Spaces:

ghuser1
/

notes

Paused

App Files Files Community

ghuser1 commited on May 26

Commit

fccdf92

verified ·

1 Parent(s): 9b99d65

Upload 18 files

Browse files

Files changed (8) hide show

DEPLOYMENT.md +98 -0
scripts/seed-mock.mjs +1 -1
server.mjs +6 -3
src/.DS_Store +0 -0
src/data/d1-repository.mjs +213 -0
src/data/repository.mjs +20 -0
src/data/sqlite-repository.mjs +244 -0
src/data/state-utils.mjs +77 -0

DEPLOYMENT.md ADDED Viewed

	@@ -0,0 +1,98 @@

+# Docker Deployment
+The Docker image exposes the backup proxy on port `7860`, which is the public
+entrypoint for Hugging Face Spaces. The original app runs internally on port
+`4173`.
+## Environment
+Required rclone configuration is provided by environment variables. The default
+backup destination is:
+```text
+REMOTE_FOLDER=huggingface:notes
+```
+The backup file is always:
+```text
+${REMOTE_FOLDER}/notes.db
+```
+There are two supported ways to provide rclone configuration.
+### Option 1: rclone.conf secret
+Preferred for Hugging Face Secrets:
+```text
+RCLONE_CONF=<raw rclone.conf content>
+```
+The entrypoint writes it to:
+```text
+/root/.config/rclone/rclone.conf
+```
+Compatibility options are also supported:
+```text
+RCLONE_CONFIG_BASE64=<base64 encoded rclone.conf>
+RCLONE_CONFIG_CONTENT=<raw rclone.conf content>
+```
+### Option 2: rclone environment remote config
+Configure the `huggingface` rclone remote with rclone environment variables,
+for example:
+```text
+RCLONE_CONFIG_HUGGINGFACE_TYPE=...
+RCLONE_CONFIG_HUGGINGFACE_...=...
+```
+The exact variables depend on the rclone backend used for the remote.
+## Startup Restore
+On container startup, the entrypoint checks whether this file exists:
+```text
+${REMOTE_FOLDER}/notes.db
+```
+If it exists, it is restored to:
+```text
+data/notes.db
+```
+If it does not exist, the app starts as a first install and initializes a new
+database.
+## Manual Backup
+The backup proxy injects a backup button into the page. Clicking it calls:
+```text
+POST /api/backup/run
+```
+The proxy verifies the current session with the app before running the backup.
+Unauthenticated users receive `401`.
+The server does not accept any command, path, or remote from the browser. The
+backup target is fixed by `REMOTE_FOLDER`, and only one remote file is kept:
+```text
+notes.db
+```
+Uploads use a temporary remote file first:
+```text
+notes.db.uploading
+```
+Then it is moved into place as `notes.db`.

scripts/seed-mock.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
 import { join } from "node:path";
-import { createRepository } from "../data/repository.mjs";
 const repository = createRepository({ dbPath: join(process.cwd(), "data", "notes.db") });
 await repository.init();

 import { join } from "node:path";
+import { createRepository } from "../src/data/repository.mjs";
 const repository = createRepository({ dbPath: join(process.cwd(), "data", "notes.db") });
 await repository.init();

server.mjs CHANGED Viewed

@@ -1,16 +1,19 @@
 import { serve } from "@hono/node-server";
 import { Hono } from "hono";
 import { deleteCookie, getCookie, setCookie } from "hono/cookie";
 import { readFile } from "node:fs/promises";
 import { extname, join, normalize } from "node:path";
 import { createSessionToken, hashPassword, hashSessionToken, verifyPassword } from "./auth.mjs";
-import { createRepository } from "./data/repository.mjs";
-import { maxNoteBodyLength } from "./data/state-utils.mjs";
 const port = Number(process.env.PORT || 4173);
 const root = process.cwd();
 const app = new Hono();
-const repository = createRepository({ dbPath: join(root, "data", "notes.db") });
 const sessionCookie = "web_notes_session";
 const sessionTtlMs = 1000 * 60 * 60 * 24 * 30;

