@lobehub/chat 0.145.7 → 0.145.9

package/CHANGELOG.md

@@ -2,6 +2,64 @@
 
 # Changelog
 
+### [Version 0.145.9](https://github.com/lobehub/lobe-chat/compare/v0.145.8...v0.145.9)
+
+<sup>Released on **2024-04-02**</sup>
+
+#### 💄 Styles
+
+- **misc**: Improve scrollbar style.
+
+<br/>
+
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+
+#### Styles
+
+- **misc**: Improve scrollbar style, closes [#1869](https://github.com/lobehub/lobe-chat/issues/1869) ([33d857f](https://github.com/lobehub/lobe-chat/commit/33d857f))
+
+</details>
+
+<div align="right">
+
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+
+</div>
+
+### [Version 0.145.8](https://github.com/lobehub/lobe-chat/compare/v0.145.7...v0.145.8)
+
+<sup>Released on **2024-04-02**</sup>
+
+#### ♻ Code Refactoring
+
+- **misc**: Refactor SSO providers.
+
+#### 🐛 Bug Fixes
+
+- **misc**: Fix plugins dropdown menu overflow.
+
+<br/>
+
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+
+#### Code refactoring
+
+- **misc**: Refactor SSO providers, closes [#1865](https://github.com/lobehub/lobe-chat/issues/1865) ([290d33b](https://github.com/lobehub/lobe-chat/commit/290d33b))
+
+#### What's fixed
+
+- **misc**: Fix plugins dropdown menu overflow, closes [#1855](https://github.com/lobehub/lobe-chat/issues/1855) ([00e9068](https://github.com/lobehub/lobe-chat/commit/00e9068))
+
+</details>
+
+<div align="right">
+
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+
+</div>
+
 ### [Version 0.145.7](https://github.com/lobehub/lobe-chat/compare/v0.145.6...v0.145.7)
 
 <sup>Released on **2024-04-02**</sup>

package/docs/self-hosting/advanced/sso-providers/auth0.mdx

@@ -5,15 +5,15 @@
 
   Register and log in to [Auth0][auth0-client-page], click on the "Applications" in the left navigation bar to switch to the application management interface, and click "Create Application" in the upper right corner to create an application.
 
-  <Image alt="Create Auth0 Application S1" inStep src="hhttps://github.com/CloudPassenger/lobe-chat/assets/30863298/1b405347-f4c3-4c55-82f6-47116f2210d0" />
+  <Image alt="Create Auth0 Application S1" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/f068190f-0027-4d3b-8667-d632e43d5a86" />
 
   Fill in the application name you want to display to the organization users, choose any application type, and click "Create".
 
-  <Image alt="Create Auth0 Application S2" inStep src="https://github.com/CloudPassenger/lobe-chat/assets/30863298/75c92f85-3ad3-4473-a9c6-e667e28d428d" />
+  <Image alt="Create Auth0 Application S2" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/3e0082df-9b6f-46f3-b67f-bdc79e1eb2cc" />
 
   After successful creation, click on the corresponding application to enter the application details page, switch to the "Settings" tab, and you can see the corresponding configuration information.
 
-  <Image alt="Create Auth0 Application S3" inStep src="https://github.com/CloudPassenger/lobe-chat/assets/30863298/a1ed996b-95ef-4b7d-a50d-b4666eccfecb" />
+  <Image alt="Create Auth0 Application S3" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/df4cea85-616a-46f5-b2de-42725d9b82a6" />
 
   In the application configuration page, you also need to configure Allowed Callback URLs, where you should fill in:
 
@@ -21,7 +21,7 @@
   http(s)://your-domain/api/auth/callback/auth0
   ```
 
-  <Image alt="Create Auth0 Application S4" inStep src="https://github.com/CloudPassenger/lobe-chat/assets/30863298/575f46aa-f485-49bd-8b90-dbb1ce1a5c1b" />
+  <Image alt="Create Auth0 Application S4" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/62fbd09f-a69a-4460-949b-0f6285fa65b9" />
 
   <Callout type={'important'}>
     You can fill in or modify Allowed Callback URLs after deployment, but make sure the filled URL is
@@ -32,7 +32,7 @@
 
   Click on the "Users Management" in the left navigation bar to enter the user management interface, where you can create users for your organization to log in to LobeChat.
 
-  <Image alt="Add Users" inStep src="https://github.com/CloudPassenger/lobe-chat/assets/30863298/3b8127ab-dc4f-4ff9-a4cb-dec3ef0295cc" />
+  <Image alt="Add Users" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/0beda150-d0b6-43cf-a9f1-fce928b83a96" />
 
   ### Configure Environment Variables
 
@@ -67,13 +67,13 @@ If your enterprise or organization already has a unified identity authentication
 
 Auth0 supports single sign-on services such as Azure Active Directory, Slack, Google Workspace, Office 365, Zoom, and more. For a detailed list of supported services, please refer to [this link][auth0-sso-integrations].
 
-<Image alt="Connecting to an Existing Single Sign-On Service" src="https://github.com/CloudPassenger/lobe-chat/assets/30863298/32650f4f-d0b0-4843-b26d-d35bad11d8a3" />
+<Image alt="Connecting to an Existing Single Sign-On Service" src="https://github.com/lobehub/lobe-chat/assets/30863298/9891347e-a338-4aa9-8714-f16c8dbcfcec" />
 
 ### Configuring Social Login
 
 If your enterprise or organization needs to support external user logins, you can configure social login services in Authentication -> Social.
 
-<Image alt="Configuring Social Login" src="https://github.com/CloudPassenger/lobe-chat/assets/30863298/7b6f6a6c-2686-49d8-9dbd-0516053f1efa" />
+<Image alt="Configuring Social Login" src="https://github.com/lobehub/lobe-chat/assets/30863298/880749a6-5ba4-4e20-a968-b583a54de7fa" />
 
 <Callout type={'warning'}>
   Configuring social login services by default allows anyone to authenticate, which may lead to

package/docs/self-hosting/advanced/sso-providers/auth0.zh-CN.mdx

@@ -5,15 +5,15 @@
 
   注册并登录 [Auth0][auth0-client-page]，点击左侧导航栏的「Applications」，切换到应用管理界面，点击右上角「Create Application」以创建应用。
 
-  <Image alt="创建 Auth0 应用 S1" inStep src="hhttps://github.com/CloudPassenger/lobe-chat/assets/30863298/1b405347-f4c3-4c55-82f6-47116f2210d0" />
+  <Image alt="创建 Auth0 应用 S1" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/f068190f-0027-4d3b-8667-d632e43d5a86" />
 
   填写你想向组织用户显示的应用名称，可选择任意应用类型，点击「Create」。
 
-  <Image alt="创建 Auth0 应用 S2" inStep src="https://github.com/CloudPassenger/lobe-chat/assets/30863298/75c92f85-3ad3-4473-a9c6-e667e28d428d" />
+  <Image alt="创建 Auth0 应用 S2" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/3e0082df-9b6f-46f3-b67f-bdc79e1eb2cc" />
 
   创建成功后，点击相应的应用，进入应用详情页，切换到「Settings」标签页，就可以看到相应的配置信息
 
-  <Image alt="创建 Auth0 应用 S3" inStep src="https://github.com/CloudPassenger/lobe-chat/assets/30863298/a1ed996b-95ef-4b7d-a50d-b4666eccfecb" />
+  <Image alt="创建 Auth0 应用 S3" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/df4cea85-616a-46f5-b2de-42725d9b82a6" />
 
   在应用配置页面中，还需要配置 Allowed Callback URLs，在此处填写:
 
@@ -21,7 +21,7 @@
   http(s)://your-domain/api/auth/callback/auth0
   ```
 
