@lobehub/chat 1.122.6 → 1.123.0

package/src/libs/next-auth/adapter/index.ts

@@ -4,273 +4,175 @@ import type {
   AdapterUser,
   VerificationToken,
 } from '@auth/core/adapters';
-import { and, eq } from 'drizzle-orm';
-import type { NeonDatabase } from 'drizzle-orm/neon-serverless';
+import debug from 'debug';
 import { Adapter, AdapterAccount } from 'next-auth/adapters';
+import urlJoin from 'url-join';
 
-import { UserModel } from '@/database/models/user';
-import * as schema from '@/database/schemas';
-import { AgentService } from '@/server/services/agent';
-import { merge } from '@/utils/merge';
+import { serverDBEnv } from '@/config/db';
+import { appEnv } from '@/envs/app';
 
-import {
-  mapAdapterUserToLobeUser,
-  mapAuthenticatorQueryResutlToAdapterAuthenticator,
-  mapLobeUserToAdapterUser,
-  partialMapAdapterUserToLobeUser,
-} from './utils';
+const log = debug('lobe-next-auth:adapter');
 
-const {
-  nextauthAccounts,
-  nextauthAuthenticators,
-  nextauthSessions,
-  nextauthVerificationTokens,
-  users,
-} = schema;
+interface BackendAdapterResponse {
+  data?: any;
+  error?: string;
+  success: boolean;
+}
+
+// Due to use direct HTTP Post, the date string cannot parse automatically
+export const dateKeys = ['expires', 'emailVerified'];
 