 import { serve } from "@hono/node-server";
 import { Hono } from "hono";
 import { deleteCookie, getCookie, setCookie } from "hono/cookie";
+import { mkdirSync } from "node:fs";
 import { readFile } from "node:fs/promises";
 import { extname, join, normalize } from "node:path";
 import { createSessionToken, hashPassword, hashSessionToken, verifyPassword } from "./auth.mjs";
+import { createRepository } from "./src/data/repository.mjs";
+import { maxNoteBodyLength } from "./src/data/state-utils.mjs";
 const port = Number(process.env.PORT || 4173);
 const root = process.cwd();
+const dataDir = join(root, "data");
 const app = new Hono();
+mkdirSync(dataDir, { recursive: true });
+const repository = createRepository({ dbPath: join(dataDir, "notes.db") });
 const sessionCookie = "web_notes_session";
 const sessionTtlMs = 1000 * 60 * 60 * 24 * 30;

src/.DS_Store ADDED Viewed

Binary file (6.15 kB). View file

src/data/d1-repository.mjs ADDED Viewed

	@@ -0,0 +1,213 @@

+import { clampNoteBody, createSeedState, normalizeStateForWrite } from "./state-utils.mjs";
+export function createD1Repository({ db }) {
+  return {
+    runtime: "workerd",
+    async init() {
+      await db.exec(schemaSql);
+      await seedDatabase(db);
+    },
+    async readState() {
+      return readState(db);
+    },
+    async writeState(state) {
+      await writeState(db, state);
+      return readState(db);
+    },
+    async createNote(note) {
+      return createNote(db, note);
+    },
+    async updateNote(id, patch) {
+      return updateNote(db, id, patch);
+    },
+    async deleteNote(id) {
+      await db.prepare("DELETE FROM notes WHERE id = ?").bind(id).run();
+    },
+    async createFolder(folder) {
+      return createFolder(db, folder);
+    },
+    async deleteFolder(id) {
+      return deleteFolder(db, id);
+    },
+    async getUser() {
+      return await db.prepare("SELECT id, password_hash AS passwordHash, created_at AS createdAt FROM users ORDER BY created_at ASC LIMIT 1").first() || null;
+    },
+    async createUser({ passwordHash }) {
+      const now = Date.now();
+      const id = crypto.randomUUID();
+      await db.prepare("INSERT INTO users (id, password_hash, created_at) VALUES (?, ?, ?)").bind(id, passwordHash, now).run();
+      return { id, passwordHash, createdAt: now };
+    },
+    async updateUserPassword({ passwordHash }) {
+      const user = await this.getUser();
+      if (!user) return null;
+      await db.prepare("UPDATE users SET password_hash = ? WHERE id = ?").bind(passwordHash, user.id).run();
+      return { ...user, passwordHash };
+    },
+    async createSession({ tokenHash, expiresAt }) {
+      const id = crypto.randomUUID();
+      await db.prepare("INSERT INTO sessions (id, token_hash, expires_at, created_at) VALUES (?, ?, ?, ?)").bind(id, tokenHash, expiresAt, Date.now()).run();
+      return { id, tokenHash, expiresAt };
+    },
+    async getSession(tokenHash) {
+      await db.prepare("DELETE FROM sessions WHERE expires_at <= ?").bind(Date.now()).run();
+      return await db.prepare("SELECT id, token_hash AS tokenHash, expires_at AS expiresAt FROM sessions WHERE token_hash = ? LIMIT 1").bind(tokenHash).first() || null;
+    },
+    async deleteSession(tokenHash) {
+      await db.prepare("DELETE FROM sessions WHERE token_hash = ?").bind(tokenHash).run();
+    },
+    async deleteAllSessions() {
+      await db.prepare("DELETE FROM sessions").run();
+    }
+  };
+}
+const schemaSql = `
+  CREATE TABLE IF NOT EXISTS folders (
+    id TEXT PRIMARY KEY,
+    name TEXT NOT NULL,
+    created_at INTEGER NOT NULL,
+    updated_at INTEGER NOT NULL,
+    version INTEGER NOT NULL DEFAULT 1
+  );
+  CREATE TABLE IF NOT EXISTS notes (
+    id TEXT PRIMARY KEY,
+    folder TEXT NOT NULL,
+    body TEXT NOT NULL,
+    created_at INTEGER NOT NULL,
+    updated_at INTEGER NOT NULL,
+    version INTEGER NOT NULL DEFAULT 1,
+    FOREIGN KEY(folder) REFERENCES folders(id)
+  );
+  CREATE TABLE IF NOT EXISTS users (
+    id TEXT PRIMARY KEY,
+    password_hash TEXT NOT NULL,
+    created_at INTEGER NOT NULL
+  );
+  CREATE TABLE IF NOT EXISTS sessions (
+    id TEXT PRIMARY KEY,
+    token_hash TEXT NOT NULL UNIQUE,
+    expires_at INTEGER NOT NULL,
+    created_at INTEGER NOT NULL
+  );
+`;
+async function seedDatabase(db) {
+  const existing = await db.prepare("SELECT COUNT(*) AS count FROM folders").first();
+  if (existing?.count > 0) return;