-  <Image alt="创建 Auth0 应用 S4" inStep src="https://github.com/CloudPassenger/lobe-chat/assets/30863298/575f46aa-f485-49bd-8b90-dbb1ce1a5c1b" />
+  <Image alt="创建 Auth0 应用 S4" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/62fbd09f-a69a-4460-949b-0f6285fa65b9" />
 
   <Callout type={'important'}>
     可以在部署后再填写或修改 Allowed Callback URLs，但是务必保证填写的 URL 与部署的 URL 一致
@@ -31,7 +31,7 @@
 
   点击左侧导航栏的「Users Management」，进入用户管理界面，可以为你的组织新建用户，用以登录 LobeChat
 
-  <Image alt="新增用户" inStep src="https://github.com/CloudPassenger/lobe-chat/assets/30863298/3b8127ab-dc4f-4ff9-a4cb-dec3ef0295cc" />
+  <Image alt="新增用户" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/0beda150-d0b6-43cf-a9f1-fce928b83a96" />
 
   ### 配置环境变量
 
@@ -63,13 +63,13 @@
 
 Auth0 支持 Azure Active Directory / Slack / Google Workspace / Office 365 / Zoom 等单点登录服务，详细支持列表可参考 [这里][auth0-sso-integrations]
 
-<Image alt="Connecting to an Existing Single Sign-On Service" src="https://github.com/CloudPassenger/lobe-chat/assets/30863298/32650f4f-d0b0-4843-b26d-d35bad11d8a3" />
+<Image alt="Connecting to an Existing Single Sign-On Service" src="https://github.com/lobehub/lobe-chat/assets/30863298/9891347e-a338-4aa9-8714-f16c8dbcfcec" />
 
 ### 配置社交登录
 
 如果你的企业或组织需要支持外部人员登录，可以在 Authentication -> Social 中，配置社交登录服务。
 
-<Image alt="Configuring Social Login" src="https://github.com/CloudPassenger/lobe-chat/assets/30863298/7b6f6a6c-2686-49d8-9dbd-0516053f1efa" />
+<Image alt="Configuring Social Login" src="https://github.com/lobehub/lobe-chat/assets/30863298/880749a6-5ba4-4e20-a968-b583a54de7fa" />
 