 /**
  * @description LobeNextAuthDbAdapter is implemented to handle the database operations
  * for NextAuth, this function do the same things as `src/app/api/webhooks/clerk/route.ts`
  * @returns {Adapter}
  */
-export function LobeNextAuthDbAdapter(serverDB: NeonDatabase<typeof schema>): Adapter {
+export function LobeNextAuthDbAdapter(): Adapter {
+  const baseUrl = appEnv.APP_URL;
+
+  // Ensure the baseUrl is set, otherwise throw an error
+  if (!baseUrl) {
+    throw new Error('LobeNextAuthDbAdapter: APP_URL is not set in environment variables');
+  }
+  const interactionUrl = urlJoin(baseUrl, '/api/auth/adapter');
+  log(`LobeNextAuthDbAdapter initialized with url: ${interactionUrl}`);
+
+  // Ensure serverDBEnv.KEY_VAULTS_SECRET is set, otherwise throw an error
+  if (!serverDBEnv.KEY_VAULTS_SECRET) {
+    throw new Error('LobeNextAuthDbAdapter: KEY_VAULTS_SECRET is not set in environment variables');
+  }
+
+  const fetcher = (action: string, data: any) =>
+    fetch(interactionUrl, {
+      body: JSON.stringify({ action, data }),
+      headers: {
+        'Authorization': `Bearer ${serverDBEnv.KEY_VAULTS_SECRET}`,
+        'Content-Type': 'application/json',
+      },
+      method: 'POST',
+    });
+  const postProcessor = async (res: Response) => {
+    const data = (await res.json()) as BackendAdapterResponse;
+    log('LobeNextAuthDbAdapter: postProcessor called with data:', data);
+    if (!data.success) {
+      log('LobeNextAuthDbAdapter: Error in postProcessor:');
+      log(data);
+      throw new Error(`LobeNextAuthDbAdapter: ${data.error}`);
+    }
+    if (data?.data) {
+      for (const key of dateKeys) {
+        if (data.data[key]) {
+          data.data[key] = new Date(data.data[key]);
+          continue;
+        }
+      }
+    }
+    return data.data;
+  };
+
   return {
     async createAuthenticator(authenticator): Promise<AdapterAuthenticator> {
-      const result = await serverDB
-        .insert(nextauthAuthenticators)
-        .values(authenticator)
-        .returning()
-        .then((res) => res[0] ?? undefined);
-      if (!result) throw new Error('LobeNextAuthDbAdapter: Failed to create authenticator');
-      return mapAuthenticatorQueryResutlToAdapterAuthenticator(result);
+      const data = await fetcher('createAuthenticator', authenticator);
+      return await postProcessor(data);
     },
-    async createSession(data): Promise<AdapterSession> {
-      return serverDB
-        .insert(nextauthSessions)
-        .values(data)
-        .returning()
-        .then((res) => res[0]);
+    async createSession(session): Promise<AdapterSession> {
+      const data = await fetcher('createSession', session);
+      return await postProcessor(data);
     },
     async createUser(user): Promise<AdapterUser> {
-      const { id, name, email, emailVerified, image, providerAccountId } = user;
-      // return the user if it already exists
-      let existingUser =
-        email && typeof email === 'string' && email.trim()
-          ? await UserModel.findByEmail(serverDB, email)
-          : undefined;
-      // If the user is not found by email, try to find by providerAccountId
-      if (!existingUser && providerAccountId) {
-        existingUser = await UserModel.findById(serverDB, providerAccountId);
-      }
-      if (existingUser) {
-        const adapterUser = mapLobeUserToAdapterUser(existingUser);
-        return adapterUser;
-      }
-
-      // create a new user if it does not exist
-      // Use id from provider if it exists, otherwise use id assigned by next-auth
-      // ref: https://github.com/lobehub/lobe-chat/pull/2935
-      const uid = providerAccountId ?? id;
-      await UserModel.createUser(
-        serverDB,
-        mapAdapterUserToLobeUser({
-          email,
-          emailVerified,
-          // Use providerAccountId as userid to identify if the user exists in a SSO provider
-          id: uid,
-          image,
-          name,
-        }),
-      );
-
-      // 3. Create an inbox session for the user
-      const agentService = new AgentService(serverDB, uid);
-      await agentService.createInbox();
-
-      return { ...user, id: uid };
+      const data = await fetcher('createUser', user);
+      return await postProcessor(data);
     },
     async createVerificationToken(data): Promise<VerificationToken | null | undefined> {
-      return serverDB
-        .insert(nextauthVerificationTokens)
-        .values(data)
-        .returning()
-        .then((res) => res[0]);
+      const result = await fetcher('createVerificationToken', data);
+      return await postProcessor(result);
     },
     async deleteSession(sessionToken): Promise<AdapterSession | null | undefined> {
-      await serverDB
-        .delete(nextauthSessions)
-        .where(eq(nextauthSessions.sessionToken, sessionToken));
+      const result = await fetcher('deleteSession', sessionToken);
+      await postProcessor(result);
       return;
     },
     async deleteUser(id): Promise<AdapterUser | null | undefined> {
-      const user = await UserModel.findById(serverDB, id);
-      if (!user) throw new Error('NextAuth: Delete User not found');
-
-      await UserModel.deleteUser(serverDB, id);
+      const result = await fetcher('deleteUser', id);
+      await postProcessor(result);
       return;
     },
 
     async getAccount(providerAccountId, provider): Promise<AdapterAccount | null> {
-      return serverDB
-        .select()
-        .from(nextauthAccounts)
-        .where(
-          and(
-            eq(nextauthAccounts.provider, provider),
-            eq(nextauthAccounts.providerAccountId, providerAccountId),
-          ),
-        )
-        .then((res) => res[0] ?? null) as Promise<AdapterAccount | null>;
+      const data = await fetcher('getAccount', {
+        provider,
+        providerAccountId,
+      });
+      return await postProcessor(data);
     },
 
     async getAuthenticator(credentialID): Promise<AdapterAuthenticator | null> {
-      const result = await serverDB
-        .select()
-        .from(nextauthAuthenticators)
-        .where(eq(nextauthAuthenticators.credentialID, credentialID))
-        .then((res) => res[0] ?? null);
-      if (!result) throw new Error('LobeNextAuthDbAdapter: Failed to get authenticator');
-      return mapAuthenticatorQueryResutlToAdapterAuthenticator(result);
+      const result = await fetcher('getAuthenticator', credentialID);
+      return await postProcessor(result);
     },
 
