@lobehub/chat 1.122.5 → 1.122.6

package/src/libs/next-auth/adapter/index.ts

@@ -4,175 +4,273 @@ import type {
   AdapterUser,
   VerificationToken,
 } from '@auth/core/adapters';
-import debug from 'debug';
+import { and, eq } from 'drizzle-orm';
+import type { NeonDatabase } from 'drizzle-orm/neon-serverless';
 import { Adapter, AdapterAccount } from 'next-auth/adapters';
-import urlJoin from 'url-join';
 
-import { serverDBEnv } from '@/config/db';
-import { appEnv } from '@/envs/app';
+import { UserModel } from '@/database/models/user';
+import * as schema from '@/database/schemas';
+import { AgentService } from '@/server/services/agent';
+import { merge } from '@/utils/merge';
 
-const log = debug('lobe-next-auth:adapter');
+import {
+  mapAdapterUserToLobeUser,
+  mapAuthenticatorQueryResutlToAdapterAuthenticator,
+  mapLobeUserToAdapterUser,
+  partialMapAdapterUserToLobeUser,
+} from './utils';
 
-interface BackendAdapterResponse {
-  data?: any;
-  error?: string;
-  success: boolean;
-}
-
-// Due to use direct HTTP Post, the date string cannot parse automatically
-export const dateKeys = ['expires', 'emailVerified'];
+const {
+  nextauthAccounts,
+  nextauthAuthenticators,
+  nextauthSessions,
+  nextauthVerificationTokens,
+  users,
+} = schema;
 