 <Callout type={'warning'}>
   配置社交登录服务默认会允许所有人通过认证，这可能会导致 LobeChat 被外部人员滥用。

package/docs/self-hosting/environment-variables/auth.mdx

@@ -0,0 +1,124 @@
+## Authentication Service
+
+LobeChat provides a complete authentication service capability when deployed. The following are the relevant environment variables. You can use these environment variables to easily define the identity verification services that need to be enabled in LobeChat.
+
+## General Settings
+
+### `ENABLE_OAUTH_SSO`
+
+- Type: Required
+- Description: Enable single sign-on (SSO) for LobeChat. Set to `1` to enable single sign-on.
+- Default: `-`
+- Example: `1`
+
+### `SSO_PROVIDERS`
+
+- Type: Required
+- Description: Select the single sign-on provider for LoboChat. For multiple SSO Providers separating them with commas, for example, `auth0,azure-ad,authentik`.
+- Default: `auth0`
+- Example: `auth0,azure-ad,authentik`
+
+### `NEXTAUTH_SECRET`
+
+- Type: Required
+- Description: Key used to encrypt the session tokens in Auth.js. You can generate the key using the following command: `openssl rand -base64 32`.
+- Default: `-`
+- Example: `Tfhi2t2pelSMEA8eaV61KaqPNEndFFdMIxDaJnS1CUI=`
+
+### `NEXTAUTH_URL`
+
+- Type: Optional
+- Description: This URL is used to specify the callback address for Auth.js during OAuth authentication. It does not need to be set when deploying on Vercel.
+- Default: `-`
+- Example: `https://example.com/api/auth`
+
+## Auth0
+
+### `AUTH0_CLIENT_ID`
+
+- Type: Required
+- Description: Client ID of the Auth0 application. You can access it [here](https://manage.auth0.com/dashboard) and navigate to the application settings to view.
+- Default: `-`
+- Example: `evCnOJP1UX8FMnXR9Xkj5t0NyFn5p70P`
+
+### `AUTH0_CLIENT_SECRET`
+
+- Type: Required
+- Description: Client Secret of the Auth0 application.
+- Default: `-`
+- Example: `wnX7UbZg85ZUzF6ioxPLnJVEQa1Elbs7aqBUSF16xleBS5AdkVfASS49-fQIC8Rm`
+
+### `AUTH0_ISSUER`
+
+- Type: Required
+- Description: Issuer/domain of the Auth0 application.
+- Default: `-`
+- Example: `https://example.auth0.com`
+
+## Microsoft Entra ID
+
+### `AZURE_AD_CLIENT_ID`
+
+- Type: Required
+- Description: Client ID of the Microsoft Entra ID application.
+- Default: `-`
+- Example: `be8f6da1-58c3-4f16-ff1b-78f5148e10df`
+
+### `AZURE_AD_CLIENT_SECRET`
+
+- Type: Required
+- Description: Client Secret of the Microsoft Entra ID application.
+- Default: `-`
+- Example: `~gI8Q.pTiN1vwB6Gl.E1yFT1ojcXABkdACfJXaNj`
+
+### `AZURE_AD_TENANT_ID`
+
+- Type: Required
+- Description: Tenant ID of the Microsoft Entra ID application.
+- Default: `-`
+- Example: `c8ae2f36-edf6-4cda-96b9-d3e198a47cba`
+
+## Authentik
+
+### `AUTHENTIK_CLIENT_ID`
+
+- Type: Required
+- Description: Client ID of the Authentik provider application. You can access it [here][auth0-client-page] and navigate to the application settings to view.
+- Default: `-`
+- Example: `evCnOJP1UX8FMnXR9Xkj5t0NyFn5p70P`
+
+### `AUTHENTIK_CLIENT_SECRET`
+
+- Type: Required
+- Description: Client Secret of the Authentik provider application.
+- Default: `-`
+- Example: `wnX7UbZg85ZUzF6ioxPLnJVEQa1Elbs7aqBUSF16xleBS5AdkVfASS49-fQIC8Rm`
+
+### `AUTHENTIK_ISSUER`
+
+- Type: Required
+- Description: Issuer/domain of the Authentik provider application.
+- Default: `-`
+- Example: `https://your-authentik-domain.com/application/o/slug/`
+
+## Github
+
+### `GITHUB_CLIENT_ID`
+
+- Type: Required
+- Description: Client ID of the Github application. You can access it [here](https://github.com/settings/apps) and navigate to the application settings to view.
+- Default: `-`
+- Example: `abd94200333283550508`
+
+### `GITHUB_CLIENT_SECRET`
+
+- Type: Required
+- Description: Client Secret of the Github application.
+- Default: `-`
+- Example: `dd262976ac0931d947e104891586a053f3d3750b`
+
+<Callout>
+  Currently, we only support providers above. If you need to use other identity verification service
+  providers, you can submit a [feature
+  request](https://github.com/lobehub/lobe-chat/issues/new/choose) or Pull Request.
+</Callout>

