@lobehub/chat 1.44.2 → 1.45.0

package/docs/self-hosting/advanced/auth/clerk.zh-CN.mdx

@@ -10,63 +10,49 @@ tags:
 
 # 配置 Clerk 身份验证服务
 
-前往 [Clerk](https://clerk.com?utm_source=lobehub&utm_medium=docs) 注册并创建应用，获取相应的 Public Key 和 Secret Key。
+前往 [Clerk](https://clerk.com?utm_source=lobehub\&utm_medium=docs) 注册并创建应用，获取相应的 Public Key 和 Secret Key。
 
 ## 获取环境变量
 
 <Steps>
+  ### 添加公、私钥环境变量
 
-### 添加公、私钥环境变量
+  添加 `NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY` 和 `CLERK_SECRET_KEY` 环境变量。你可以在菜单中点击「API Keys」，然后复制对应的值获取该环境变量。
 
-添加 `NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY` 和 `CLERK_SECRET_KEY` 环境变量。你可以在菜单中点击「API Keys」，然后复制对应的值获取该环境变量。
+  <Image alt={'在 Clerk 中找到对应的公私钥环境变量'} src={'https://github.com/lobehub/lobe-chat/assets/28616219/89883703-7a1a-4a11-b944-5d804544e57c'} />
 
-<Image
-  alt={'在 Clerk 中找到对应的公私钥环境变量'}
-  src={'https://github.com/lobehub/lobe-chat/assets/28616219/89883703-7a1a-4a11-b944-5d804544e57c'}
-/>
+  此步骤所需的环境变量如下：
 
-此步骤所需的环境变量如下：
+  ```shell
+  NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY=pk_live_xxxxxxxxxxx
+  CLERK_SECRET_KEY=sk_live_xxxxxxxxxxxxxxxxxxxxxx
+  ```
 
-```shell
-NEXT_PUBLIC_CLERK_PUBLISHABLE_KEY=pk_live_xxxxxxxxxxx
-CLERK_SECRET_KEY=sk_live_xxxxxxxxxxxxxxxxxxxxxx
-```
+  ### 在 Clerk 中创建并配置 Webhook
 
-### 在 Clerk 中创建并配置 Webhook
+  由于我们让 Clerk 完全接管用户鉴权与管理，因此我们需要在 Clerk 用户生命周期变更时（创建、更新、删除）中通知我们的应用并存储落库。我们通过 Clerk 提供的 Webhook 来实现这一诉求。
 
-由于我们让 Clerk 完全接管用户鉴权与管理，因此我们需要在 Clerk 用户生命周期变更时（创建、更新、删除）中通知我们的应用并存储落库。我们通过 Clerk 提供的 Webhook 来实现这一诉求。
+  我们需要在 Clerk 的 Webhooks 中添加一个端点（Endpoint），告诉 Clerk 当用户发生变更时，向这个端点发送通知。
 
-我们需要在 Clerk 的 Webhooks 中添加一个端点（Endpoint），告诉 Clerk 当用户发生变更时，向这个端点发送通知。
+  <Image alt={'Clerk 添加 Webhooks 端点'} src={'https://github.com/lobehub/lobe-chat/assets/28616219/f50f47fb-5e8e-4930-bf4e-8cf6f5b8afb9'} />
 
-<Image
-  alt={'Clerk 添加 Webhooks 端点'}
-  src={'https://github.com/lobehub/lobe-chat/assets/28616219/f50f47fb-5e8e-4930-bf4e-8cf6f5b8afb9'}
-/>
+  在 endppint 中填写你的项目 URL，如 `https://your-project.com/api/webhooks/clerk`。然后在订阅事件（Subscribe to events）中，勾选 user 的三个事件（`user.created` 、`user.deleted`、`user.updated`），然后点击创建。
 
-在 endppint 中填写你的项目 URL，如 `https://your-project.com/api/webhooks/clerk`。然后在订阅事件（Subscribe to events）中，勾选 user 的三个事件（`user.created` 、`user.deleted`、`user.updated`），然后点击创建。
+  <Callout type={'warning'}>URL 的`https://`不可缺失，须保持 URL 的完整性</Callout>
 
-<Callout type={'warning'}>URL的`https://`不可缺失，须保持URL的完整性</Callout>
+  <Image alt={'添加 Clerk Webhooks 时，配置 URL 和用户事件'} src={'https://github.com/lobehub/lobe-chat/assets/28616219/0249ea56-ab17-4aa9-a56c-9ebd556c2645'} />
 