 /**
  * @description LobeNextAuthDbAdapter is implemented to handle the database operations
  * for NextAuth, this function do the same things as `src/app/api/webhooks/clerk/route.ts`
  * @returns {Adapter}
  */
-export function LobeNextAuthDbAdapter(): Adapter {
-  const baseUrl = appEnv.APP_URL;
-
-  // Ensure the baseUrl is set, otherwise throw an error
-  if (!baseUrl) {
-    throw new Error('LobeNextAuthDbAdapter: APP_URL is not set in environment variables');
-  }
-  const interactionUrl = urlJoin(baseUrl, '/api/auth/adapter');
-  log(`LobeNextAuthDbAdapter initialized with url: ${interactionUrl}`);
-
-  // Ensure serverDBEnv.KEY_VAULTS_SECRET is set, otherwise throw an error
-  if (!serverDBEnv.KEY_VAULTS_SECRET) {
-    throw new Error('LobeNextAuthDbAdapter: KEY_VAULTS_SECRET is not set in environment variables');
-  }
-
-  const fetcher = (action: string, data: any) =>
-    fetch(interactionUrl, {
-      body: JSON.stringify({ action, data }),
-      headers: {
-        'Authorization': `Bearer ${serverDBEnv.KEY_VAULTS_SECRET}`,
-        'Content-Type': 'application/json',
-      },
-      method: 'POST',
-    });
-  const postProcessor = async (res: Response) => {
-    const data = (await res.json()) as BackendAdapterResponse;
-    log('LobeNextAuthDbAdapter: postProcessor called with data:', data);
-    if (!data.success) {
-      log('LobeNextAuthDbAdapter: Error in postProcessor:');
-      log(data);
-      throw new Error(`LobeNextAuthDbAdapter: ${data.error}`);
-    }
-    if (data?.data) {
-      for (const key of dateKeys) {
-        if (data.data[key]) {
-          data.data[key] = new Date(data.data[key]);
-          continue;
-        }
-      }
-    }
-    return data.data;
-  };
-
+export function LobeNextAuthDbAdapter(serverDB: NeonDatabase<typeof schema>): Adapter {
   return {
     async createAuthenticator(authenticator): Promise<AdapterAuthenticator> {
-      const data = await fetcher('createAuthenticator', authenticator);
-      return await postProcessor(data);
+      const result = await serverDB
+        .insert(nextauthAuthenticators)
+        .values(authenticator)
+        .returning()
+        .then((res) => res[0] ?? undefined);
+      if (!result) throw new Error('LobeNextAuthDbAdapter: Failed to create authenticator');
+      return mapAuthenticatorQueryResutlToAdapterAuthenticator(result);
     },
-    async createSession(session): Promise<AdapterSession> {
-      const data = await fetcher('createSession', session);
-      return await postProcessor(data);
+    async createSession(data): Promise<AdapterSession> {
+      return serverDB
+        .insert(nextauthSessions)
+        .values(data)
+        .returning()
+        .then((res) => res[0]);
     },
     async createUser(user): Promise<AdapterUser> {
-      const data = await fetcher('createUser', user);
-      return await postProcessor(data);
+      const { id, name, email, emailVerified, image, providerAccountId } = user;
+      // return the user if it already exists
+      let existingUser =
+        email && typeof email === 'string' && email.trim()
+          ? await UserModel.findByEmail(serverDB, email)
+          : undefined;
+      // If the user is not found by email, try to find by providerAccountId
+      if (!existingUser && providerAccountId) {
+        existingUser = await UserModel.findById(serverDB, providerAccountId);
+      }
+      if (existingUser) {
+        const adapterUser = mapLobeUserToAdapterUser(existingUser);
+        return adapterUser;
+      }
+
+      // create a new user if it does not exist
+      // Use id from provider if it exists, otherwise use id assigned by next-auth
+      // ref: https://github.com/lobehub/lobe-chat/pull/2935
+      const uid = providerAccountId ?? id;
+      await UserModel.createUser(
+        serverDB,
+        mapAdapterUserToLobeUser({
+          email,
+          emailVerified,
+          // Use providerAccountId as userid to identify if the user exists in a SSO provider
+          id: uid,
+          image,
+          name,
+        }),
+      );
+
+      // 3. Create an inbox session for the user
+      const agentService = new AgentService(serverDB, uid);
+      await agentService.createInbox();
+
+      return { ...user, id: uid };
     },
     async createVerificationToken(data): Promise<VerificationToken | null | undefined> {
-      const result = await fetcher('createVerificationToken', data);
-      return await postProcessor(result);
+      return serverDB
+        .insert(nextauthVerificationTokens)
+        .values(data)
+        .returning()
+        .then((res) => res[0]);
     },
     async deleteSession(sessionToken): Promise<AdapterSession | null | undefined> {
-      const result = await fetcher('deleteSession', sessionToken);
-      await postProcessor(result);
+      await serverDB
+        .delete(nextauthSessions)
+        .where(eq(nextauthSessions.sessionToken, sessionToken));
       return;
     },
     async deleteUser(id): Promise<AdapterUser | null | undefined> {
-      const result = await fetcher('deleteUser', id);
-      await postProcessor(result);
+      const user = await UserModel.findById(serverDB, id);
+      if (!user) throw new Error('NextAuth: Delete User not found');
+
+      await UserModel.deleteUser(serverDB, id);
       return;
     },
 
     async getAccount(providerAccountId, provider): Promise<AdapterAccount | null> {
-      const data = await fetcher('getAccount', {
-        provider,
-        providerAccountId,
-      });
-      return await postProcessor(data);
+      return serverDB
+        .select()
+        .from(nextauthAccounts)
+        .where(
+          and(
+            eq(nextauthAccounts.provider, provider),
+            eq(nextauthAccounts.providerAccountId, providerAccountId),
+          ),
+        )
+        .then((res) => res[0] ?? null) as Promise<AdapterAccount | null>;
     },
 