+  await writeState(db, createSeedState());
+}
+async function readState(db) {
+  const foldersResult = await db.prepare(`
+    SELECT id, name, created_at AS createdAt, updated_at AS updatedAt, version
+    FROM folders
+    ORDER BY created_at ASC
+  `).all();
+  const notesResult = await db.prepare(`
+    SELECT id, folder, body, created_at AS createdAt, updated_at AS updatedAt, version
+    FROM notes
+    ORDER BY updated_at DESC
+  `).all();
+  return {
+    folders: foldersResult.results || [],
+    notes: notesResult.results || []
+  };
+}
+async function writeState(db, state) {
+  const { folders, notes } = normalizeStateForWrite(state);
+  const statements = [
+    db.prepare("DELETE FROM notes"),
+    db.prepare("DELETE FROM folders"),
+    ...folders.map((folder) => db.prepare(`
+      INSERT INTO folders (id, name, created_at, updated_at, version)
+      VALUES (?, ?, ?, ?, ?)
+    `).bind(folder.id, folder.name, folder.createdAt, folder.updatedAt, folder.version)),
+    ...notes.map((note) => db.prepare(`
+      INSERT INTO notes (id, folder, body, created_at, updated_at, version)
+      VALUES (?, ?, ?, ?, ?, ?)
+    `).bind(note.id, note.folder, note.body, note.createdAt, note.updatedAt, note.version))
+  ];
+  await db.batch(statements);
+}
+async function createNote(db, note) {
+  const now = Date.now();
+  const folder = await db.prepare("SELECT id FROM folders WHERE id = ? LIMIT 1").bind(note.folder).first();
+  const folderId = folder?.id || "notes";
+  const createdAt = Number(note.createdAt || now);
+  const updatedAt = Number(note.updatedAt || now);
+  const id = String(note.id || crypto.randomUUID());
+  await db.prepare(`
+    INSERT INTO notes (id, folder, body, created_at, updated_at, version)
+    VALUES (?, ?, ?, ?, ?, 1)
+  `).bind(id, folderId, clampNoteBody(note.body), createdAt, updatedAt).run();
+  return getNote(db, id);
+}
+async function updateNote(db, id, patch) {
+  const existing = await getNote(db, id);
+  if (!existing) return { status: "missing" };
+  const expectedVersion = Number(patch.version);
+  if (expectedVersion && expectedVersion !== existing.version) {
+    return { status: "conflict", note: existing };
+  }
+  const folder = patch.folder ? await db.prepare("SELECT id FROM folders WHERE id = ? LIMIT 1").bind(patch.folder).first() : null;
+  const nextFolder = folder?.id || existing.folder;
+  const nextBody = patch.body === undefined ? existing.body : clampNoteBody(patch.body);
+  const nextUpdatedAt = Number(patch.updatedAt || Date.now());
+  const nextVersion = existing.version + 1;
+  await db.prepare(`
+    UPDATE notes
+    SET folder = ?, body = ?, updated_at = ?, version = ?
+    WHERE id = ?
+  `).bind(nextFolder, nextBody, nextUpdatedAt, nextVersion, id).run();
+  return { status: "ok", note: await getNote(db, id) };
+}
+async function getNote(db, id) {
+  return await db.prepare(`
+    SELECT id, folder, body, created_at AS createdAt, updated_at AS updatedAt, version
+    FROM notes
+    WHERE id = ?
+    LIMIT 1
+  `).bind(id).first() || null;
+}
+async function createFolder(db, folder) {
+  const now = Date.now();
+  const id = String(folder.id || crypto.randomUUID());
+  const name = String(folder.name || "未命名文件夹").trim() || "未命名文件夹";
+  const createdAt = Number(folder.createdAt || now);
+  const updatedAt = Number(folder.updatedAt || now);
+  await db.prepare(`
+    INSERT INTO folders (id, name, created_at, updated_at, version)
+    VALUES (?, ?, ?, ?, 1)
+  `).bind(id, name, createdAt, updatedAt).run();
+  return getFolder(db, id);
+}
+async function deleteFolder(db, id) {
+  const folder = await getFolder(db, id);
+  if (!folder || folder.id === "notes") return { status: "missing" };
+  const fallback = await getFolder(db, "notes") || await db.prepare("SELECT id FROM folders ORDER BY created_at ASC LIMIT 1").first();
+  if (!fallback) return { status: "missing" };
+  const now = Date.now();
+  await db.batch([
+    db.prepare("UPDATE notes SET folder = ?, updated_at = ?, version = version + 1 WHERE folder = ?").bind(fallback.id, now, folder.id),
+    db.prepare("DELETE FROM folders WHERE id = ?").bind(folder.id)
+  ]);
+  return { status: "ok", fallbackFolderId: fallback.id };
+}
+async function getFolder(db, id) {
+  return await db.prepare(`
+    SELECT id, name, created_at AS createdAt, updated_at AS updatedAt, version
+    FROM folders
+    WHERE id = ?
+    LIMIT 1
+  `).bind(id).first() || null;
+}