package/docs/self-hosting/environment-variables/auth.zh-CN.mdx

@@ -0,0 +1,124 @@
+# 身份验证服务
+
+LobeChat 在部署时提供了完善的身份验证服务能力，以下是相关的环境变量，你可以使用这些环境变量轻松定义需要在 LobeChat 中开启的身份验证服务。
+
+## 通用设置
+
+### `ENABLE_OAUTH_SSO`
+
+- 类型：必选
+- 描述：为 LobeChat 启用单点登录 (SSO)。设置为 `1` 以启用单点登录。
+- 默认值: `-`
+- 示例: `1`
+
+### `SSO_PROVIDERS`
+
+- Type: 必需
+- 描述：选择 LoboChat 的单点登录提供商。如果有多个单点登录提供商，请用逗号分隔，例如 `auth0,azure-ad,authentik`
+- 默认值: `auth0`
+- 示例: `auth0,azure-ad,authentik`
+
+### `NEXTAUTH_SECRET`
+
+- 类型：必选
+- 描述：用于加密 Auth.js 会话令牌的密钥。您可以使用以下命令生成秘钥： `openssl rand -base64 32`.
+- 默认值: `-`
+- 示例: `Tfhi2t2pelSMEA8eaV61KaqPNEndFFdMIxDaJnS1CUI=`
+
+### `NEXTAUTH_URL`
+
+- 类型：可选
+- 描述：该 URL 用于指定 Auth.js 在执行 OAuth 验证时的回调地址，在 Vercel 上部署时无需设置。
+- 默认值：`-`
+- 示例：`https://example.com/api/auth`
+
+## Auth0
+
+### `AUTH0_CLIENT_ID`
+
+- 类型：必选
+- 描述: Auth0 应用程序的 Client ID，您可以访问[这里](https://manage.auth0.com/dashboard)并导航至应用程序设置来查看
+- 默认值: `-`
+- 示例: `evCnOJP1UX8FMnXR9Xkj5t0NyFn5p70P`
+
+### `AUTH0_CLIENT_SECRET`
+
+- 类型：必选
+- 描述: Auth0 应用程序的 Client Secret
+- 默认值: `-`
+- 示例: `wnX7UbZg85ZUzF6ioxPLnJVEQa1Elbs7aqBUSF16xleBS5AdkVfASS49-fQIC8Rm`
+
+### `AUTH0_ISSUER`
+
+- 类型：必选
+- 描述: Auth0 应用程序的签发人 / 域
+- 默认值: `-`
+- 示例: `https://example.auth0.com`
+
+## Microsoft Entra ID
+
+### `AZURE_AD_CLIENT_ID`
+
+- 类型：必需
+- 描述：Microsoft Entra ID 应用程序的客户端 ID。
+- 默认值：`-`
+- 示例：`be8f6da1-58c3-4f16-ff1b-78f5148e10df`
+
+### `AZURE_AD_CLIENT_SECRET`
+
+- 类型：必需
+- 描述：Microsoft Entra ID 应用程序的客户端密钥。
+- 默认值：`-`
+- 示例：`~gI8Q.pTiN1vwB6Gl.E1yFT1ojcXABkdACfJXaNj`
+
+### `AZURE_AD_TENANT_ID`
+
+- 类型：必需
+- 描述：Microsoft Entra ID 应用程序的租户 ID。
+- 默认值：`-`
+- 示例：`c8ae2f36-edf6-4cda-96b9-d3e198a47cba`
+
+## Authentik
+
+
+### `AUTHENTIK_CLIENT_ID`
+
+- 类型：必选
+- 描述: Authentik 提供程序的 Client ID
+- 默认值: `-`
+- 示例: `YNtbIRlYF8Kj66mTLue59nsGLlb7HNyx1qjPH6VS`
+
+### `AUTHENTIK_CLIENT_SECRET`
+
+- 类型：必选
+- 描述: Authentik 提供程序的 Client Secret
+- 默认值: `-`
+- 示例: `h3lMI1vPUzqyqqeIDUbH5UNNOxyQLXk35h89yETeaAwHk7qVXBG3sJQWeqHBU5pyggwhP9u0eaZ1eq6DHUddVPLoS4gncqD37yuCr8jI8dY66WAt45MStDsDcQm0Ygze`
+
+### `AUTHENTIK_ISSUER`
+
+- 类型：必选
+- 描述: Authentik 提供程序的 OpenID Connect 颁发者
+- 默认值: `-`
+- 示例: `https://your-authentik-domain.com/application/o/slug/`
+
+## Github
+
+### `GITHUB_CLIENT_ID`
+
+- Type: Required
+- Description: Github应用的客户端ID。您可以在[这里](https://github.com/settings/apps)访问，并导航到应用程序设置以查看。
+- Default: `-`
+- Example: `abd94200333283550508`
+
+### `GITHUB_CLIENT_SECRET`
+
+- Type: Required
+- Description: Github应用的客户端密钥。
+- Default: `-`
+- Example: `dd262976ac0931d947e104891586a053f3d3750b`
+
+<Callout>
+  如果您需要使用其他身份验证服务提供商，可以提交
+  [功能请求](https://github.com/lobehub/lobe-chat/issues/new/choose) 或 Pull Request。
+</Callout>

package/docs/self-hosting/environment-variables/basic.mdx

@@ -49,145 +49,7 @@ The `DEFAULT_AGENT_CONFIG` is used to configure the default settings for the Lob
 
 Further reading:
 
-- [\[RFC\] 022 - Default Assistant Parameters Configuration via Environment Variables](https://github.com/lobehub/lobe-chat/discussions/913)
-
-## Identity Verification Service
-
-### General Settings
-
-#### `ENABLE_OAUTH_SSO`
-
-- Type: Required
-- Description: Enable single sign-on (SSO) for LobeChat. Set to `1` to enable single sign-on.
-- Default: `-`
-- Example: `1`
-
-#### `SSO_PROVIDERS`
-
-- Type: Required
-- Description: Select the single sign-on provider for LoboChat. For multiple SSO Providers separating them with commas, for example, `auth0,azure-ad,authentik`.
-- Default: `auth0`
-- Example: `auth0,azure-ad,authentik`
-
-#### `NEXTAUTH_SECRET`
-
-- Type: Required
-- Description: Key used to encrypt the session tokens in Auth.js. You can generate the key using the following command: `openssl rand -base64 32`.
-- Default: `-`
-- Example: `Tfhi2t2pelSMEA8eaV61KaqPNEndFFdMIxDaJnS1CUI=`
-
-#### `NEXTAUTH_URL`
-
-- Type: Optional
-- Description: This URL is used to specify the callback address for Auth.js during OAuth authentication. It does not need to be set when deploying on Vercel.