     async getAuthenticator(credentialID): Promise<AdapterAuthenticator | null> {
-      const result = await fetcher('getAuthenticator', credentialID);
-      return await postProcessor(result);
+      const result = await serverDB
+        .select()
+        .from(nextauthAuthenticators)
+        .where(eq(nextauthAuthenticators.credentialID, credentialID))
+        .then((res) => res[0] ?? null);
+      if (!result) throw new Error('LobeNextAuthDbAdapter: Failed to get authenticator');
+      return mapAuthenticatorQueryResutlToAdapterAuthenticator(result);
     },
 
     async getSessionAndUser(sessionToken): Promise<{
       session: AdapterSession;
       user: AdapterUser;
     } | null> {
-      const result = await fetcher('getSessionAndUser', sessionToken);
-      return await postProcessor(result);
+      const result = await serverDB
+        .select({
+          session: nextauthSessions,
+          user: users,
+        })
+        .from(nextauthSessions)
+        .where(eq(nextauthSessions.sessionToken, sessionToken))
+        .innerJoin(users, eq(users.id, nextauthSessions.userId))
+        .then((res) => (res.length > 0 ? res[0] : null));
+
+      if (!result) return null;
+      const adapterUser = mapLobeUserToAdapterUser(result.user);
+      if (!adapterUser) return null;
+      return {
+        session: result.session,
+        user: adapterUser,
+      };
     },
 
     async getUser(id): Promise<AdapterUser | null> {
-      log('getUser called with id:', id);
-      const result = await fetcher('getUser', id);
-      return await postProcessor(result);
+      const lobeUser = await UserModel.findById(serverDB, id);
+      if (!lobeUser) return null;
+      return mapLobeUserToAdapterUser(lobeUser);
     },
 
     async getUserByAccount(account): Promise<AdapterUser | null> {
-      const data = await fetcher('getUserByAccount', account);
-      return await postProcessor(data);
+      const result = await serverDB
+        .select({
+          account: nextauthAccounts,
+          users,
+        })
+        .from(nextauthAccounts)
+        .innerJoin(users, eq(nextauthAccounts.userId, users.id))
+        .where(
+          and(
+            eq(nextauthAccounts.provider, account.provider),
+            eq(nextauthAccounts.providerAccountId, account.providerAccountId),
+          ),
+        )
+        .then((res) => res[0]);
+
+      return result?.users ? mapLobeUserToAdapterUser(result.users) : null;
     },
 
     async getUserByEmail(email): Promise<AdapterUser | null> {
-      const data = await fetcher('getUserByEmail', email);
-      return await postProcessor(data);
+      const lobeUser =
+        email && typeof email === 'string' && email.trim()
+          ? await UserModel.findByEmail(serverDB, email)
+          : undefined;
+      return lobeUser ? mapLobeUserToAdapterUser(lobeUser) : null;
     },
 
     async linkAccount(data): Promise<AdapterAccount | null | undefined> {
-      const result = await fetcher('linkAccount', data);
-      return await postProcessor(result);
+      const [account] = await serverDB
+        .insert(nextauthAccounts)
+        .values(data as any)
+        .returning();
+      if (!account) throw new Error('NextAuthAccountModel: Failed to create account');
+      // TODO Update type annotation
+      return account as any;
     },
 
     async listAuthenticatorsByUserId(userId): Promise<AdapterAuthenticator[]> {
-      const result = await fetcher('listAuthenticatorsByUserId', userId);
-      return await postProcessor(result);
+      const result = await serverDB
+        .select()
+        .from(nextauthAuthenticators)
+        .where(eq(nextauthAuthenticators.userId, userId))
+        .then((res) => res);
+      if (result.length === 0)
+        throw new Error('LobeNextAuthDbAdapter: Failed to get authenticator list');
+      return result.map((r) => mapAuthenticatorQueryResutlToAdapterAuthenticator(r));
     },
 
