+    })
+  }
+
+  const config = useRuntimeConfig()
+  const tableId = config.codevTableId
+  const baseId = config.codevBaseId || 'pipilvsi7dibo80'
+
+  const payload = {
+    nom: parsed.data.nom,
+    besoin: parsed.data.besoin,
+    offre: parsed.data.offre,
+    hashtags: parsed.data.hashtags
+      .map((h) => h.trim().toLowerCase().replace(/^#/, ''))
+      .filter(Boolean)
+      .slice(0, 3)
+      .join(','),
+    created_at: new Date().toISOString(),
+  }
+
+  // NocoDB v1 endpoint pour INSERT (cf. submit/index.post.ts pour le pattern)
+  const insertUrl = `${config.nocodbUrl}/api/v1/db/data/noco/${baseId}/${tableId}`
+
+  let inserted: any
+  try {
+    inserted = await $fetch(insertUrl, {
+      method: 'POST',
+      headers: {
+        'xc-token': config.nocodbToken,
+        'Content-Type': 'application/json',
+      },
+      body: JSON.stringify(payload),
+    })
+  } catch (e: any) {
+    console.error('[codev/fiches.post] NocoDB insert error:', e?.message ?? e)
+    throw createError({
+      statusCode: 502,
+      statusMessage: 'Erreur serveur, réessaie',
+    })
+  }
+
+  return {
+    status: 201,
+    id: inserted?.Id ?? inserted?.id ?? null,
+  }
+})