@lobehub/chat 1.122.5 → 1.122.6

package/src/server/services/nextAuthUser/index.test.ts

@@ -0,0 +1,108 @@
+// @vitest-environment node
+import { NextResponse } from 'next/server';
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+
+import { UserModel } from '@/database/models/user';
+import { UserItem } from '@/database/schemas';
+import { serverDB } from '@/database/server';
+import { pino } from '@/libs/logger';
+
+import { NextAuthUserService } from './index';
+
+vi.mock('@/libs/logger', () => ({
+  pino: {
+    info: vi.fn(),
+    warn: vi.fn(),
+  },
+}));
+
+vi.mock('@/database/models/user');
+vi.mock('@/database/server');
+
+describe('NextAuthUserService', () => {
+  let service: NextAuthUserService;
+
+  beforeEach(async () => {
+    vi.clearAllMocks();
+    service = new NextAuthUserService(serverDB);
+  });
+
+  describe('safeUpdateUser', () => {
+    const mockUser = {
+      id: 'user-123',
+      email: 'test@example.com',
+    };
+
+    const mockAccount = {
+      provider: 'github',
+      providerAccountId: '12345',
+    };
+
+    const mockUpdateData: Partial<UserItem> = {
+      avatar: 'https://example.com/avatar.jpg',
+      email: 'new@example.com',
+      fullName: 'Test User',
+    };
+
+    it('should update user when user is found', async () => {
+      const mockUserModel = {
+        updateUser: vi.fn().mockResolvedValue({}),
+      };
+
+      vi.mocked(UserModel).mockImplementation(() => mockUserModel as any);
+
+      // Mock the adapter directly on the service instance
+      service.adapter = {
+        getUserByAccount: vi.fn().mockResolvedValue(mockUser),
+      };
+
+      const response = await service.safeUpdateUser(mockAccount, mockUpdateData);
+
+      expect(pino.info).toHaveBeenCalledWith(
+        `updating user "${JSON.stringify(mockAccount)}" due to webhook`,
+      );
+
+      expect(service.adapter.getUserByAccount).toHaveBeenCalledWith(mockAccount);
+      expect(UserModel).toHaveBeenCalledWith(serverDB, mockUser.id);
+      expect(mockUserModel.updateUser).toHaveBeenCalledWith(mockUpdateData);
+
+      expect(response).toBeInstanceOf(NextResponse);
+      expect(response.status).toBe(200);
+      const data = await response.json();
+      expect(data).toEqual({ message: 'user updated', success: true });
+    });
+
+    it('should handle case when user is not found', async () => {
+      // Mock the adapter directly on the service instance
+      service.adapter = {
+        getUserByAccount: vi.fn().mockResolvedValue(null),
+      };
+
+      const response = await service.safeUpdateUser(mockAccount, mockUpdateData);
+
+      expect(pino.warn).toHaveBeenCalledWith(
+        `[${mockAccount.provider}]: Webhooks handler user "${JSON.stringify(mockAccount)}" update for "${JSON.stringify(mockUpdateData)}", but no user was found by the providerAccountId.`,
+      );
+
+      expect(UserModel).not.toHaveBeenCalled();
+
+      expect(response).toBeInstanceOf(NextResponse);
+      expect(response.status).toBe(200);
+      const data = await response.json();
+      expect(data).toEqual({ message: 'user updated', success: true });
+    });
+
+    it('should handle errors during user update', async () => {
+      const mockError = new Error('Database error');
+
+      // Mock the adapter directly on the service instance
+      service.adapter = {
+        getUserByAccount: vi.fn().mockRejectedValue(mockError),
+      };
+
+      await expect(service.safeUpdateUser(mockAccount, mockUpdateData)).rejects.toThrow(mockError);
+
+      expect(UserModel).not.toHaveBeenCalled();
+    });
+  });
+});