     // @ts-ignore: The return type is {Promise<void> | Awaitable<AdapterAccount | undefined>}
     async unlinkAccount(account): Promise<void | AdapterAccount | undefined> {
-      const result = await fetcher('unlinkAccount', account);
-      await postProcessor(result);
-      return;
+      await serverDB
+        .delete(nextauthAccounts)
+        .where(
+          and(
+            eq(nextauthAccounts.provider, account.provider),
+            eq(nextauthAccounts.providerAccountId, account.providerAccountId),
+          ),
+        );
     },
 
     async updateAuthenticatorCounter(credentialID, counter): Promise<AdapterAuthenticator> {
-      const result = await fetcher('updateAuthenticatorCounter', {
-        counter,
-        credentialID,
-      });
-      return await postProcessor(result);
+      const result = await serverDB
+        .update(nextauthAuthenticators)
+        .set({ counter })
+        .where(eq(nextauthAuthenticators.credentialID, credentialID))
+        .returning()
+        .then((res) => res[0]);
+      if (!result) throw new Error('LobeNextAuthDbAdapter: Failed to update authenticator counter');
+      return mapAuthenticatorQueryResutlToAdapterAuthenticator(result);
     },
 
     async updateSession(data): Promise<AdapterSession | null | undefined> {
-      const result = await fetcher('updateSession', data);
-      return await postProcessor(result);
+      const res = await serverDB
+        .update(nextauthSessions)
+        .set(data)
+        .where(eq(nextauthSessions.sessionToken, data.sessionToken))
+        .returning();
+      return res[0];
     },
 
     async updateUser(user): Promise<AdapterUser> {
-      const result = await fetcher('updateUser', user);
-      return await postProcessor(result);
+      const lobeUser = await UserModel.findById(serverDB, user?.id);
+      if (!lobeUser) throw new Error('NextAuth: User not found');
+      const userModel = new UserModel(serverDB, user.id);
+
+      const updatedUser = await userModel.updateUser({
+        ...partialMapAdapterUserToLobeUser(user),
+      });
+      if (!updatedUser) throw new Error('NextAuth: Failed to update user');
+
+      // merge new user data with old user data
+      const newAdapterUser = mapLobeUserToAdapterUser(lobeUser);
+      if (!newAdapterUser) {
+        throw new Error('NextAuth: Failed to map user data to adapter user');
+      }
+      return merge(newAdapterUser, user);
     },
 
     async useVerificationToken(identifier_token): Promise<VerificationToken | null> {
-      const result = await fetcher('useVerificationToken', identifier_token);
-      return await postProcessor(result);
+      return serverDB
+        .delete(nextauthVerificationTokens)
+        .where(
+          and(
+            eq(nextauthVerificationTokens.identifier, identifier_token.identifier),
+            eq(nextauthVerificationTokens.token, identifier_token.token),
+          ),
+        )
+        .returning()
+        .then((res) => (res.length > 0 ? res[0] : null));
     },
   };
 }

package/src/libs/next-auth/auth.config.ts

@@ -1,32 +1,23 @@
 import type { NextAuthConfig } from 'next-auth';
 
-import { ssoProviders } from './sso-providers';
-import { LobeNextAuthDbAdapter } from './adapter';
-import { getAuthConfig } from '@/config/auth';
+import { authEnv } from '@/config/auth';
 
-const {
-  NEXT_AUTH_DEBUG,
-  NEXT_AUTH_SECRET,
-  NEXT_AUTH_SSO_SESSION_STRATEGY,
-  NEXT_AUTH_SSO_PROVIDERS,
-  NEXT_PUBLIC_ENABLE_NEXT_AUTH
-} = getAuthConfig();
+import { ssoProviders } from './sso-providers';
 
 export const initSSOProviders = () => {
-  return NEXT_PUBLIC_ENABLE_NEXT_AUTH
-    ? NEXT_AUTH_SSO_PROVIDERS.split(/[,，]/).map((provider) => {
-      const validProvider = ssoProviders.find((item) => item.id === provider.trim());
+  return authEnv.NEXT_PUBLIC_ENABLE_NEXT_AUTH
+    ? authEnv.NEXT_AUTH_SSO_PROVIDERS.split(/[,，]/).map((provider) => {
+        const validProvider = ssoProviders.find((item) => item.id === provider.trim());
 