-- Default: `-`
-- Example: `https://example.com/api/auth`
-
-### Auth0
-
-<Callout>
-  Currently, we only support the Auth0, Microsoft Entra ID, Authentik identity verification service providers.
-  If you need to use other identity verification service providers, you can submit a [feature request](https://github.com/lobehub/lobe-chat/issues/new/choose) or Pull Request.
-</Callout>
-
-#### `AUTH0_CLIENT_ID`
-
-- Type: Required
-- Description: Client ID of the Auth0 application. You can access it [here][auth0-client-page] and navigate to the application settings to view.
-- Default: `-`
-- Example: `evCnOJP1UX8FMnXR9Xkj5t0NyFn5p70P`
-
-#### `AUTH0_CLIENT_SECRET`
-
-- Type: Required
-- Description: Client Secret of the Auth0 application.
-- Default: `-`
-- Example: `wnX7UbZg85ZUzF6ioxPLnJVEQa1Elbs7aqBUSF16xleBS5AdkVfASS49-fQIC8Rm`
-
-#### `AUTH0_ISSUER`
-
-- Type: Required
-- Description: Issuer/domain of the Auth0 application.
-- Default: `-`
-- Example: `https://example.auth0.com`
-
-### Microsoft Entra ID
-
-<Callout>
-  Currently, we only support the Auth0, Microsoft Entra ID, Authentik identity verification service providers. If you need to use
-  other identity verification service providers, you can submit a [feature request](https://github.com/lobehub/lobe-chat/issues/new/choose) or Pull Request.
-</Callout>
-
-#### `AZURE_AD_CLIENT_ID`
-
-- Type: Required
-- Description: Client ID of the Microsoft Entra ID application.
-- Default: `-`
-- Example: `be8f6da1-58c3-4f16-ff1b-78f5148e10df`
-
-#### `AZURE_AD_CLIENT_SECRET`
-
-- Type: Required
-- Description: Client Secret of the Microsoft Entra ID application.
-- Default: `-`
-- Example: `~gI8Q.pTiN1vwB6Gl.E1yFT1ojcXABkdACfJXaNj`
-
-#### `AZURE_AD_TENANT_ID`
-
-- Type: Required
-- Description: Tenant ID of the Microsoft Entra ID application.
-- Default: `-`
-- Example: `c8ae2f36-edf6-4cda-96b9-d3e198a47cba`
-
-### Authentik
-
-<Callout>
-  Currently, we only support the Auth0, Microsoft Entra ID, Authentik identity verification service providers. If you need to use
-  other identity verification service providers, you can submit a [feature
-  request](https://github.com/lobehub/lobe-chat/issues/new/choose) or Pull Request.
-</Callout>
-
-#### `AUTHENTIK_CLIENT_ID`
-
-- Type: Required
-- Description: Client ID of the Authentik provider application. You can access it [here][auth0-client-page] and navigate to the application settings to view.
-- Default: `-`
-- Example: `evCnOJP1UX8FMnXR9Xkj5t0NyFn5p70P`
-
-#### `AUTHENTIK_CLIENT_SECRET`
-
-- Type: Required
-- Description: Client Secret of the Authentik provider application.
-- Default: `-`
-- Example: `wnX7UbZg85ZUzF6ioxPLnJVEQa1Elbs7aqBUSF16xleBS5AdkVfASS49-fQIC8Rm`
-
-#### `AUTHENTIK_ISSUER`
-
-- Type: Required
-- Description: Issuer/domain of the Authentik provider application.
-- Default: `-`
-- Example: `https://your-authentik-domain.com/application/o/slug/`
-
-### Github
-
-<Callout>
-  Currently, we only support the Auth0, Microsoft Entra ID, Authentik, Github identity verification service providers.
-  If you need to use other identity verification service providers, you can submit a [feature request](https://github.com/lobehub/lobe-chat/issues/new/choose) or Pull Request.
-</Callout>
-
-#### `GITHUB_CLIENT_ID`
-
-- Type: Required
-- Description: Client ID of the Github application. You can access it [here][github-client-page] and navigate to the application settings to view.
-- Default: `-`
-- Example: `abd94200333283550508`
-
-#### `GITHUB_CLIENT_SECRET`
-
-- Type: Required
-- Description: Client Secret of the Github application.
-- Default: `-`
-- Example: `dd262976ac0931d947e104891586a053f3d3750b`
+- [[RFC] 022 - Default Assistant Parameters Configuration via Environment Variables](https://github.com/lobehub/lobe-chat/discussions/913)
 