package/src/server/services/nextAuthUser/index.ts

@@ -1,33 +1,18 @@
-import { and, eq } from 'drizzle-orm';
-import { Adapter, AdapterAccount } from 'next-auth/adapters';
 import { NextResponse } from 'next/server';
 
 import { UserModel } from '@/database/models/user';
-import {
-  UserItem,
-  nextauthAccounts,
-  nextauthAuthenticators,
-  nextauthSessions,
-  nextauthVerificationTokens,
-  users,
-} from '@/database/schemas';
+import { UserItem } from '@/database/schemas';
 import { LobeChatDatabase } from '@/database/type';
 import { pino } from '@/libs/logger';
-import { merge } from '@/utils/merge';
-
-import { AgentService } from '../agent';
-import {
-  mapAdapterUserToLobeUser,
-  mapAuthenticatorQueryResutlToAdapterAuthenticator,
-  mapLobeUserToAdapterUser,
-  partialMapAdapterUserToLobeUser,
-} from './utils';
+import { LobeNextAuthDbAdapter } from '@/libs/next-auth/adapter';
 
 export class NextAuthUserService {
+  adapter;
   private db: LobeChatDatabase;
 
   constructor(db: LobeChatDatabase) {
     this.db = db;
+    this.adapter = LobeNextAuthDbAdapter(db);
   }
 