-      if (validProvider) return validProvider.provider;
+        if (validProvider) return validProvider.provider;
 
-      throw new Error(`[NextAuth] provider ${provider} is not supported`);
-    })
+        throw new Error(`[NextAuth] provider ${provider} is not supported`);
+      })
     : [];
 };
 
 // Notice this is only an object, not a full Auth.js instance
 export default {
-  adapter: LobeNextAuthDbAdapter(),
   callbacks: {
     // Note: Data processing order of callback: authorize --> jwt --> session
     async jwt({ token, user }) {
@@ -48,15 +39,12 @@ export default {
       return session;
     },
   },
-  debug: NEXT_AUTH_DEBUG,
+  debug: authEnv.NEXT_AUTH_DEBUG,
   pages: {
     error: '/next-auth/error',
     signIn: '/next-auth/signin',
   },
   providers: initSSOProviders(),
-  secret: NEXT_AUTH_SECRET,
-  session: {
-    strategy: NEXT_AUTH_SSO_SESSION_STRATEGY,
-  },
+  secret: authEnv.NEXT_AUTH_SECRET,
   trustHost: process.env?.AUTH_TRUST_HOST ? process.env.AUTH_TRUST_HOST === 'true' : true,
 } satisfies NextAuthConfig;

package/src/libs/next-auth/edge.ts

@@ -0,0 +1,26 @@
+import NextAuth from 'next-auth';
+
+import authConfig from './auth.config';
+
+/**
+ * NextAuth initialization without Database adapter
+ *
+ * @example
+ * ```ts
+ * import NextAuthEdge from '@/libs/next-auth/edge';
+ * const { auth } = NextAuthEdge;
+ * ```
+ *
+ * @note
+ * We currently use `jwt` strategy for session management.
+ * So you don't need to import `signIn` or `signOut` from
+ * this module, just import from `next-auth` directly.
+ *
+ * Inside react component
+ * @example
+ * ```ts
+ * import { signOut } from 'next-auth/react';
+ * signOut();
+ * ```
+ */
+export default NextAuth(authConfig);

package/src/libs/next-auth/index.ts

@@ -1,20 +1,33 @@
 import NextAuth from 'next-auth';
 
-import authConfig from './auth.config';
+import { getServerDBConfig } from '@/config/db';
+import { serverDB } from '@/database/server';
+
+import { LobeNextAuthDbAdapter } from './adapter';
+import config from './auth.config';
+
+const { NEXT_PUBLIC_ENABLED_SERVER_SERVICE } = getServerDBConfig();
 
 /**
- * NextAuth initialization without Database adapter
- *
- * @note
- * We currently use `jwt` strategy for session management.
- * So you don't need to import `signIn` or `signOut` from
- * this module, just import from `next-auth` directly.
+ * NextAuth initialization with Database adapter
  *
- * Inside react component
  * @example
  * ```ts
- * import { signOut } from 'next-auth/react';
- * signOut();
+ * import NextAuthNode from '@/libs/next-auth';
+ * const { handlers } = NextAuthNode;
  * ```
+ *
+ * @note
+ * If you meet the edge runtime compatible problem,
+ * you can import from `@/libs/next-auth/edge` which is not initial with the database adapter.
+ *
+ * The difference and usage of the two different NextAuth modules is can be
+ * ref to: https://github.com/lobehub/lobe-chat/pull/2935
  */
-export default NextAuth(authConfig);
+export default NextAuth({
+  ...config,
+  adapter: NEXT_PUBLIC_ENABLED_SERVER_SERVICE ? LobeNextAuthDbAdapter(serverDB) : undefined,
+  session: {
+    strategy: 'jwt',
+  },
+});

package/src/libs/trpc/edge/context.ts

@@ -54,9 +54,9 @@ export const createEdgeContext = async (request: NextRequest): Promise<EdgeConte
 
   if (enableNextAuth) {
     try {
-      const { default: NextAuth } = await import('@/libs/next-auth');
+      const { default: NextAuthEdge } = await import('@/libs/next-auth/edge');
 