     async getSessionAndUser(sessionToken): Promise<{
       session: AdapterSession;
       user: AdapterUser;
     } | null> {
-      const result = await serverDB
-        .select({
-          session: nextauthSessions,
-          user: users,
-        })
-        .from(nextauthSessions)
-        .where(eq(nextauthSessions.sessionToken, sessionToken))
-        .innerJoin(users, eq(users.id, nextauthSessions.userId))
-        .then((res) => (res.length > 0 ? res[0] : null));
-
-      if (!result) return null;
-      const adapterUser = mapLobeUserToAdapterUser(result.user);
-      if (!adapterUser) return null;
-      return {
-        session: result.session,
-        user: adapterUser,
-      };
+      const result = await fetcher('getSessionAndUser', sessionToken);
+      return await postProcessor(result);
     },
 
     async getUser(id): Promise<AdapterUser | null> {
-      const lobeUser = await UserModel.findById(serverDB, id);
-      if (!lobeUser) return null;
-      return mapLobeUserToAdapterUser(lobeUser);
+      log('getUser called with id:', id);
+      const result = await fetcher('getUser', id);
+      return await postProcessor(result);
     },
 
     async getUserByAccount(account): Promise<AdapterUser | null> {
-      const result = await serverDB
-        .select({
-          account: nextauthAccounts,
-          users,
-        })
-        .from(nextauthAccounts)
-        .innerJoin(users, eq(nextauthAccounts.userId, users.id))
-        .where(
-          and(
-            eq(nextauthAccounts.provider, account.provider),
-            eq(nextauthAccounts.providerAccountId, account.providerAccountId),
-          ),
-        )
-        .then((res) => res[0]);
-
-      return result?.users ? mapLobeUserToAdapterUser(result.users) : null;
+      const data = await fetcher('getUserByAccount', account);
+      return await postProcessor(data);
     },
 
     async getUserByEmail(email): Promise<AdapterUser | null> {
-      const lobeUser =
-        email && typeof email === 'string' && email.trim()
-          ? await UserModel.findByEmail(serverDB, email)
-          : undefined;
-      return lobeUser ? mapLobeUserToAdapterUser(lobeUser) : null;
+      const data = await fetcher('getUserByEmail', email);
+      return await postProcessor(data);
     },
 
     async linkAccount(data): Promise<AdapterAccount | null | undefined> {
-      const [account] = await serverDB
-        .insert(nextauthAccounts)
-        .values(data as any)
-        .returning();
-      if (!account) throw new Error('NextAuthAccountModel: Failed to create account');
-      // TODO Update type annotation
-      return account as any;
+      const result = await fetcher('linkAccount', data);
+      return await postProcessor(result);
     },
 
     async listAuthenticatorsByUserId(userId): Promise<AdapterAuthenticator[]> {
-      const result = await serverDB
-        .select()
-        .from(nextauthAuthenticators)
-        .where(eq(nextauthAuthenticators.userId, userId))
-        .then((res) => res);
-      if (result.length === 0)
-        throw new Error('LobeNextAuthDbAdapter: Failed to get authenticator list');
-      return result.map((r) => mapAuthenticatorQueryResutlToAdapterAuthenticator(r));
+      const result = await fetcher('listAuthenticatorsByUserId', userId);
+      return await postProcessor(result);
     },
 