   safeUpdateUser = async (
@@ -36,7 +21,8 @@ export class NextAuthUserService {
   ) => {
     pino.info(`updating user "${JSON.stringify({ provider, providerAccountId })}" due to webhook`);
     // 1. Find User by account
-    const user = await this.getUserByAccount({
+    // @ts-expect-error: Already impl in `LobeNextauthDbAdapter`
+    const user = await this.adapter.getUserByAccount({
       provider,
       providerAccountId,
     });
@@ -58,266 +44,4 @@ export class NextAuthUserService {
     }
     return NextResponse.json({ message: 'user updated', success: true }, { status: 200 });
   };
-
-  safeSignOutUser = async ({
-    providerAccountId,
-    provider,
-  }: {
-    provider: string;
-    providerAccountId: string;
-  }) => {
-    pino.info(`Signing out user "${JSON.stringify({ provider, providerAccountId })}"`);
-    const user = await this.getUserByAccount({
-      provider,
-      providerAccountId,
-    });
-
-    // 2. If found, Update user data from provider
-    if (user?.id) {
-      // Perform update
-      await this.db.delete(nextauthSessions).where(eq(nextauthSessions.userId, user.id));
-    } else {
-      pino.warn(
-        `[${provider}]: Webhooks handler user "${JSON.stringify({ provider, providerAccountId })}" to signout", but no user was found by the providerAccountId.`,
-      );
-    }
-    return NextResponse.json({ message: 'user signed out', success: true }, { status: 200 });
-  };
-
-  createAuthenticator: NonNullable<Adapter['createAuthenticator']> = async (authenticator) => {
-    return await this.db
-      .insert(nextauthAuthenticators)
-      .values(authenticator)
-      .returning()
-      .then((res: any) => res[0] ?? undefined);
-  };
-
-  createSession: NonNullable<Adapter['createSession']> = async (data) => {
-    return await this.db
-      .insert(nextauthSessions)
-      .values(data)
-      .returning()
-      .then((res: any) => res[0]);
-  };
-
-  createUser: NonNullable<Adapter['createUser']> = async (user) => {
-    const { id, name, email, emailVerified, image, providerAccountId } = user;
-    // return the user if it already exists
-    let existingUser =
-      email && typeof email === 'string' && email.trim()
-        ? await UserModel.findByEmail(this.db, email)
-        : undefined;
-    // If the user is not found by email, try to find by providerAccountId
-    if (!existingUser && providerAccountId) {
-      existingUser = await UserModel.findById(this.db, providerAccountId);
-    }
-    if (existingUser) {
-      const adapterUser = mapLobeUserToAdapterUser(existingUser);
-      return adapterUser;
-    }
-
-    // create a new user if it does not exist
-    // Use id from provider if it exists, otherwise use id assigned by next-auth
-    // ref: https://github.com/lobehub/lobe-chat/pull/2935
-    const uid = providerAccountId ?? id;
-    await UserModel.createUser(
-      this.db,
-      mapAdapterUserToLobeUser({
-        email,
-        emailVerified,
-        // Use providerAccountId as userid to identify if the user exists in a SSO provider
-        id: uid,
-        image,
-        name,
-      }),
-    );
-
-    // 3. Create an inbox session for the user
-    const agentService = new AgentService(this.db, uid);
-    await agentService.createInbox();
-
-    return { ...user, id: uid };
-  };
-
-  createVerificationToken: NonNullable<Adapter['createVerificationToken']> = async (data) => {
-    return await this.db
-      .insert(nextauthVerificationTokens)
-      .values(data)
-      .returning()
-      .then((res: any) => res[0]);
-  };
-
-  deleteSession: NonNullable<Adapter['deleteSession']> = async (sessionToken) => {
-    await this.db.delete(nextauthSessions).where(eq(nextauthSessions.sessionToken, sessionToken));
-  };
-
-  deleteUser: NonNullable<Adapter['deleteUser']> = async (id) => {
-    const user = await UserModel.findById(this.db, id);
-    if (!user) throw new Error('NextAuth: Delete User not found');
-    await UserModel.deleteUser(this.db, id);
-  };
-
-  getAccount: NonNullable<Adapter['getAccount']> = async (providerAccountId, provider) => {
-    return (await this.db
-      .select()
-      .from(nextauthAccounts)
-      .where(
-        and(
-          eq(nextauthAccounts.provider, provider),
-          eq(nextauthAccounts.providerAccountId, providerAccountId),
-        ),
-      )
-      .then((res: any) => res[0] ?? null)) as Promise<AdapterAccount | null>;
-  };
-
-  getAuthenticator: NonNullable<Adapter['getAuthenticator']> = async (credentialID) => {
-    const result = await this.db
-      .select()
-      .from(nextauthAuthenticators)
-      .where(eq(nextauthAuthenticators.credentialID, credentialID))
-      .then((res) => res[0] ?? null);
-    if (!result) throw new Error('NextAuthUserService: Failed to get authenticator');
-    return mapAuthenticatorQueryResutlToAdapterAuthenticator(result);
-  };
-