src/data/repository.mjs ADDED Viewed

	@@ -0,0 +1,20 @@

+import { getRuntimeKey } from "hono/adapter";
+import { createD1Repository } from "./d1-repository.mjs";
+import { createSqliteRepository } from "./sqlite-repository.mjs";
+export function createRepository(options = {}) {
+  const runtime = options.runtime || getRuntimeKey();
+  if (runtime === "workerd") {
+    if (!options.env?.DB && !options.db) {
+      throw new Error("Cloudflare runtime requires a D1 binding named DB.");
+    }
+    return createD1Repository({ db: options.db || options.env.DB });
+  }
+  if (runtime === "node") {
+    return createSqliteRepository({ dbPath: options.dbPath });
+  }
+  throw new Error(`Unsupported runtime for data repository: ${runtime}`);
+}

src/data/sqlite-repository.mjs ADDED Viewed

	@@ -0,0 +1,244 @@

+import { DatabaseSync } from "node:sqlite";
+import { clampNoteBody, createSeedState, normalizeStateForWrite } from "./state-utils.mjs";
+export function createSqliteRepository({ dbPath }) {
+  const db = new DatabaseSync(dbPath);
+  return {
+    runtime: "node",
+    async init() {
+      db.exec(schemaSql);
+      seedDatabase(db);
+    },
+    async readState() {
+      return readState(db);
+    },
+    async writeState(state) {
+      writeState(db, state);
+      return readState(db);
+    },
+    async createNote(note) {
+      return createNote(db, note);
+    },
+    async updateNote(id, patch) {
+      return updateNote(db, id, patch);
+    },
+    async deleteNote(id) {
+      db.prepare("DELETE FROM notes WHERE id = ?").run(id);
+    },
+    async createFolder(folder) {
+      return createFolder(db, folder);
+    },
+    async deleteFolder(id) {
+      return deleteFolder(db, id);
+    },
+    async getUser() {
+      return db.prepare("SELECT id, password_hash AS passwordHash, created_at AS createdAt FROM users ORDER BY created_at ASC LIMIT 1").get() || null;
+    },
+    async updateUserPassword({ passwordHash }) {
+      const user = await this.getUser();
+      if (!user) return null;
+      db.prepare("UPDATE users SET password_hash = ? WHERE id = ?").run(passwordHash, user.id);
+      return { ...user, passwordHash };
+    },
+    async createUser({ passwordHash }) {
+      const now = Date.now();
+      const id = crypto.randomUUID();
+      db.prepare("INSERT INTO users (id, password_hash, created_at) VALUES (?, ?, ?)").run(id, passwordHash, now);
+      return { id, passwordHash, createdAt: now };
+    },
+    async createSession({ tokenHash, expiresAt }) {
+      const id = crypto.randomUUID();
+      db.prepare("INSERT INTO sessions (id, token_hash, expires_at, created_at) VALUES (?, ?, ?, ?)").run(id, tokenHash, expiresAt, Date.now());
+      return { id, tokenHash, expiresAt };
+    },
+    async getSession(tokenHash) {
+      db.prepare("DELETE FROM sessions WHERE expires_at <= ?").run(Date.now());
+      return db.prepare("SELECT id, token_hash AS tokenHash, expires_at AS expiresAt FROM sessions WHERE token_hash = ? LIMIT 1").get(tokenHash) || null;
+    },