     // @ts-ignore: The return type is {Promise<void> | Awaitable<AdapterAccount | undefined>}
     async unlinkAccount(account): Promise<void | AdapterAccount | undefined> {
-      await serverDB
-        .delete(nextauthAccounts)
-        .where(
-          and(
-            eq(nextauthAccounts.provider, account.provider),
-            eq(nextauthAccounts.providerAccountId, account.providerAccountId),
-          ),
-        );
+      const result = await fetcher('unlinkAccount', account);
+      await postProcessor(result);
+      return;
     },
 
     async updateAuthenticatorCounter(credentialID, counter): Promise<AdapterAuthenticator> {
-      const result = await serverDB
-        .update(nextauthAuthenticators)
-        .set({ counter })
-        .where(eq(nextauthAuthenticators.credentialID, credentialID))
-        .returning()
-        .then((res) => res[0]);
-      if (!result) throw new Error('LobeNextAuthDbAdapter: Failed to update authenticator counter');
-      return mapAuthenticatorQueryResutlToAdapterAuthenticator(result);
+      const result = await fetcher('updateAuthenticatorCounter', {
+        counter,
+        credentialID,
+      });
+      return await postProcessor(result);
     },
 
     async updateSession(data): Promise<AdapterSession | null | undefined> {
-      const res = await serverDB
-        .update(nextauthSessions)
-        .set(data)
-        .where(eq(nextauthSessions.sessionToken, data.sessionToken))
-        .returning();
-      return res[0];
+      const result = await fetcher('updateSession', data);
+      return await postProcessor(result);
     },
 
     async updateUser(user): Promise<AdapterUser> {
-      const lobeUser = await UserModel.findById(serverDB, user?.id);
-      if (!lobeUser) throw new Error('NextAuth: User not found');
-      const userModel = new UserModel(serverDB, user.id);
-
-      const updatedUser = await userModel.updateUser({
-        ...partialMapAdapterUserToLobeUser(user),
-      });
-      if (!updatedUser) throw new Error('NextAuth: Failed to update user');
-
-      // merge new user data with old user data
-      const newAdapterUser = mapLobeUserToAdapterUser(lobeUser);
-      if (!newAdapterUser) {
-        throw new Error('NextAuth: Failed to map user data to adapter user');
-      }
-      return merge(newAdapterUser, user);
+      const result = await fetcher('updateUser', user);
+      return await postProcessor(result);
     },
 
     async useVerificationToken(identifier_token): Promise<VerificationToken | null> {
-      return serverDB
-        .delete(nextauthVerificationTokens)
-        .where(
-          and(
-            eq(nextauthVerificationTokens.identifier, identifier_token.identifier),
-            eq(nextauthVerificationTokens.token, identifier_token.token),
-          ),
-        )
-        .returning()
-        .then((res) => (res.length > 0 ? res[0] : null));
+      const result = await fetcher('useVerificationToken', identifier_token);
+      return await postProcessor(result);
     },
   };
 }

package/src/libs/next-auth/auth.config.ts

@@ -1,12 +1,24 @@
 import type { NextAuthConfig } from 'next-auth';
 
-import { authEnv } from '@/config/auth';
+import { getAuthConfig } from '@/config/auth';
+import { getServerDBConfig } from '@/config/db';
 
+import { LobeNextAuthDbAdapter } from './adapter';
 import { ssoProviders } from './sso-providers';
 
+const {
+  NEXT_AUTH_DEBUG,
+  NEXT_AUTH_SECRET,
+  NEXT_AUTH_SSO_SESSION_STRATEGY,
+  NEXT_AUTH_SSO_PROVIDERS,
+  NEXT_PUBLIC_ENABLE_NEXT_AUTH,
+} = getAuthConfig();
+
+const { NEXT_PUBLIC_ENABLED_SERVER_SERVICE } = getServerDBConfig();
+
 export const initSSOProviders = () => {
-  return authEnv.NEXT_PUBLIC_ENABLE_NEXT_AUTH
-    ? authEnv.NEXT_AUTH_SSO_PROVIDERS.split(/[,，]/).map((provider) => {
+  return NEXT_PUBLIC_ENABLE_NEXT_AUTH
+    ? NEXT_AUTH_SSO_PROVIDERS.split(/[,，]/).map((provider) => {
         const validProvider = ssoProviders.find((item) => item.id === provider.trim());
 
         if (validProvider) return validProvider.provider;
@@ -18,6 +30,7 @@ export const initSSOProviders = () => {
 