-      const session = await NextAuth.auth();
+      const session = await NextAuthEdge.auth();
       if (session && session?.user?.id) {
         auth = session.user;
         userId = session.user.id;

package/src/libs/trpc/lambda/context.ts

@@ -161,9 +161,9 @@ export const createLambdaContext = async (request: NextRequest): Promise<LambdaC
   if (enableNextAuth) {
     log('Attempting NextAuth authentication');
     try {
-      const { default: NextAuth } = await import('@/libs/next-auth');
+      const { default: NextAuthEdge } = await import('@/libs/next-auth/edge');
 
-      const session = await NextAuth.auth();
+      const session = await NextAuthEdge.auth();
       if (session && session?.user?.id) {
         auth = session.user;
         userId = session.user.id;

package/src/middleware.ts

@@ -10,7 +10,7 @@ import { OAUTH_AUTHORIZED } from '@/const/auth';
 import { LOBE_LOCALE_COOKIE } from '@/const/locale';
 import { LOBE_THEME_APPEARANCE } from '@/const/theme';
 import { appEnv } from '@/envs/app';
-import NextAuth from '@/libs/next-auth';
+import NextAuthEdge from '@/libs/next-auth/edge';
 import { Locales } from '@/locales/resources';
 
 import { oidcEnv } from './envs/oidc';
@@ -170,7 +170,7 @@ const isProtectedRoute = createRouteMatcher([
 ]);
 
 // Initialize an Edge compatible NextAuth middleware
-const nextAuthMiddleware = NextAuth.auth((req) => {
+const nextAuthMiddleware = NextAuthEdge.auth(async (req) => {
   logNextAuth('NextAuth middleware processing request: %s %s', req.method, req.url);
 
   const response = defaultMiddleware(req);

package/src/server/routers/lambda/user.test.ts

@@ -6,8 +6,8 @@ import { MessageModel } from '@/database/models/message';
 import { SessionModel } from '@/database/models/session';
 import { UserModel, UserNotFoundError } from '@/database/models/user';
 import { serverDB } from '@/database/server';
+import { LobeNextAuthDbAdapter } from '@/libs/next-auth/adapter';
 import { KeyVaultsGateKeeper } from '@/server/modules/KeyVaultsEncrypt';
-import { NextAuthUserService } from '@/server/services/nextAuthUser';
 import { UserService } from '@/server/services/user';
 
 import { userRouter } from './user';
@@ -24,10 +24,10 @@ vi.mock('@/database/server', () => ({
 vi.mock('@/database/models/message');
 vi.mock('@/database/models/session');
 vi.mock('@/database/models/user');
+vi.mock('@/libs/next-auth/adapter');
 vi.mock('@/server/modules/KeyVaultsEncrypt');
 vi.mock('@/server/modules/S3');
 vi.mock('@/server/services/user');
-vi.mock('@/server/services/nextAuthUser');
 vi.mock('@/const/auth', () => ({
   enableClerk: true,
 }));
@@ -221,7 +221,7 @@ describe('userRouter', () => {
         type: 'oauth',
       };
 
-      vi.mocked(NextAuthUserService).mockReturnValue({
+      vi.mocked(LobeNextAuthDbAdapter).mockReturnValue({
         getAccount: vi.fn().mockResolvedValue(mockAccount),
         unlinkAccount: vi.fn().mockResolvedValue(undefined),
       } as any);
@@ -237,7 +237,7 @@ describe('userRouter', () => {
         providerAccountId: '123',
       };
 