+    async deleteSession(tokenHash) {
+      db.prepare("DELETE FROM sessions WHERE token_hash = ?").run(tokenHash);
+    },
+    async deleteAllSessions() {
+      db.prepare("DELETE FROM sessions").run();
+    }
+  };
+}
+const schemaSql = `
+  PRAGMA journal_mode = WAL;
+  CREATE TABLE IF NOT EXISTS folders (
+    id TEXT PRIMARY KEY,
+    name TEXT NOT NULL,
+    created_at INTEGER NOT NULL,
+    updated_at INTEGER NOT NULL,
+    version INTEGER NOT NULL DEFAULT 1
+  );
+  CREATE TABLE IF NOT EXISTS notes (
+    id TEXT PRIMARY KEY,
+    folder TEXT NOT NULL,
+    body TEXT NOT NULL,
+    created_at INTEGER NOT NULL,
+    updated_at INTEGER NOT NULL,
+    version INTEGER NOT NULL DEFAULT 1,
+    FOREIGN KEY(folder) REFERENCES folders(id)
+  );
+  CREATE TABLE IF NOT EXISTS users (
+    id TEXT PRIMARY KEY,
+    password_hash TEXT NOT NULL,
+    created_at INTEGER NOT NULL
+  );
+  CREATE TABLE IF NOT EXISTS sessions (
+    id TEXT PRIMARY KEY,
+    token_hash TEXT NOT NULL UNIQUE,
+    expires_at INTEGER NOT NULL,
+    created_at INTEGER NOT NULL
+  );
+`;
+function seedDatabase(db) {
+  migrateDatabase(db);
+  const existing = db.prepare("SELECT COUNT(*) AS count FROM folders").get();
+  if (existing.count > 0) return;
+  writeState(db, createSeedState());
+}
+function migrateDatabase(db) {
+  addColumnIfMissing(db, "folders", "version", "INTEGER NOT NULL DEFAULT 1");
+  addColumnIfMissing(db, "notes", "version", "INTEGER NOT NULL DEFAULT 1");
+}
+function addColumnIfMissing(db, table, column, definition) {
+  const columns = db.prepare(`PRAGMA table_info(${table})`).all();
+  if (columns.some((entry) => entry.name === column)) return;
+  db.exec(`ALTER TABLE ${table} ADD COLUMN ${column} ${definition}`);
+}
+function readState(db) {
+  const folders = db.prepare(`
+    SELECT id, name, created_at AS createdAt, updated_at AS updatedAt, version
+    FROM folders
+    ORDER BY created_at ASC
+  `).all();
+  const notes = db.prepare(`
+    SELECT id, folder, body, created_at AS createdAt, updated_at AS updatedAt, version
+    FROM notes
+    ORDER BY updated_at DESC
+  `).all();
+  return { folders, notes };
+}
+function writeState(db, state) {
+  const { folders, notes } = normalizeStateForWrite(state);
+  const insertFolder = db.prepare(`
+    INSERT INTO folders (id, name, created_at, updated_at, version)
+    VALUES (?, ?, ?, ?, ?)
+  `);
+  const insertNote = db.prepare(`
+    INSERT INTO notes (id, folder, body, created_at, updated_at, version)
+    VALUES (?, ?, ?, ?, ?, ?)
+  `);
+  db.exec("BEGIN");
+  try {
+    db.exec("DELETE FROM notes");
+    db.exec("DELETE FROM folders");
+    folders.forEach((folder) => {
+      insertFolder.run(folder.id, folder.name, folder.createdAt, folder.updatedAt, folder.version);
+    });
+    notes.forEach((note) => {
+      insertNote.run(note.id, note.folder, note.body, note.createdAt, note.updatedAt, note.version);
+    });
+    db.exec("COMMIT");
+  } catch (error) {
+    db.exec("ROLLBACK");
+    throw error;
+  }
+}
+function createNote(db, note) {
+  const now = Date.now();