 // Notice this is only an object, not a full Auth.js instance
 export default {
+  adapter: NEXT_PUBLIC_ENABLED_SERVER_SERVICE ? LobeNextAuthDbAdapter() : undefined,
   callbacks: {
     // Note: Data processing order of callback: authorize --> jwt --> session
     async jwt({ token, user }) {
@@ -39,12 +52,16 @@ export default {
       return session;
     },
   },
-  debug: authEnv.NEXT_AUTH_DEBUG,
+  debug: NEXT_AUTH_DEBUG,
   pages: {
     error: '/next-auth/error',
     signIn: '/next-auth/signin',
   },
   providers: initSSOProviders(),
-  secret: authEnv.NEXT_AUTH_SECRET,
+  secret: NEXT_AUTH_SECRET,
+  session: {
+    // Force use JWT if server service is disabled
+    strategy: NEXT_PUBLIC_ENABLED_SERVER_SERVICE ? NEXT_AUTH_SSO_SESSION_STRATEGY : 'jwt',
+  },
   trustHost: process.env?.AUTH_TRUST_HOST ? process.env.AUTH_TRUST_HOST === 'true' : true,
 } satisfies NextAuthConfig;

package/src/libs/next-auth/index.ts

@@ -1,33 +1,20 @@
 import NextAuth from 'next-auth';
 
-import { getServerDBConfig } from '@/config/db';
-import { serverDB } from '@/database/server';
-
-import { LobeNextAuthDbAdapter } from './adapter';
-import config from './auth.config';
-
-const { NEXT_PUBLIC_ENABLED_SERVER_SERVICE } = getServerDBConfig();
+import authConfig from './auth.config';
 
 /**
- * NextAuth initialization with Database adapter
+ * NextAuth initialization without Database adapter
+ *
+ * @note
+ * We currently use `jwt` strategy for session management.
+ * So you don't need to import `signIn` or `signOut` from
+ * this module, just import from `next-auth` directly.
  *
+ * Inside react component
  * @example
  * ```ts
- * import NextAuthNode from '@/libs/next-auth';
- * const { handlers } = NextAuthNode;
+ * import { signOut } from 'next-auth/react';
+ * signOut();
  * ```
- *
- * @note
- * If you meet the edge runtime compatible problem,
- * you can import from `@/libs/next-auth/edge` which is not initial with the database adapter.
- *
- * The difference and usage of the two different NextAuth modules is can be
- * ref to: https://github.com/lobehub/lobe-chat/pull/2935
  */
-export default NextAuth({
-  ...config,
-  adapter: NEXT_PUBLIC_ENABLED_SERVER_SERVICE ? LobeNextAuthDbAdapter(serverDB) : undefined,
-  session: {
-    strategy: 'jwt',
-  },
-});
+export default NextAuth(authConfig);

package/src/libs/trpc/edge/context.ts

@@ -54,9 +54,9 @@ export const createEdgeContext = async (request: NextRequest): Promise<EdgeConte
 
   if (enableNextAuth) {
     try {
-      const { default: NextAuthEdge } = await import('@/libs/next-auth/edge');
+      const { default: NextAuth } = await import('@/libs/next-auth');
 
-      const session = await NextAuthEdge.auth();
+      const session = await NextAuth.auth();
       if (session && session?.user?.id) {
         auth = session.user;
         userId = session.user.id;

package/src/libs/trpc/lambda/context.ts

@@ -161,9 +161,9 @@ export const createLambdaContext = async (request: NextRequest): Promise<LambdaC
   if (enableNextAuth) {
     log('Attempting NextAuth authentication');
     try {
-      const { default: NextAuthEdge } = await import('@/libs/next-auth/edge');
+      const { default: NextAuth } = await import('@/libs/next-auth');
 
