# 🎯 PROMPT CURSOR : Audit IntĂ©gration Backend/Frontend + Nouvelle TodoList JSON ## 📋 INSTRUCTIONS POUR CURSOR Copie ce prompt complet dans Cursor pour lancer l'audit et gĂ©nĂ©rer la nouvelle todolist. --- ## 🚀 LE PROMPT À COPIER ```markdown # MISSION : Audit Complet IntĂ©gration Backend/Frontend Veza + TodoList JSON Tu es un expert en intĂ©gration full-stack. Ta mission est de scanner EXHAUSTIVEMENT le codebase Veza pour : 1. GĂ©nĂ©rer un rapport ULTRA-DÉTAILLÉ de l'Ă©tat d'intĂ©gration backend/frontend 2. CrĂ©er une nouvelle TodoList JSON PARFAITE focalisĂ©e uniquement sur la connexion backend/frontend ## đŸš« SCOPE EXCLUSIONS - **IGNORER COMPLÈTEMENT** : `veza-chat-server/` (Rust) - **IGNORER COMPLÈTEMENT** : `veza-stream-server/` (Rust) - **IGNORER** : Tout ce qui concerne WebSocket Rust - **FOCUS UNIQUEMENT** : `apps/web/` ↔ `veza-backend-api/` ## 📂 FICHIERS À SCANNER ### Backend Go (`veza-backend-api/`) ``` veza-backend-api/ ├── internal/ │ ├── api/router.go # TOUTES les routes dĂ©finies │ ├── handlers/*.go # TOUS les handlers │ ├── dto/*.go # TOUS les DTOs (request/response) │ ├── models/*.go # TOUS les modĂšles │ ├── middleware/*.go # CORS, Auth, CSRF, etc. │ └── config/config.go # Configuration ├── cmd/server/main.go # Point d'entrĂ©e └── .env.example # Variables d'environnement ``` ### Frontend React (`apps/web/`) ``` apps/web/src/ ├── services/ │ ├── api/client.ts # Client API principal │ ├── api/*.ts # Tous les services API │ └── *.ts # Anciens services (duplication?) ├── features/ │ ├── auth/api/*.ts # API auth │ ├── auth/store/*.ts # Store auth │ ├── tracks/api/*.ts # API tracks │ ├── playlists/services/*.ts # Services playlists │ └── */ # Autres features ├── stores/*.ts # Stores globaux (duplication?) ├── types/*.ts # Types TypeScript ├── lib/apiClient.ts # Ancien client API? ├── config/ │ ├── env.ts # Variables d'environnement │ └── constants.ts # Constantes API └── hooks/api/*.ts # Hooks API ``` --- ## 📊 PHASE 1 : GÉNÉRATION DU RAPPORT CrĂ©e un fichier `INTEGRATION_AUDIT_REPORT_2025.md` avec : ### 1.1 Executive Summary - Score global /10 - Nombre d'endpoints backend total - Nombre d'endpoints utilisĂ©s par frontend - Nombre d'endpoints manquants cĂŽtĂ© frontend - Nombre d'appels frontend sans endpoint backend - Nombre d'incohĂ©rences de types ### 1.2 Analyse des Endpoints - TABLEAU EXHAUSTIF Pour CHAQUE route dans `router.go`, gĂ©nĂšre : ```markdown | Endpoint Backend | Handler | Frontend Service | Frontend Hook | Types AlignĂ©s | Status | |------------------|---------|------------------|---------------|---------------|--------| | GET /api/v1/auth/me | GetMe | authApi.getMe() | useAuth | ✅ | OK | | POST /api/v1/tracks | CreateTrack | trackApi.create() | useTracks | ⚠ ID type | PARTIEL | | ... | ... | ... | ... | ... | ... | ``` ### 1.3 Analyse des IncohĂ©rences de Types Pour CHAQUE type partagĂ©, compare : ```markdown | Type | Backend Go (DTO) | Frontend TS | DiffĂ©rences | Impact | |------|------------------|-------------|-------------|--------| | User.id | uuid.UUID (string) | string | number dans certains composants | 🔮 CRITIQUE | | Track.status | string | enum TrackStatus | Valeurs diffĂ©rentes | ⚠ MOYEN | | ... | ... | ... | ... | ... | ``` ### 1.4 Analyse des Clients API Identifie TOUS les clients/services API : ```markdown | Fichier | Type | UtilisĂ© par | ProblĂšmes | |---------|------|-------------|-----------| | services/api/client.ts | Axios + interceptors | Nouveau code | ✅ OK | | lib/apiClient.ts | Axios basic | Ancien code? | ⚠ Duplication | | ... | ... | ... | ... | ``` ### 1.5 Analyse des Stores Identifie TOUS les stores liĂ©s Ă  l'auth/state API : ```markdown | Store | Fichier | UtilisĂ© | Duplication avec | |-------|---------|---------|------------------| | authStore | features/auth/store/authStore.ts | ✅ | stores/auth.ts? | | ... | ... | ... | ... | ``` ### 1.6 Analyse CORS/CSRF/Security ```markdown | Aspect | Backend Config | Frontend Config | AlignĂ© | ProblĂšme | |--------|----------------|-----------------|--------|----------| | CORS Origins | CORS_ALLOWED_ORIGINS | - | ⚠ | Vide = bloquĂ© | | CSRF Token | X-CSRF-Token header | csrfService.ts | ⚠ | Redis requis | | ... | ... | ... | ... | ... | ``` ### 1.7 Analyse Format RĂ©ponses API ```markdown | Endpoint | Backend Response | Frontend Attend | TransformĂ© par | OK | |----------|------------------|-----------------|----------------|-----| | POST /auth/login | {success, data: {access_token...}} | {access_token...} | Interceptor unwrap | ✅ | | ... | ... | ... | ... | ... | ``` ### 1.8 ProblĂšmes IdentifiĂ©s (Liste Exhaustive) ```markdown ## 🔮 CRITIQUES (Bloquent production) 1. [CORS-001] CORS_ALLOWED_ORIGINS vide en production = rejet total - Fichier: veza-backend-api/internal/middleware/cors.go - Impact: Application inaccessible 2. [TYPE-001] User.id: number vs string dans certains composants - Fichiers: apps/web/src/types/user.ts, components/*.tsx - Impact: Erreurs runtime ## ⚠ MAJEURS (Fonctionnent mais fragiles) ... ## 🟡 MINEURS (Dettes techniques) ... ``` --- ## 📋 PHASE 2 : GÉNÉRATION DE LA TODOLIST JSON CrĂ©e un fichier `VEZA_INTEGRATION_PERFECTION_TODOLIST.json` avec cette structure EXACTE : ```json { "meta": { "title": "Veza Integration Perfection TodoList", "description": "TodoList focalisĂ©e exclusivement sur la connexion parfaite Backend Go ↔ Frontend React", "generated_at": "2025-12-25T00:00:00Z", "scope": { "included": ["apps/web/", "veza-backend-api/"], "excluded": ["veza-chat-server/", "veza-stream-server/", "veza-common/"] }, "target": "Score intĂ©gration 10/10 - Connexion parfaite", "current_score": "6.5/10", "target_score": "10/10" }, "summary": { "by_priority": { "P0_blocker": 0, "P1_critical": 0, "P2_major": 0, "P3_minor": 0 }, "by_category": { "INT-CORS": 0, "INT-AUTH": 0, "INT-TYPE": 0, "INT-API": 0, "INT-ENDPOINT": 0, "INT-CLEANUP": 0, "INT-TEST": 0, "INT-DOC": 0 }, "by_side": { "backend_only": 0, "frontend_only": 0, "both_sides": 0 }, "estimated_total_hours": 0 }, "categories": { "INT-CORS": "Configuration CORS et origins", "INT-AUTH": "Authentification et tokens", "INT-TYPE": "Alignement des types TypeScript/Go", "INT-API": "Client API et services", "INT-ENDPOINT": "Endpoints manquants ou incohĂ©rents", "INT-CLEANUP": "Nettoyage duplication et legacy code", "INT-TEST": "Tests d'intĂ©gration E2E", "INT-DOC": "Documentation API" }, "phases": [ { "id": "PHASE-INT-1", "name": "Blockers Production", "description": "ProblĂšmes qui empĂȘchent le dĂ©ploiement en production", "priority": "P0", "estimated_hours": 0, "tasks": [] }, { "id": "PHASE-INT-2", "name": "Critical Fixes", "description": "ProblĂšmes qui causent des erreurs ou comportements incorrects", "priority": "P1", "estimated_hours": 0, "tasks": [] }, { "id": "PHASE-INT-3", "name": "Type Alignment", "description": "Alignement