-<Image
-  alt={'添加 Clerk Webhooks 时，配置 URL 和用户事件'}
-  src={'https://github.com/lobehub/lobe-chat/assets/28616219/0249ea56-ab17-4aa9-a56c-9ebd556c2645'}
-/>
+  ### 将 Webhook 秘钥添加到环境变量
 
-### 将 Webhook 秘钥添加到环境变量
+  创建完毕后，可以在右下角找到该 Webhook 的秘钥：
 
-创建完毕后，可以在右下角找到该 Webhook 的秘钥：
+  <Image alt={'查看 Clerk Webhooks 秘钥'} src={'https://github.com/lobehub/lobe-chat/assets/28616219/fab4abb2-584b-49de-9340-813382951635'} />
 
-<Image
-  alt={'查看 Clerk Webhooks 秘钥'}
-  src={'https://github.com/lobehub/lobe-chat/assets/28616219/fab4abb2-584b-49de-9340-813382951635'}
-/>
-
-这个秘钥所对应的环境变量名为 `CLERK_WEBHOOK_SECRET`：
-
-```shell
-CLERK_WEBHOOK_SECRET=whsec_xxxxxxxxxxxxxxxxxxxxxx
-```
+  这个秘钥所对应的环境变量名为 `CLERK_WEBHOOK_SECRET`：
 
+  ```shell
+  CLERK_WEBHOOK_SECRET=whsec_xxxxxxxxxxxxxxxxxxxxxx
+  ```
 </Steps>
 
 这样，你已经成功配置了 Clerk 身份验证服务。

package/docs/self-hosting/advanced/auth/next-auth/auth0.mdx

@@ -19,74 +19,53 @@ tags:
 <Steps>
   ### Create Auth0 Application
 
-Register and log in to [Auth0][auth0-client-page], click on the "Applications" in the left navigation bar to switch to the application management interface, and click "Create Application" in the upper right corner to create an application.
+  Register and log in to [Auth0][auth0-client-page], click on the "Applications" in the left navigation bar to switch to the application management interface, and click "Create Application" in the upper right corner to create an application.
 
-<Image
-  alt="Create Auth0 Application S1"
-  inStep
-  src="https://github.com/lobehub/lobe-chat/assets/30863298/f068190f-0027-4d3b-8667-d632e43d5a86"
-/>
+  <Image alt="Create Auth0 Application S1" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/f068190f-0027-4d3b-8667-d632e43d5a86" />
 
-Fill in the application name you want to display to the organization users, choose any application type, and click "Create".
+  Fill in the application name you want to display to the organization users, choose any application type, and click "Create".
 
-<Image
-  alt="Create Auth0 Application S2"
-  inStep
-  src="https://github.com/lobehub/lobe-chat/assets/30863298/3e0082df-9b6f-46f3-b67f-bdc79e1eb2cc"
-/>
+  <Image alt="Create Auth0 Application S2" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/3e0082df-9b6f-46f3-b67f-bdc79e1eb2cc" />
 
-After successful creation, click on the corresponding application to enter the application details page, switch to the "Settings" tab, and you can see the corresponding configuration information.
+  After successful creation, click on the corresponding application to enter the application details page, switch to the "Settings" tab, and you can see the corresponding configuration information.
 
-<Image
-  alt="Create Auth0 Application S3"
-  inStep
-  src="https://github.com/lobehub/lobe-chat/assets/30863298/df4cea85-616a-46f5-b2de-42725d9b82a6"
-/>
+  <Image alt="Create Auth0 Application S3" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/df4cea85-616a-46f5-b2de-42725d9b82a6" />
 
-In the application configuration page, you also need to configure Allowed Callback URLs, where you should fill in:
+  In the application configuration page, you also need to configure Allowed Callback URLs, where you should fill in:
 
-```bash
-http(s)://your-domain/api/auth/callback/auth0
-```
+  ```bash
+  http(s)://your-domain/api/auth/callback/auth0
+  ```
 
-<Image
-  alt="Create Auth0 Application S4"
-  inStep
-  src="https://github.com/lobehub/lobe-chat/assets/30863298/62fbd09f-a69a-4460-949b-0f6285fa65b9"
-/>
+  <Image alt="Create Auth0 Application S4" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/62fbd09f-a69a-4460-949b-0f6285fa65b9" />
 
-<Callout type={'important'}>
-  You can fill in or modify Allowed Callback URLs after deployment, but make sure the filled URL is
-  consistent with the deployed URL.
-</Callout>
+  <Callout type={'important'}>
+    You can fill in or modify Allowed Callback URLs after deployment, but make sure the filled URL is
+    consistent with the deployed URL.
+  </Callout>
 
-### Add Users
+  ### Add Users
 
-Click on the "Users Management" in the left navigation bar to enter the user management interface, where you can create users for your organization to log in to LobeChat.
+  Click on the "Users Management" in the left navigation bar to enter the user management interface, where you can create users for your organization to log in to LobeChat.
 