-      const session = await NextAuthEdge.auth();
+      const session = await NextAuth.auth();
       if (session && session?.user?.id) {
         auth = session.user;
         userId = session.user.id;

package/src/locales/default/modelProvider.ts

@@ -156,6 +156,28 @@ export default {
     searchProviders: '搜索服务商...',
     sort: '自定义排序',
   },
+  newapi: {
+    apiKey: {
+      desc: 'New API 平台提供的 API 密钥',
+      placeholder: 'New API API 密钥',
+      required: 'API 密钥是必需的',
+      title: 'API 密钥',
+    },
+    apiUrl: {
+      desc: 'New API 服务的 API 地址，大部分时候需要带 /v1',
+      title: 'API 地址',
+    },
+    enabled: {
+      title: '启用 New API',
+    },
+    models: {
+      batchSelect: '批量选择模型 ({{count}} 个)',
+      fetch: '获取模型列表',
+      selected: '已选择的模型',
+      title: '可用模型',
+    },
+    title: 'New API',
+  },
   ollama: {
     checker: {
       desc: '测试代理地址是否正确填写',
@@ -188,6 +210,10 @@ export default {
     },
   },
   providerModels: {
+    batchSelect: {
+      selected: '已选择 {{count}} 个模型',
+      title: '批量选择',
+    },
     config: {
       aesGcm: '您的秘钥与代理地址等将使用 <1>AES-GCM</1> 加密算法进行加密',
       apiKey: {

package/src/middleware.ts

@@ -10,7 +10,7 @@ import { OAUTH_AUTHORIZED } from '@/const/auth';
 import { LOBE_LOCALE_COOKIE } from '@/const/locale';
 import { LOBE_THEME_APPEARANCE } from '@/const/theme';
 import { appEnv } from '@/envs/app';
-import NextAuthEdge from '@/libs/next-auth/edge';
+import NextAuth from '@/libs/next-auth';
 import { Locales } from '@/locales/resources';
 
 import { oidcEnv } from './envs/oidc';
@@ -170,7 +170,7 @@ const isProtectedRoute = createRouteMatcher([
 ]);
 
 // Initialize an Edge compatible NextAuth middleware
-const nextAuthMiddleware = NextAuthEdge.auth(async (req) => {
+const nextAuthMiddleware = NextAuth.auth((req) => {
   logNextAuth('NextAuth middleware processing request: %s %s', req.method, req.url);
 
   const response = defaultMiddleware(req);

package/src/server/routers/lambda/user.test.ts

@@ -6,8 +6,8 @@ import { MessageModel } from '@/database/models/message';
 import { SessionModel } from '@/database/models/session';
 import { UserModel, UserNotFoundError } from '@/database/models/user';
 import { serverDB } from '@/database/server';
-import { LobeNextAuthDbAdapter } from '@/libs/next-auth/adapter';
 import { KeyVaultsGateKeeper } from '@/server/modules/KeyVaultsEncrypt';
+import { NextAuthUserService } from '@/server/services/nextAuthUser';
 import { UserService } from '@/server/services/user';
 
 import { userRouter } from './user';
@@ -24,10 +24,10 @@ vi.mock('@/database/server', () => ({
 vi.mock('@/database/models/message');
 vi.mock('@/database/models/session');
 vi.mock('@/database/models/user');
-vi.mock('@/libs/next-auth/adapter');
 vi.mock('@/server/modules/KeyVaultsEncrypt');
 vi.mock('@/server/modules/S3');
 vi.mock('@/server/services/user');
+vi.mock('@/server/services/nextAuthUser');
 vi.mock('@/const/auth', () => ({
   enableClerk: true,
 }));
@@ -221,7 +221,7 @@ describe('userRouter', () => {
         type: 'oauth',
       };
 
-      vi.mocked(LobeNextAuthDbAdapter).mockReturnValue({
+      vi.mocked(NextAuthUserService).mockReturnValue({
         getAccount: vi.fn().mockResolvedValue(mockAccount),
         unlinkAccount: vi.fn().mockResolvedValue(undefined),
       } as any);
@@ -237,7 +237,7 @@ describe('userRouter', () => {
         providerAccountId: '123',
       };
 