-      vi.mocked(NextAuthUserService).mockReturnValue({
+      vi.mocked(LobeNextAuthDbAdapter).mockReturnValue({
         getAccount: vi.fn().mockResolvedValue(null),
         unlinkAccount: vi.fn(),
       } as any);
@@ -246,6 +246,19 @@ describe('userRouter', () => {
         userRouter.createCaller({ ...mockCtx }).unlinkSSOProvider(mockInput),
       ).rejects.toThrow('The account does not exist');
     });
+
+    it('should throw error if adapter methods are not implemented', async () => {
+      const mockInput = {
+        provider: 'google',
+        providerAccountId: '123',
+      };
+
+      vi.mocked(LobeNextAuthDbAdapter).mockReturnValue({} as any);
+
+      await expect(
+        userRouter.createCaller({ ...mockCtx }).unlinkSSOProvider(mockInput),
+      ).rejects.toThrow('The method in LobeNextAuthDbAdapter `unlinkAccount` is not implemented');
+    });
   });
 
   describe('updateSettings', () => {

package/src/server/routers/lambda/user.ts

@@ -9,12 +9,12 @@ import { SessionModel } from '@/database/models/session';
 import { UserModel, UserNotFoundError } from '@/database/models/user';
 import { ClerkAuth } from '@/libs/clerk-auth';
 import { pino } from '@/libs/logger';
+import { LobeNextAuthDbAdapter } from '@/libs/next-auth/adapter';
 import { authedProcedure, router } from '@/libs/trpc/lambda';
 import { serverDatabase } from '@/libs/trpc/lambda/middleware';
 import { KeyVaultsGateKeeper } from '@/server/modules/KeyVaultsEncrypt';
 import { S3 } from '@/server/modules/S3';
 import { FileService } from '@/server/services/file';
-import { NextAuthUserService } from '@/server/services/nextAuthUser';
 import { UserService } from '@/server/services/user';
 import {
   NextAuthAccountSchame,
@@ -29,7 +29,7 @@ const userProcedure = authedProcedure.use(serverDatabase).use(async ({ ctx, next
     ctx: {
       clerkAuth: new ClerkAuth(),
       fileService: new FileService(ctx.serverDB, ctx.userId),
-      nextAuthUserService: new NextAuthUserService(ctx.serverDB),
+      nextAuthDbAdapter: LobeNextAuthDbAdapter(ctx.serverDB),
       userModel: new UserModel(ctx.serverDB, ctx.userId),
     },
   });
@@ -134,10 +134,19 @@ export const userRouter = router({
 
   unlinkSSOProvider: userProcedure.input(NextAuthAccountSchame).mutation(async ({ ctx, input }) => {
     const { provider, providerAccountId } = input;
-    const account = await ctx.nextAuthUserService.getAccount(providerAccountId, provider);
-    // The userId can either get from ctx.nextAuth?.id or ctx.userId
-    if (!account || account.userId !== ctx.userId) throw new Error('The account does not exist');
-    await ctx.nextAuthUserService.unlinkAccount({ provider, providerAccountId });
+    if (
+      ctx.nextAuthDbAdapter?.unlinkAccount &&
+      typeof ctx.nextAuthDbAdapter.unlinkAccount === 'function' &&
+      ctx.nextAuthDbAdapter?.getAccount &&
+      typeof ctx.nextAuthDbAdapter.getAccount === 'function'
+    ) {
+      const account = await ctx.nextAuthDbAdapter.getAccount(providerAccountId, provider);
+      // The userId can either get from ctx.nextAuth?.id or ctx.userId
+      if (!account || account.userId !== ctx.userId) throw new Error('The account does not exist');
+      await ctx.nextAuthDbAdapter.unlinkAccount({ provider, providerAccountId });
+    } else {
+      throw new Error('The method in LobeNextAuthDbAdapter `unlinkAccount` is not implemented');
+    }
   }),
 
   // 服务端上传头像