-  getSessionAndUser: NonNullable<Adapter['getSessionAndUser']> = async (sessionToken) => {
-    const result = await this.db
-      .select({
-        session: nextauthSessions,
-        user: users,
-      })
-      .from(nextauthSessions)
-      .where(eq(nextauthSessions.sessionToken, sessionToken))
-      .innerJoin(users, eq(users.id, nextauthSessions.userId))
-      .then((res: any) => (res.length > 0 ? res[0] : null));
-
-    if (!result) return null;
-    const adapterUser = mapLobeUserToAdapterUser(result.user);
-    if (!adapterUser) return null;
-    return {
-      session: result.session,
-      user: adapterUser,
-    };
-  };
-
-  getUser: NonNullable<Adapter['getUser']> = async (id) => {
-    const lobeUser = await UserModel.findById(this.db, id);
-    if (!lobeUser) return null;
-    return mapLobeUserToAdapterUser(lobeUser);
-  };
-
-  getUserByAccount: NonNullable<Adapter['getUserByAccount']> = async (account) => {
-    const result = await this.db
-      .select({
-        account: nextauthAccounts,
-        users,
-      })
-      .from(nextauthAccounts)
-      .innerJoin(users, eq(nextauthAccounts.userId, users.id))
-      .where(
-        and(
-          eq(nextauthAccounts.provider, account.provider),
-          eq(nextauthAccounts.providerAccountId, account.providerAccountId),
-        ),
-      )
-      .then((res: any) => res[0]);
-
-    return result?.users ? mapLobeUserToAdapterUser(result.users) : null;
-  };
-
-  getUserByEmail: NonNullable<Adapter['getUserByEmail']> = async (email) => {
-    const lobeUser =
-      email && typeof email === 'string' && email.trim()
-        ? await UserModel.findByEmail(this.db, email)
-        : undefined;
-    return lobeUser ? mapLobeUserToAdapterUser(lobeUser) : null;
-  };
-
-  linkAccount: NonNullable<Adapter['linkAccount']> = async (data) => {
-    const [account] = await this.db
-      .insert(nextauthAccounts)
-      .values(data as any)
-      .returning();
-    if (!account) throw new Error('NextAuthAccountModel: Failed to create account');
-    // TODO Update type annotation
-    return account as any;
-  };
-
-  listAuthenticatorsByUserId: NonNullable<Adapter['listAuthenticatorsByUserId']> = async (
-    userId,
-  ) => {
-    const result = await this.db
-      .select()
-      .from(nextauthAuthenticators)
-      .where(eq(nextauthAuthenticators.userId, userId))
-      .then((res: any) => res);
-    if (result.length === 0)
-      throw new Error('NextAuthUserService: Failed to get authenticator list');
-    return result.map((r: any) => mapAuthenticatorQueryResutlToAdapterAuthenticator(r));
-  };
-
-  unlinkAccount: NonNullable<Adapter['unlinkAccount']> = async (account) => {
-    await this.db
-      .delete(nextauthAccounts)
-      .where(
-        and(
-          eq(nextauthAccounts.provider, account.provider),
-          eq(nextauthAccounts.providerAccountId, account.providerAccountId),
-        ),
-      );
-  };
-
-  updateAuthenticatorCounter: NonNullable<Adapter['updateAuthenticatorCounter']> = async (
-    credentialID,
-    counter,
-  ) => {
-    const result = await this.db
-      .update(nextauthAuthenticators)
-      .set({ counter })
-      .where(eq(nextauthAuthenticators.credentialID, credentialID))
-      .returning()
-      .then((res: any) => res[0]);
-    if (!result) throw new Error('NextAuthUserService: Failed to update authenticator counter');
-    return mapAuthenticatorQueryResutlToAdapterAuthenticator(result);
-  };
-
-  updateSession: NonNullable<Adapter['updateSession']> = async (data) => {
-    const res = await this.db
-      .update(nextauthSessions)
-      .set(data)
-      .where(eq(nextauthSessions.sessionToken, data.sessionToken))
-      .returning();
-    return res[0];
-  };
-
-  updateUser: NonNullable<Adapter['updateUser']> = async (user) => {
-    const lobeUser = await UserModel.findById(this.db, user?.id);
-    if (!lobeUser) throw new Error('NextAuth: User not found');
-    const userModel = new UserModel(this.db, user.id);
-
-    const updatedUser = await userModel.updateUser({
-      ...partialMapAdapterUserToLobeUser(user),
-    });
-    if (!updatedUser) throw new Error('NextAuth: Failed to update user');
-
-    // merge new user data with old user data
-    const newAdapterUser = mapLobeUserToAdapterUser(lobeUser);
-    if (!newAdapterUser) {
-      throw new Error('NextAuth: Failed to map user data to adapter user');
-    }
-    return merge(newAdapterUser, user);
-  };
-
-  useVerificationToken: NonNullable<Adapter['useVerificationToken']> = async (identifier_token) => {
-    return await this.db
-      .delete(nextauthVerificationTokens)
-      .where(
-        and(
-          eq(nextauthVerificationTokens.identifier, identifier_token.identifier),
-          eq(nextauthVerificationTokens.token, identifier_token.token),
-        ),
-      )
-      .returning()
-      .then((res: any) => (res.length > 0 ? res[0] : null));
-  };
 }