-<Image
-  alt="Add Users"
-  inStep
-  src="https://github.com/lobehub/lobe-chat/assets/30863298/0beda150-d0b6-43cf-a9f1-fce928b83a96"
-/>
+  <Image alt="Add Users" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/0beda150-d0b6-43cf-a9f1-fce928b83a96" />
 
-### Configure Environment Variables
+  ### Configure Environment Variables
 
-When deploying LobeChat, you need to configure the following environment variables:
+  When deploying LobeChat, you need to configure the following environment variables:
 
-| Environment Variable | Type | Description |
-| --- | --- | --- |
-| `NEXT_AUTH_SECRET` | Required | Key used to encrypt Auth.js session tokens. You can generate a key using the following command: `openssl rand -base64 32` |
-| `NEXT_AUTH_SSO_PROVIDERS` | Required | Select the single sign-on provider for LoboChat. Use `auth0` for Auth0. |
-| `AUTH_AUTH0_ID` | Required | Client ID of the Auth0 application |
-| `AUTH_AUTH0_SECRET` | Required | Client Secret of the Auth0 application |
-| `AUTH_AUTH0_ISSUER` | Required | Domain of the Auth0 application, `https://example.auth0.com` |
-| `NEXTAUTH_URL` | Required | The URL is used to specify the callback address for the execution of OAuth authentication in Auth.js. It needs to be set only when the default address is incorrect. `https://example.com/api/auth` |
+  | Environment Variable      | Type     | Description                                                                                                                                                                                         |
+  | ------------------------- | -------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+  | `NEXT_AUTH_SECRET`        | Required | Key used to encrypt Auth.js session tokens. You can generate a key using the following command: `openssl rand -base64 32`                                                                           |
+  | `NEXT_AUTH_SSO_PROVIDERS` | Required | Select the single sign-on provider for LoboChat. Use `auth0` for Auth0.                                                                                                                             |
+  | `AUTH_AUTH0_ID`           | Required | Client ID of the Auth0 application                                                                                                                                                                  |
+  | `AUTH_AUTH0_SECRET`       | Required | Client Secret of the Auth0 application                                                                                                                                                              |
+  | `AUTH_AUTH0_ISSUER`       | Required | Domain of the Auth0 application, `https://example.auth0.com`                                                                                                                                        |
+  | `NEXTAUTH_URL`            | Required | The URL is used to specify the callback address for the execution of OAuth authentication in Auth.js. It needs to be set only when the default address is incorrect. `https://example.com/api/auth` |
 
   <Callout type={'tip'}>
     You can refer to the related variable details at [📘Environment Variables](/docs/self-hosting/environment-variable#auth0).
-
-</Callout>
+  </Callout>
 </Steps>
 
 <Callout>
@@ -102,19 +81,13 @@ If your enterprise or organization already has a unified identity authentication
 
 Auth0 supports single sign-on services such as Azure Active Directory, Slack, Google Workspace, Office 365, Zoom, and more. For a detailed list of supported services, please refer to [this link][auth0-sso-integrations].
 
-<Image
-  alt="Connecting to an Existing Single Sign-On Service"
-  src="https://github.com/lobehub/lobe-chat/assets/30863298/9891347e-a338-4aa9-8714-f16c8dbcfcec"
-/>
+<Image alt="Connecting to an Existing Single Sign-On Service" src="https://github.com/lobehub/lobe-chat/assets/30863298/9891347e-a338-4aa9-8714-f16c8dbcfcec" />
 
 ### Configuring Social Login
 
 If your enterprise or organization needs to support external user logins, you can configure social login services in Authentication -> Social.
 