 ## Plugin Service
 
@@ -225,6 +87,3 @@ The above example sets the `SERPAPI_API_KEY` of the `search-engine` plugin to `x
 - Type: Optional
 - Description: Index address of the LobeChat assistant market. If you have deployed the assistant market service on your own, you can use this variable to override the default market address.
 - Default: `https://chat-agents.lobehub.com`
-
-[auth0-client-page]: https://manage.auth0.com/dashboard
-[github-client-page]: https://github.com/settings/apps

package/docs/self-hosting/environment-variables/basic.zh-CN.mdx

@@ -49,146 +49,7 @@ LobeChat 在部署时提供了一些额外的配置项，你可以使用环境
 
 相关阅读：
 
-- [\[RFC\] 022 - 环境变量配置默认助手参数](https://github.com/lobehub/lobe-chat/discussions/913)
-
-## 身份验证服务
-
-### 通用设置
-
-#### `ENABLE_OAUTH_SSO`
-
-- 类型：必选
-- 描述：为 LobeChat 启用单点登录 (SSO)。设置为 `1` 以启用单点登录。
-- 默认值: `-`
-- 示例: `1`
-
-#### `SSO_PROVIDERS`
-
-- Type: 必需
-- 描述：选择 LoboChat 的单点登录提供商。如果有多个单点登录提供商，请用逗号分隔，例如 `auth0,azure-ad,authentik`
-- 默认值: `auth0`
-- 示例: `auth0,azure-ad,authentik`
-
-#### `NEXTAUTH_SECRET`
-
-- 类型：必选
-- 描述：用于加密 Auth.js 会话令牌的密钥。您可以使用以下命令生成秘钥： `openssl rand -base64 32`.
-- 默认值: `-`
-- 示例: `Tfhi2t2pelSMEA8eaV61KaqPNEndFFdMIxDaJnS1CUI=`
-
-#### `NEXTAUTH_URL`
-
-- 类型：可选
-- 描述：该 URL 用于指定 Auth.js 在执行 OAuth 验证时的回调地址，在 Vercel 上部署时无需设置。
-- 默认值：`-`
-- 示例：`https://example.com/api/auth`
-
-### Auth0
-
-<Callout>
-  目前，我们仅支持 Auth0,Microsoft Entra ID,Authentik 作为身份验证服务提供商。
-  如果您需要使用其他身份验证服务提供商，可以提交 [功能请求](https://github.com/lobehub/lobe-chat/issues/new/choose) 或 Pull Request。
-</Callout>
-
-#### `AUTH0_CLIENT_ID`
-
-- 类型：必选
-- 描述: Auth0 应用程序的 Client ID，您可以访问[这里][auth0-client-page]并导航至应用程序设置来查看
-- 默认值: `-`
-- 示例: `evCnOJP1UX8FMnXR9Xkj5t0NyFn5p70P`
-
-#### `AUTH0_CLIENT_SECRET`
-
-- 类型：必选
-- 描述: Auth0 应用程序的 Client Secret
-- 默认值: `-`
-- 示例: `wnX7UbZg85ZUzF6ioxPLnJVEQa1Elbs7aqBUSF16xleBS5AdkVfASS49-fQIC8Rm`
-
-#### `AUTH0_ISSUER`
-
-- 类型：必选
-- 描述: Auth0 应用程序的签发人 / 域
-- 默认值: `-`
-- 示例: `https://example.auth0.com`
-
-### Microsoft Entra ID
-
-<Callout>
-  目前，我们仅支持 Auth0,Microsoft Entra ID,Authentik 作为身份验证服务提供商。
-  如果您需要使用其他身份验证服务提供商，可以提交 [功能请求](https://github.com/lobehub/lobe-chat/issues/new/choose) 或 Pull Request。
-</Callout>
-
-#### `AZURE_AD_CLIENT_ID`
-
-- 类型：必需
-- 描述：Microsoft Entra ID 应用程序的客户端 ID。
-- 默认值：`-`
-- 示例：`be8f6da1-58c3-4f16-ff1b-78f5148e10df`
-
-#### `AZURE_AD_CLIENT_SECRET`
-
-- 类型：必需
-- 描述：Microsoft Entra ID 应用程序的客户端密钥。
-- 默认值：`-`
-- 示例：`~gI8Q.pTiN1vwB6Gl.E1yFT1ojcXABkdACfJXaNj`
-
-#### `AZURE_AD_TENANT_ID`
-
-- 类型：必需
-- 描述：Microsoft Entra ID 应用程序的租户 ID。
-- 默认值：`-`
-- 示例：`c8ae2f36-edf6-4cda-96b9-d3e198a47cba`
-
-### Authentik
-
-<Callout>
-  目前，我们仅支持 Auth0,Microsoft Entra ID,Authentik 作为身份验证服务提供商。如果您需要使用其他身份验证服务提供商，可以提交
-  [功能请求](https://github.com/lobehub/lobe-chat/issues/new/choose) 或 Pull Request。
-</Callout>
-
-#### `AUTHENTIK_CLIENT_ID`
-
-- 类型：必选
-- 描述: Authentik 提供程序的 Client ID
-- 默认值: `-`
-- 示例: `YNtbIRlYF8Kj66mTLue59nsGLlb7HNyx1qjPH6VS`
-
-#### `AUTHENTIK_CLIENT_SECRET`
-
-- 类型：必选
-- 描述: Authentik 提供程序的 Client Secret
-- 默认值: `-`
-- 示例: `h3lMI1vPUzqyqqeIDUbH5UNNOxyQLXk35h89yETeaAwHk7qVXBG3sJQWeqHBU5pyggwhP9u0eaZ1eq6DHUddVPLoS4gncqD37yuCr8jI8dY66WAt45MStDsDcQm0Ygze`
-
-#### `AUTHENTIK_ISSUER`
-
-- 类型：必选
-- 描述: Authentik 提供程序的 OpenID Connect 颁发者
-- 默认值: `-`
-- 示例: `https://your-authentik-domain.com/application/o/slug/`
-
-
-### Github
-
-<Callout>
-  目前，我们仅支持 Auth0,Microsoft Entra ID,Authentik,Github 作为身份验证服务提供商。如果您需要使用其他身份验证服务提供商，可以提交
-  [功能请求](https://github.com/lobehub/lobe-chat/issues/new/choose) 或 Pull Request。
-</Callout>
-
-#### `GITHUB_CLIENT_ID`
-
-- Type: Required
-- Description: Github应用的客户端ID。您可以在[这里][github-client-page]访问，并导航到应用程序设置以查看。
-- Default: `-`
-- Example: `abd94200333283550508`
-
-#### `GITHUB_CLIENT_SECRET`
-
-- Type: Required
-- Description: Github应用的客户端密钥。
-- Default: `-`
-- Example: `dd262976ac0931d947e104891586a053f3d3750b`
-
+- [[RFC] 022 - 环境变量配置默认助手参数](https://github.com/lobehub/lobe-chat/discussions/913)
 
 ## 插件服务
 
@@ -226,6 +87,3 @@ LobeChat 在部署时提供了一些额外的配置项，你可以使用环境
 - 类型：可选
 - 描述：LobeChat 助手市场的索引地址，如果你自行部署了助手市场的服务，可以使用该变量来覆盖默认的市场地址
 - 默认值：`https://chat-agents.lobehub.com`
-
-[auth0-client-page]: https://manage.auth0.com/dashboard
-[github-client-page]: https://github.com/settings/apps

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lobehub/chat",
-  "version": "0.145.7",
+  "version": "0.145.9",
   "description": "Lobe Chat - an open-source, high-performance chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application.",
   "keywords": [
     "framework",

package/src/app/api/auth/next-auth.ts

@@ -1,34 +1,22 @@
 import NextAuth from 'next-auth';
-import Auth0 from 'next-auth/providers/auth0';
-import Authentik from 'next-auth/providers/authentik';
-import AzureAd from 'next-auth/providers/azure-ad';
-import Github from 'next-auth/providers/github';
 
 import { getServerConfig } from '@/config/server';
 
-const {
-  ENABLE_OAUTH_SSO,
-  SSO_PROVIDERS,
-  AUTH0_CLIENT_ID,
-  AUTH0_CLIENT_SECRET,
-  AUTH0_ISSUER,
-  GITHUB_CLIENT_ID,
-  GITHUB_CLIENT_SECRET,
-  AZURE_AD_CLIENT_ID,
-  AZURE_AD_CLIENT_SECRET,
-  AZURE_AD_TENANT_ID,
-  AUTHENTIK_CLIENT_ID,
-  AUTHENTIK_CLIENT_SECRET,
-  AUTHENTIK_ISSUER,
-  NEXTAUTH_SECRET,
-} = getServerConfig();
+import { ssoProviders } from './sso-providers';
 