parfait des types entre backend et frontend", "priority": "P1", "estimated_hours": 0, "tasks": [] }, { "id": "PHASE-INT-4", "name": "Cleanup & Standardization", "description": "Suppression des duplications et standardisation", "priority": "P2", "estimated_hours": 0, "tasks": [] }, { "id": "PHASE-INT-5", "name": "Missing Endpoints", "description": "ImplĂ©menter les endpoints manquants", "priority": "P2", "estimated_hours": 0, "tasks": [] }, { "id": "PHASE-INT-6", "name": "Integration Tests", "description": "Tests E2E pour valider l'intĂ©gration", "priority": "P2", "estimated_hours": 0, "tasks": [] } ], "tasks": [ { "id": "INT-CORS-001", "category": "INT-CORS", "title": "Configure production CORS origins", "description": "DĂ©finir CORS_ALLOWED_ORIGINS explicitement pour la production", "priority": "P0", "priority_rank": 1, "status": "todo", "estimated_hours": 1, "side": "backend_only", "files_to_modify": [ "veza-backend-api/internal/middleware/cors.go", "veza-backend-api/.env.production" ], "implementation_steps": [ "Ouvrir veza-backend-api/internal/middleware/cors.go", "VĂ©rifier la validation de CORS_ALLOWED_ORIGINS en production", "CrĂ©er/modifier .env.production avec les origines autorisĂ©es", "Tester en mode production local" ], "acceptance_criteria": [ "CORS_ALLOWED_ORIGINS contient les domaines de production", "Backend dĂ©marre sans erreur en mode production", "RequĂȘtes CORS depuis le frontend autorisĂ©es" ], "dependencies": [], "blocks": ["INT-TEST-001"] } // ... GÉNÉRER TOUTES LES TÂCHES ICI ], "integration_matrix": { "endpoints_analysis": [ { "backend_route": "GET /api/v1/auth/me", "backend_handler": "GetMe", "backend_file": "veza-backend-api/internal/handlers/auth.go", "frontend_service": "authApi.getMe()", "frontend_file": "apps/web/src/features/auth/api/authApi.ts", "types_aligned": true, "issues": [], "status": "OK" } // ... TOUTES les routes ], "type_mismatches": [ { "type_name": "User", "field": "id", "backend_type": "uuid.UUID", "backend_file": "veza-backend-api/internal/dto/user.go", "frontend_type": "string | number", "frontend_files": ["apps/web/src/types/user.ts"], "fix_required": "frontend", "task_id": "INT-TYPE-001" } ], "duplicate_code": [ { "type": "api_client", "files": [ "apps/web/src/services/api/client.ts", "apps/web/src/lib/apiClient.ts" ], "keep": "apps/web/src/services/api/client.ts", "remove": "apps/web/src/lib/apiClient.ts", "task_id": "INT-CLEANUP-001" } ], "missing_frontend_calls": [ { "backend_route": "GET /api/v1/sessions/stats", "backend_file": "veza-backend-api/internal/api/router.go:743", "frontend_needed": true, "task_id": "INT-ENDPOINT-001" } ], "missing_backend_routes": [ { "frontend_call": "GET /api/v1/users/search", "frontend_file": "apps/web/src/config/constants.ts:31", "backend_needed": true, "task_id": "INT-ENDPOINT-002" } ] }, "risk_register": [ { "id": "RISK-001", "risk": "CORS bloque toutes les requĂȘtes en production", "severity": "critical", "probability": "certain", "impact": "Application inaccessible", "mitigation_tasks": ["INT-CORS-001"], "owner": "backend" } ], "validation_checklist": { "pre_deployment": [ { "check": "CORS_ALLOWED_ORIGINS configurĂ©", "task_id": "INT-CORS-001", "verified": false }, { "check": "Tous les types alignĂ©s", "task_ids": ["INT-TYPE-001", "INT-TYPE-002"], "verified": false } ], "integration_tests": [ { "test": "Auth flow complet (register → login → refresh → logout)", "task_id": "INT-TEST-001", "passed": false } ] }, "progress_tracking": { "total_tasks": 0, "completed": 0, "in_progress": 0, "todo": 0, "blocked": 0, "completion_percentage": 0, "last_updated": "2025-12-25T00:00:00Z", "estimated_completion_date": null } } ``` --- ## 📝 RÈGLES DE GÉNÉRATION DES TÂCHES ### Format de chaque tĂąche : ```json { "id": "INT-{CATEGORY}-{NUMBER:3}", "category": "INT-{CATEGORY}", "title": "Titre court et clair (max 60 chars)", "description": "Description dĂ©taillĂ©e du problĂšme et de la solution", "priority": "P0|P1|P2|P3", "priority_rank": 1-999, "status": "todo", "estimated_hours": 0.5-8, "side": "backend_only|frontend_only|both_sides", "files_to_modify": ["chemin/complet/fichier.ext"], "implementation_steps": [ "Étape 1 prĂ©cise", "Étape 2 prĂ©cise", "..." ], "acceptance_criteria": [ "CritĂšre vĂ©rifiable 1", "CritĂšre vĂ©rifiable 2" ], "dependencies": ["INT-XXX-YYY"], "blocks": ["INT-XXX-ZZZ"], "verification_command": "commande pour vĂ©rifier (optionnel)" } ``` ### PrioritĂ©s : - **P0**: Bloque le dĂ©ploiement production (CORS, security) - **P1**: Cause des erreurs runtime ou comportements incorrects - **P2**: Dette technique, amĂ©lioration significative - **P3**: Nice-to-have, polish ### CatĂ©gories : - **INT-CORS**: Configuration CORS - **INT-AUTH**: Authentification, tokens, sessions - **INT-TYPE**: Alignement types TypeScript ↔ Go DTOs - **INT-API**: Client API, intercepteurs, services - **INT-ENDPOINT**: Endpoints manquants ou Ă  corriger - **INT-CLEANUP**: Suppression code dupliquĂ©, standardisation - **INT-TEST**: Tests d'intĂ©gration E2E - **INT-DOC**: Documentation API (OpenAPI, README) --- ## ✅ CHECKLIST AVANT DE TERMINER Avant de soumettre les fichiers, vĂ©rifie : - [ ] **Rapport contient** : - [ ] Tableau EXHAUSTIF de TOUS les endpoints backend - [ ] Correspondance avec TOUS les appels frontend - [ ] Analyse de TOUS les types partagĂ©s - [ ] Liste de TOUTES les duplications - [ ] Score dĂ©taillĂ© par catĂ©gorie - [ ] **TodoList JSON contient** : - [ ] Toutes les tĂąches identifiĂ©es dans le rapport - [ ] priority_rank unique et ordonnĂ© - [ ] implementation_steps dĂ©taillĂ©s pour chaque tĂąche - [ ] acceptance_criteria vĂ©rifiables - [ ] integration_matrix complet - [ ] summary avec comptages corrects - [ ] progress_tracking initialisĂ© --- ## 🎯 COMMENCE MAINTENANT 1. Checkout `feature/integration-perfection` (crĂ©e-la si nĂ©cessaire) 2. Scanne les fichiers listĂ©s ci-dessus 3. GĂ©nĂšre `INTEGRATION_AUDIT_REPORT_2025.md` 4. GĂ©nĂšre `VEZA_INTEGRATION_PERFECTION_TODOLIST.json` 5. Commit: `[AUDIT] Complete integration audit and todolist generation` GO! ``` --- ## 📌 NOTES D'UTILISATION ### Comment utiliser ce prompt : 1. **Ouvre Cursor** dans ton projet Veza 2. **Copie tout le contenu** entre les balises ` ```markdown ` et ` ``` ` 3. **Colle dans Cursor** (Cmd+L ou Ctrl+L) 4. **Laisse l'agent travailler** - il va scanner et gĂ©nĂ©rer les deux fichiers ### Output attendu : 1. `INTEGRATION_AUDIT_REPORT_2025.md` - Rapport dĂ©taillĂ© (~1000+ lignes) 2. `VEZA_INTEGRATION_PERFECTION_TODOLIST.json` - TodoList JSON parfaite ### AprĂšs la gĂ©nĂ©ration : Utilise ce prompt pour exĂ©cuter les tĂąches : ``` Continue l'intĂ©gration Veza sur branche feature/integration-perfection. Lis @VEZA_INTEGRATION_PERFECTION_TODOLIST.json, trouve la prochaine tĂąche todo, implĂ©mente, commit, continue. ```