-<Image
-  alt="Configuring Social Login"
-  src="https://github.com/lobehub/lobe-chat/assets/30863298/880749a6-5ba4-4e20-a968-b583a54de7fa"
-/>
+<Image alt="Configuring Social Login" src="https://github.com/lobehub/lobe-chat/assets/30863298/880749a6-5ba4-4e20-a968-b583a54de7fa" />
 
 <Callout type={'warning'}>
   Configuring social login services by default allows anyone to authenticate, which may lead to

package/docs/self-hosting/advanced/auth/next-auth/auth0.zh-CN.mdx

@@ -15,73 +15,52 @@ tags:
 <Steps>
   ### 创建 Auth0 应用
 
-注册并登录 [Auth0](https://manage.auth0.com/dashboard)，点击左侧导航栏的「Applications」，切换到应用管理界面，点击右上角「Create Application」以创建应用。
+  注册并登录 [Auth0](https://manage.auth0.com/dashboard)，点击左侧导航栏的「Applications」，切换到应用管理界面，点击右上角「Create Application」以创建应用。
 
-<Image
-  alt="创建 Auth0 应用 S1"
-  inStep
-  src="https://github.com/lobehub/lobe-chat/assets/30863298/f068190f-0027-4d3b-8667-d632e43d5a86"
-/>
+  <Image alt="创建 Auth0 应用 S1" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/f068190f-0027-4d3b-8667-d632e43d5a86" />
 
-填写你想向组织用户显示的应用名称，可选择任意应用类型，点击「Create」。
+  填写你想向组织用户显示的应用名称，可选择任意应用类型，点击「Create」。
 
-<Image
-  alt="创建 Auth0 应用 S2"
-  inStep
-  src="https://github.com/lobehub/lobe-chat/assets/30863298/3e0082df-9b6f-46f3-b67f-bdc79e1eb2cc"
-/>
+  <Image alt="创建 Auth0 应用 S2" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/3e0082df-9b6f-46f3-b67f-bdc79e1eb2cc" />
 
-创建成功后，点击相应的应用，进入应用详情页，切换到「Settings」标签页，就可以看到相应的配置信息
+  创建成功后，点击相应的应用，进入应用详情页，切换到「Settings」标签页，就可以看到相应的配置信息
 
-<Image
-  alt="创建 Auth0 应用 S3"
-  inStep
-  src="https://github.com/lobehub/lobe-chat/assets/30863298/df4cea85-616a-46f5-b2de-42725d9b82a6"
-/>
+  <Image alt="创建 Auth0 应用 S3" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/df4cea85-616a-46f5-b2de-42725d9b82a6" />
 
-在应用配置页面中，还需要配置 Allowed Callback URLs，在此处填写:
+  在应用配置页面中，还需要配置 Allowed Callback URLs，在此处填写:
 
-```bash
-http(s)://your-domain/api/auth/callback/auth0
-```
+  ```bash
+  http(s)://your-domain/api/auth/callback/auth0
+  ```
 
-<Image
-  alt="创建 Auth0 应用 S4"
-  inStep
-  src="https://github.com/lobehub/lobe-chat/assets/30863298/62fbd09f-a69a-4460-949b-0f6285fa65b9"
-/>
+  <Image alt="创建 Auth0 应用 S4" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/62fbd09f-a69a-4460-949b-0f6285fa65b9" />
 
-<Callout type={'important'}>
-  可以在部署后再填写或修改 Allowed Callback URLs，但是务必保证填写的 URL 与部署的 URL 一致
-</Callout>
+  <Callout type={'important'}>
+    可以在部署后再填写或修改 Allowed Callback URLs，但是务必保证填写的 URL 与部署的 URL 一致
+  </Callout>
 
-### 新增用户
+  ### 新增用户
 
-点击左侧导航栏的「Users Management」，进入用户管理界面，可以为你的组织新建用户，用以登录 LobeChat
+  点击左侧导航栏的「Users Management」，进入用户管理界面，可以为你的组织新建用户，用以登录 LobeChat
 
-<Image
-  alt="新增用户"
-  inStep
-  src="https://github.com/lobehub/lobe-chat/assets/30863298/0beda150-d0b6-43cf-a9f1-fce928b83a96"
-/>
+  <Image alt="新增用户" inStep src="https://github.com/lobehub/lobe-chat/assets/30863298/0beda150-d0b6-43cf-a9f1-fce928b83a96" />
 