+  const folder = db.prepare("SELECT id FROM folders WHERE id = ? LIMIT 1").get(note.folder);
+  const folderId = folder?.id || "notes";
+  const createdAt = Number(note.createdAt || now);
+  const updatedAt = Number(note.updatedAt || now);
+  const id = String(note.id || crypto.randomUUID());
+  db.prepare(`
+    INSERT INTO notes (id, folder, body, created_at, updated_at, version)
+    VALUES (?, ?, ?, ?, ?, 1)
+  `).run(id, folderId, clampNoteBody(note.body), createdAt, updatedAt);
+  return getNote(db, id);
+}
+function updateNote(db, id, patch) {
+  const existing = getNote(db, id);
+  if (!existing) return { status: "missing" };
+  const expectedVersion = Number(patch.version);
+  if (expectedVersion && expectedVersion !== existing.version) {
+    return { status: "conflict", note: existing };
+  }
+  const folder = patch.folder && db.prepare("SELECT id FROM folders WHERE id = ? LIMIT 1").get(patch.folder);
+  const nextFolder = folder?.id || existing.folder;
+  const nextBody = patch.body === undefined ? existing.body : clampNoteBody(patch.body);
+  const nextUpdatedAt = Number(patch.updatedAt || Date.now());
+  const nextVersion = existing.version + 1;
+  db.prepare(`
+    UPDATE notes
+    SET folder = ?, body = ?, updated_at = ?, version = ?
+    WHERE id = ?
+  `).run(nextFolder, nextBody, nextUpdatedAt, nextVersion, id);
+  return { status: "ok", note: getNote(db, id) };
+}
+function getNote(db, id) {
+  return db.prepare(`
+    SELECT id, folder, body, created_at AS createdAt, updated_at AS updatedAt, version
+    FROM notes
+    WHERE id = ?
+    LIMIT 1
+  `).get(id) || null;
+}
+function createFolder(db, folder) {
+  const now = Date.now();
+  const id = String(folder.id || crypto.randomUUID());
+  const name = String(folder.name || "未命名文件夹").trim() || "未命名文件夹";
+  const createdAt = Number(folder.createdAt || now);
+  const updatedAt = Number(folder.updatedAt || now);
+  db.prepare(`
+    INSERT INTO folders (id, name, created_at, updated_at, version)
+    VALUES (?, ?, ?, ?, 1)
+  `).run(id, name, createdAt, updatedAt);
+  return getFolder(db, id);
+}
+function deleteFolder(db, id) {
+  const folder = getFolder(db, id);
+  if (!folder || folder.id === "notes") return { status: "missing" };
+  const fallback = getFolder(db, "notes") || db.prepare("SELECT id FROM folders ORDER BY created_at ASC LIMIT 1").get();
+  if (!fallback) return { status: "missing" };
+  const now = Date.now();
+  db.exec("BEGIN");
+  try {
+    db.prepare("UPDATE notes SET folder = ?, updated_at = ?, version = version + 1 WHERE folder = ?").run(fallback.id, now, folder.id);
+    db.prepare("DELETE FROM folders WHERE id = ?").run(folder.id);
+    db.exec("COMMIT");
+  } catch (error) {
+    db.exec("ROLLBACK");
+    throw error;
+  }
+  return { status: "ok", fallbackFolderId: fallback.id };
+}
+function getFolder(db, id) {
+  return db.prepare(`
+    SELECT id, name, created_at AS createdAt, updated_at AS updatedAt, version
+    FROM folders
+    WHERE id = ?
+    LIMIT 1
+  `).get(id) || null;
+}