package/src/app/(backend)/api/auth/adapter/route.ts

@@ -1,137 +0,0 @@
-import debug from 'debug';
-import { NextRequest, NextResponse } from 'next/server';
-
-import { serverDBEnv } from '@/config/db';
-import { serverDB } from '@/database/server';
-import { dateKeys } from '@/libs/next-auth/adapter';
-import { NextAuthUserService } from '@/server/services/nextAuthUser';
-
-const log = debug('lobe-next-auth:api:auth:adapter');
-
-/**
- * @description Process the db query for the NextAuth adapter.
- * Returns the db query result directly and let NextAuth handle the raw results.
- * @returns {
- *  success: boolean; // Only return false if the database query fails or the action is invalid.
- *  data?: any;
- *  error?: string;
- * }
- */
-export async function POST(req: NextRequest) {
-  try {
-    // try validate the request
-    if (
-      !req.headers.get('Authorization') ||
-      req.headers.get('Authorization')?.trim() !== `Bearer ${serverDBEnv.KEY_VAULTS_SECRET}`
-    ) {
-      log('Unauthorized request, missing or invalid Authorization header');
-      return NextResponse.json({ error: 'Unauthorized', success: false }, { status: 401 });
-    }
-
-    // Parse the request body
-    const data = await req.json();
-    log('Received request data:', data);
-    // Preprocess
-    if (data?.data) {
-      for (const key of dateKeys) {
-        if (data?.data && data.data[key]) {
-          data.data[key] = new Date(data.data[key]);
-          continue;
-        }
-      }
-    }
-    const service = new NextAuthUserService(serverDB);
-    let result;
-    switch (data.action) {
-      case 'createAuthenticator': {
-        result = await service.createAuthenticator(data.data);
-        break;
-      }
-      case 'createSession': {
-        result = await service.createSession(data.data);
-        break;
-      }
-      case 'createUser': {
-        result = await service.createUser(data.data);
-        break;
-      }
-      case 'createVerificationToken': {
-        result = await service.createVerificationToken(data.data);
-        break;
-      }
-      case 'deleteSession': {
-        result = await service.deleteSession(data.data);
-        break;
-      }
-      case 'deleteUser': {
-        result = await service.deleteUser(data.data);
-        break;
-      }
-      case 'getAccount': {
-        result = await service.getAccount(data.data.providerAccountId, data.data.provider);
-        break;
-      }
-      case 'getAuthenticator': {
-        result = await service.getAuthenticator(data.data);
-        break;
-      }
-      case 'getSessionAndUser': {
-        result = await service.getSessionAndUser(data.data);
-        break;
-      }
-      case 'getUser': {
-        result = await service.getUser(data.data);
-        break;
-      }
-      case 'getUserByAccount': {
-        result = await service.getUserByAccount(data.data);
-        break;
-      }
-      case 'getUserByEmail': {
-        result = await service.getUserByEmail(data.data);
-        break;
-      }
-      case 'linkAccount': {
-        result = await service.linkAccount(data.data);
-        break;
-      }
-      case 'listAuthenticatorsByUserId': {
-        result = await service.listAuthenticatorsByUserId(data.data);
-        break;
-      }
-      case 'unlinkAccount': {
-        result = await service.unlinkAccount(data.data);
-        break;
-      }
-      case 'updateAuthenticatorCounter': {
-        result = await service.updateAuthenticatorCounter(
-          data.data.credentialID,
-          data.data.counter,
-        );
-        break;
-      }
-      case 'updateSession': {
-        result = await service.updateSession(data.data);
-        break;
-      }
-      case 'updateUser': {
-        result = await service.updateUser(data.data);
-        break;
-      }
-      case 'useVerificationToken': {
-        result = await service.useVerificationToken(data.data);
-        break;
-      }
-      default: {
-        return NextResponse.json({ error: 'Invalid action', success: false }, { status: 400 });
-      }
-    }
-    return NextResponse.json({ data: result, success: true });
-  } catch (error) {
-    log('Error processing request:');
-    log(error);
-    return NextResponse.json({ error, success: false }, { status: 400 });
-  }
-}
-
-export const runtime = 'nodejs';