-declare module '@auth/core/jwt' {
-  // Returned by the `jwt` callback and `auth`, when using JWT sessions
-  interface JWT {
-    userId?: string;
-  }
-}
+const { NEXTAUTH_SECRET, ENABLE_OAUTH_SSO, SSO_PROVIDERS } = getServerConfig();
+
+export const initSSOProviders = () => {
+  return ENABLE_OAUTH_SSO
+    ? SSO_PROVIDERS.split(/[,，]/).map((provider) => {
+        const validProvider = ssoProviders.find((item) => item.id === provider);
+
+        if (validProvider) return validProvider.provider;
+
+        throw new Error(`[NextAuth] provider ${provider} is not supported`);
+      })
+    : [];
+};
 
 const nextAuth = NextAuth({
   callbacks: {
@@ -49,53 +37,7 @@ const nextAuth = NextAuth({
       return session;
     },
   },
-  providers: ENABLE_OAUTH_SSO
-    ? SSO_PROVIDERS.split(/[,，]/).map((provider) => {
-        switch (provider) {
-          case 'auth0': {
-            return Auth0({
-              // Specify auth scope, at least include 'openid email'
-              // all scopes in Auth0 ref: https://auth0.com/docs/get-started/apis/scopes/openid-connect-scopes#standard-claims
-              authorization: { params: { scope: 'openid email profile' } },
-              clientId: AUTH0_CLIENT_ID,
-              clientSecret: AUTH0_CLIENT_SECRET,
-              issuer: AUTH0_ISSUER,
-            });
-          }
-          case 'github': {
-            return Github({
-              // Specify auth scope, at least include 'openid email'
-              authorization: { params: { scope: 'read:user user:email' } },
-              clientId: GITHUB_CLIENT_ID,
-              clientSecret: GITHUB_CLIENT_SECRET,
-            });
-          }
-          case 'azure-ad': {
-            return AzureAd({
-              // Specify auth scope, at least include 'openid email'
-              // all scopes in Azure AD ref: https://learn.microsoft.com/en-us/entra/identity-platform/scopes-oidc#openid-connect-scopes
-              authorization: { params: { scope: 'openid email profile' } },
-              clientId: AZURE_AD_CLIENT_ID,
-              clientSecret: AZURE_AD_CLIENT_SECRET,
-              tenantId: AZURE_AD_TENANT_ID,
-            });
-          }
-          case 'authentik': {
-            return Authentik({
-              // Specify auth scope, at least include 'openid email'
-              // all scopes in Authentik ref: https://goauthentik.io/docs/providers/oauth2
-              authorization: { params: { scope: 'openid email profile' } },
-              clientId: AUTHENTIK_CLIENT_ID,
-              clientSecret: AUTHENTIK_CLIENT_SECRET,
-              issuer: AUTHENTIK_ISSUER,
-            });
-          }
-          default: {
-            throw new Error(`[NextAuth] provider ${provider} is not supported`);
-          }
-        }
-      })
-    : [],
+  providers: initSSOProviders(),
   secret: NEXTAUTH_SECRET,
   trustHost: true,
 });
@@ -104,3 +46,10 @@ export const {
   handlers: { GET, POST },
   auth,
 } = nextAuth;
+
+declare module '@auth/core/jwt' {
+  // Returned by the `jwt` callback and `auth`, when using JWT sessions
+  interface JWT {
+    userId?: string;
+  }
+}

package/src/app/api/auth/sso-providers/auth0.ts

@@ -0,0 +1,19 @@
+import Auth0 from 'next-auth/providers/auth0';
+
+import { getServerConfig } from '@/config/server';
+
+const { AUTH0_CLIENT_ID, AUTH0_CLIENT_SECRET, AUTH0_ISSUER } = getServerConfig();
+
+const provider = {
+  id: 'auth0',
+  provider: Auth0({
+    // Specify auth scope, at least include 'openid email'
+    // all scopes in Auth0 ref: https://auth0.com/docs/get-started/apis/scopes/openid-connect-scopes#standard-claims
+    authorization: { params: { scope: 'openid email profile' } },
+    clientId: AUTH0_CLIENT_ID,
+    clientSecret: AUTH0_CLIENT_SECRET,
+    issuer: AUTH0_ISSUER,
+  }),
+};
+
+export default provider;

package/src/app/api/auth/sso-providers/authentik.ts

@@ -0,0 +1,19 @@
+import Authentik from 'next-auth/providers/authentik';
+
+import { getServerConfig } from '@/config/server';
+
+const { AUTHENTIK_CLIENT_ID, AUTHENTIK_CLIENT_SECRET, AUTHENTIK_ISSUER } = getServerConfig();
+
+const provider = {
+  id: 'authentik',
+  provider: Authentik({
+    // Specify auth scope, at least include 'openid email'
+    // all scopes in Authentik ref: https://goauthentik.io/docs/providers/oauth2
+    authorization: { params: { scope: 'openid email profile' } },
+    clientId: AUTHENTIK_CLIENT_ID,
+    clientSecret: AUTHENTIK_CLIENT_SECRET,
+    issuer: AUTHENTIK_ISSUER,
+  }),
+};
+
+export default provider;

package/src/app/api/auth/sso-providers/azure-ad.ts

@@ -0,0 +1,19 @@
+import AzureAD from 'next-auth/providers/azure-ad';
+
+import { getServerConfig } from '@/config/server';
+
+const { AZURE_AD_CLIENT_ID, AZURE_AD_CLIENT_SECRET, AZURE_AD_TENANT_ID } = getServerConfig();
+
+const provider = {
+  id: 'azureAd',
+  provider: AzureAD({
+    // Specify auth scope, at least include 'openid email'
+    // all scopes in Azure AD ref: https://learn.microsoft.com/en-us/entra/identity-platform/scopes-oidc#openid-connect-scopes
+    authorization: { params: { scope: 'openid email profile' } },
+    clientId: AZURE_AD_CLIENT_ID,
+    clientSecret: AZURE_AD_CLIENT_SECRET,
+    tenantId: AZURE_AD_TENANT_ID,
+  }),
+};
+
+export default provider;