src/data/state-utils.mjs ADDED Viewed

	@@ -0,0 +1,77 @@

+export const maxNoteBodyLength = 1024 * 1024;
+export function createSeedState(now = Date.now()) {
+  return {
+    folders: [
+      {
+        id: "notes",
+        name: "备忘录",
+        createdAt: now,
+        updatedAt: now
+      }
+    ],
+    notes: [
+      {
+        id: crypto.randomUUID(),
+        folder: "notes",
+        body: "欢迎使用备忘录\n\n左侧选择文件夹，中间选择笔记，右侧直接编辑。第一行会自动作为标题。",
+        createdAt: now - 1000 * 60 * 60 * 24,
+        updatedAt: now - 1000 * 60 * 12,
+        version: 1
+      },
+      {
+        id: crypto.randomUUID(),
+        folder: "notes",
+        body: "待办清单\n\n- 记录想法\n- 整理项目\n- 做一个真正好用的 Web 版笔记",
+        createdAt: now - 1000 * 60 * 60 * 3,
+        updatedAt: now - 1000 * 60 * 35,
+        version: 1
+      }
+    ]
+  };
+}
+export function normalizeStateForWrite({ folders = [], notes = [] }, now = Date.now()) {
+  const normalizedFolders = normalizeFolders(folders, now);
+  const folderIds = new Set(normalizedFolders.map((folder) => folder.id));
+  const normalizedNotes = notes.map((note) => ({
+    id: String(note.id || crypto.randomUUID()),
+    folder: folderIds.has(note.folder) ? note.folder : "notes",
+    body: clampNoteBody(note.body),
+    createdAt: Number(note.createdAt || now),
+    updatedAt: Number(note.updatedAt || now),
+    version: Number(note.version || 1)
+  }));
+  return {
+    folders: normalizedFolders,
+    notes: normalizedNotes
+  };
+}
+function normalizeFolders(folders, now) {
+  const seen = new Set();
+  const normalized = folders
+    .map((folder) => ({
+      id: String(folder.id || crypto.randomUUID()),
+      name: String(folder.name || "未命名文件夹").trim() || "未命名文件夹",
+      createdAt: Number(folder.createdAt || now),
+      updatedAt: Number(folder.updatedAt || now),
+      version: Number(folder.version || 1)
+    }))
+    .filter((folder) => {
+      if (seen.has(folder.id)) return false;
+      seen.add(folder.id);
+      return true;
+    });
+  if (!seen.has("notes")) {
+    normalized.unshift({ id: "notes", name: "备忘录", createdAt: now, updatedAt: now, version: 1 });
+  }
+  return normalized;
+}
+export function clampNoteBody(value) {
+  return String(value || "").slice(0, maxNoteBodyLength);
+}