-      vi.mocked(LobeNextAuthDbAdapter).mockReturnValue({
+      vi.mocked(NextAuthUserService).mockReturnValue({
         getAccount: vi.fn().mockResolvedValue(null),
         unlinkAccount: vi.fn(),
       } as any);
@@ -246,19 +246,6 @@ describe('userRouter', () => {
         userRouter.createCaller({ ...mockCtx }).unlinkSSOProvider(mockInput),
       ).rejects.toThrow('The account does not exist');
     });
-
-    it('should throw error if adapter methods are not implemented', async () => {
-      const mockInput = {
-        provider: 'google',
-        providerAccountId: '123',
-      };
-
-      vi.mocked(LobeNextAuthDbAdapter).mockReturnValue({} as any);
-
-      await expect(
-        userRouter.createCaller({ ...mockCtx }).unlinkSSOProvider(mockInput),
-      ).rejects.toThrow('The method in LobeNextAuthDbAdapter `unlinkAccount` is not implemented');
-    });
   });
 
   describe('updateSettings', () => {

package/src/server/routers/lambda/user.ts

@@ -9,12 +9,12 @@ import { SessionModel } from '@/database/models/session';
 import { UserModel, UserNotFoundError } from '@/database/models/user';
 import { ClerkAuth } from '@/libs/clerk-auth';
 import { pino } from '@/libs/logger';
-import { LobeNextAuthDbAdapter } from '@/libs/next-auth/adapter';
 import { authedProcedure, router } from '@/libs/trpc/lambda';
 import { serverDatabase } from '@/libs/trpc/lambda/middleware';
 import { KeyVaultsGateKeeper } from '@/server/modules/KeyVaultsEncrypt';
 import { S3 } from '@/server/modules/S3';
 import { FileService } from '@/server/services/file';
+import { NextAuthUserService } from '@/server/services/nextAuthUser';
 import { UserService } from '@/server/services/user';
 import {
   NextAuthAccountSchame,
@@ -29,7 +29,7 @@ const userProcedure = authedProcedure.use(serverDatabase).use(async ({ ctx, next
     ctx: {
       clerkAuth: new ClerkAuth(),
       fileService: new FileService(ctx.serverDB, ctx.userId),
-      nextAuthDbAdapter: LobeNextAuthDbAdapter(ctx.serverDB),
+      nextAuthUserService: new NextAuthUserService(ctx.serverDB),
       userModel: new UserModel(ctx.serverDB, ctx.userId),
     },
   });
@@ -134,19 +134,10 @@ export const userRouter = router({
 
   unlinkSSOProvider: userProcedure.input(NextAuthAccountSchame).mutation(async ({ ctx, input }) => {
     const { provider, providerAccountId } = input;
-    if (
-      ctx.nextAuthDbAdapter?.unlinkAccount &&
-      typeof ctx.nextAuthDbAdapter.unlinkAccount === 'function' &&
-      ctx.nextAuthDbAdapter?.getAccount &&
-      typeof ctx.nextAuthDbAdapter.getAccount === 'function'
-    ) {
-      const account = await ctx.nextAuthDbAdapter.getAccount(providerAccountId, provider);
-      // The userId can either get from ctx.nextAuth?.id or ctx.userId
-      if (!account || account.userId !== ctx.userId) throw new Error('The account does not exist');
-      await ctx.nextAuthDbAdapter.unlinkAccount({ provider, providerAccountId });
-    } else {
-      throw new Error('The method in LobeNextAuthDbAdapter `unlinkAccount` is not implemented');
-    }
+    const account = await ctx.nextAuthUserService.getAccount(providerAccountId, provider);
+    // The userId can either get from ctx.nextAuth?.id or ctx.userId
+    if (!account || account.userId !== ctx.userId) throw new Error('The account does not exist');
+    await ctx.nextAuthUserService.unlinkAccount({ provider, providerAccountId });
   }),
 
   // 服务端上传头像