package/src/app/api/auth/sso-providers/github.ts

@@ -0,0 +1,17 @@
+import GitHub from 'next-auth/providers/github';
+
+import { getServerConfig } from '@/config/server';
+
+const { GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET } = getServerConfig();
+
+const provider = {
+  id: 'github',
+  provider: GitHub({
+    // Specify auth scope, at least include 'openid email'
+    authorization: { params: { scope: 'read:user user:email' } },
+    clientId: GITHUB_CLIENT_ID,
+    clientSecret: GITHUB_CLIENT_SECRET,
+  }),
+};
+
+export default provider;

package/src/app/api/auth/sso-providers/index.ts

@@ -0,0 +1,6 @@
+import Auth0 from './auth0';
+import Authentik from './authentik';
+import AzureAD from './azure-ad';
+import Github from './github';
+
+export const ssoProviders = [Auth0, Authentik, AzureAD, Github];

package/src/app/chat/features/TopicListContent/Topic/index.tsx

@@ -1,5 +1,5 @@
 import { EmptyCard } from '@lobehub/ui';
-import { useThemeMode } from 'antd-style';
+import { css, cx, useThemeMode } from 'antd-style';
 import isEqual from 'fast-deep-equal';
 import React, { memo, useCallback, useRef } from 'react';
 import { useTranslation } from 'react-i18next';
@@ -15,6 +15,12 @@ import { ChatTopic } from '@/types/topic';
 import { Placeholder, SkeletonList } from './SkeletonList';
 import TopicItem from './TopicItem';
 
+const container = css`
+  > div {
+    padding-inline: 8px;
+  }
+`;
+
 export const Topic = memo(() => {
   const { t } = useTranslation('chat');
   const virtuosoRef = useRef<VirtuosoHandle>(null);
@@ -78,6 +84,7 @@ export const Topic = memo(() => {
         </Flexbox>
       )}
       <Virtuoso
+        className={cx(container)}
         components={{ ScrollSeekPlaceholder: Placeholder }}
         computeItemKey={(_, item) => item.id}
         data={topics}

package/src/app/chat/features/TopicListContent/index.tsx

@@ -9,12 +9,7 @@ const TopicListContent = memo<{ mobile?: boolean }>(({ mobile }) => {
   return (
     <Flexbox gap={mobile ? 8 : 0} height={'100%'} style={{ overflow: 'hidden' }}>
       {mobile ? <TopicSearchBar /> : <Header />}
-      <Flexbox
-        gap={16}
-        height={'100%'}
-        paddingInline={mobile ? 0 : 8}
-        style={{ paddingTop: 6, position: 'relative' }}
-      >
+      <Flexbox gap={16} height={'100%'} style={{ paddingTop: 6, position: 'relative' }}>
         <Topic />
       </Flexbox>
     </Flexbox>

package/src/features/ChatInput/ActionBar/Tools/index.tsx

@@ -119,6 +119,10 @@ const Tools = memo(() => {
           onClick: (e) => {
             e.domEvent.preventDefault();
           },
+          style: {
+            maxHeight: 500,
+            overflowY: 'scroll',
+          },
         }}
         placement={'top'}
         trigger={['click']}

package/src/layout/GlobalProvider/AppTheme.tsx

@@ -20,21 +20,55 @@ import { setCookie } from '@/utils/cookie';
 
 const useStyles = createStyles(({ css, token }) => ({
   bg: css`
+    position: relative;
+
     overflow-y: hidden;
+    overscroll-behavior: none;
     display: flex;
     flex-direction: column;
     align-items: center;
 
     height: 100%;
+    max-height: 100dvh !important;
 
     background: ${token.colorBgLayout};
   `,
+  // scrollbar-width and scrollbar-color are supported from Chrome 121
+  // https://developer.mozilla.org/en-US/docs/Web/CSS/scrollbar-color
+  scrollbar: css`
+    scrollbar-color: ${token.colorFill} transparent;
+    scrollbar-width: thin;
+  `,
+
+  // so this is a polyfill for older browsers
+  scrollbarPolyfill: css`
+    ::-webkit-scrollbar {
+      width: 0.75em;
+      height: 0.75em;
+    }
+
+    ::-webkit-scrollbar-thumb {
+      border-radius: 10px;
+    }
+
+    :hover::-webkit-scrollbar-thumb {
+      background-color: ${token.colorText};
+      background-clip: content-box;
+      border: 3px solid transparent;
+    }
+
+    ::-webkit-scrollbar-track {
+      background-color: transparent;
+    }
+  `,
 }));
 
 const Container = memo<PropsWithChildren>(({ children }) => {
-  const { styles } = useStyles();
+  const { styles, cx } = useStyles();
 
-  return <App className={styles.bg}>{children}</App>;
+  return (
+    <App className={cx(styles.bg, styles.scrollbar, styles.scrollbarPolyfill)}>{children}</App>
+  );
 });
 
 export interface AppThemeProps {

package/src/styles/global.ts

@@ -9,25 +9,13 @@ export default ({ prefixCls }: { prefixCls: string }) => css`
     overscroll-behavior: none;
     height: 100% !important;
     max-height: 100dvh !important;
+  }
 
-    ::-webkit-scrollbar {
-      display: none;
-      width: 0;
-      height: 0;
-    }
+  * {
+    scrollbar-width: thin;
   }
 
   p {
     margin-bottom: 0;
   }
-
-  @media (max-width: 575px) {
-    * {
-      ::-webkit-scrollbar {
-        display: none;
-        width: 0;
-        height: 0;
-      }
-    }
-  }
 `;