-### 配置环境变量
+  ### 配置环境变量
 
-在部署 LobeChat 时，你需要配置以下环境变量：
+  在部署 LobeChat 时，你需要配置以下环境变量：
 
-| 环境变量 | 类型 | 描述 |
-| --- | --- | --- |
-| `NEXT_AUTH_SECRET` | 必选 | 用于加密 Auth.js 会话令牌的密钥。您可以使用以下命令生成秘钥： `openssl rand -base64 32` |
-| `NEXT_AUTH_SSO_PROVIDERS` | 必选 | 选择 LoboChat 的单点登录提供商。使用 Auth0 请填写 `auth0`。 |
-| `AUTH_AUTH0_ID` | 必选 | Auth0 应用程序的 Client ID |
-| `AUTH_AUTH0_SECRET` | 必选 | Auth0 应用程序的 Client Secret |
-| `AUTH_AUTH0_ISSUER` | 必选 | Auth0 应用程序的 Domain，`https://example.auth0.com` |
-| `NEXTAUTH_URL` | 必选 | 该 URL 用于指定 Auth.js 在执行 OAuth 验证时的回调地址，当默认生成的重定向地址发生不正确时才需要设置。`https://example.com/api/auth` |
+  | 环境变量                      | 类型 | 描述                                                                                          |
+  | ------------------------- | -- | ------------------------------------------------------------------------------------------- |
+  | `NEXT_AUTH_SECRET`        | 必选 | 用于加密 Auth.js 会话令牌的密钥。您可以使用以下命令生成秘钥： `openssl rand -base64 32`                               |
+  | `NEXT_AUTH_SSO_PROVIDERS` | 必选 | 选择 LoboChat 的单点登录提供商。使用 Auth0 请填写 `auth0`。                                                  |
+  | `AUTH_AUTH0_ID`           | 必选 | Auth0 应用程序的 Client ID                                                                       |
+  | `AUTH_AUTH0_SECRET`       | 必选 | Auth0 应用程序的 Client Secret                                                                   |
+  | `AUTH_AUTH0_ISSUER`       | 必选 | Auth0 应用程序的 Domain，`https://example.auth0.com`                                              |
+  | `NEXTAUTH_URL`            | 必选 | 该 URL 用于指定 Auth.js 在执行 OAuth 验证时的回调地址，当默认生成的重定向地址发生不正确时才需要设置。`https://example.com/api/auth` |
 
   <Callout type={'tip'}>
     前往 [📘 环境变量](/zh/docs/self-hosting/environment-variables/auth#auth-0) 可查阅相关变量详情。
-
-</Callout>
+  </Callout>
 </Steps>
 
 <Callout type={'info'}>
@@ -96,19 +75,13 @@ http(s)://your-domain/api/auth/callback/auth0
 
 Auth0 支持 Azure Active Directory / Slack / Google Workspace / Office 365 / Zoom 等单点登录服务，详细支持列表可参考 [这里](https://marketplace.auth0.com/features/sso-integrations)
 
-<Image
-  alt="Connecting to an Existing Single Sign-On Service"
-  src="https://github.com/lobehub/lobe-chat/assets/30863298/9891347e-a338-4aa9-8714-f16c8dbcfcec"
-/>
+<Image alt="Connecting to an Existing Single Sign-On Service" src="https://github.com/lobehub/lobe-chat/assets/30863298/9891347e-a338-4aa9-8714-f16c8dbcfcec" />
 
 ### 配置社交登录
 
 如果你的企业或组织需要支持外部人员登录，可以在 Authentication -> Social 中，配置社交登录服务。
 
-<Image
-  alt="Configuring Social Login"
-  src="https://github.com/lobehub/lobe-chat/assets/30863298/880749a6-5ba4-4e20-a968-b583a54de7fa"
-/>
+<Image alt="Configuring Social Login" src="https://github.com/lobehub/lobe-chat/assets/30863298/880749a6-5ba4-4e20-a968-b583a54de7fa" />
 
 <Callout type={'warning'}>
   配置社交登录服务默认会允许所有人通过认证，这可能会导致 LobeChat 被外部人员滥用。

package/docs/self-hosting/advanced/auth/next-auth/authelia.mdx

@@ -17,54 +17,54 @@ tags:
 ## Authelia Configuration Flow
 
 <Steps>
-### Create an Authelia Identity Provider
+  ### Create an Authelia Identity Provider
 
-We assume you are already familiar with using Authelia. Let's say your LobeChat instance is deployed at https://lobe.example.com/. Note that currently only localhost supports HTTP access; other domains need to enable TLS, otherwise Authelia will actively interrupt authentication by default.
+  We assume you are already familiar with using Authelia. Let's say your LobeChat instance is deployed at [https://lobe.example.com/](https://lobe.example.com/). Note that currently only localhost supports HTTP access; other domains need to enable TLS, otherwise Authelia will actively interrupt authentication by default.
 
-Now, let's open and edit the configuration file of your Authelia instance:
+  Now, let's open and edit the configuration file of your Authelia instance:
 
-Add a new lobe-chat item under identity_providers -> oidc:
+  Add a new lobe-chat item under `identity_providers` -> `oidc`:
 
-```yaml
-identity_providers:
-  oidc:
-    ...
-    ## The other portions of the mandatory OpenID Connect 1.0 configuration go here.
-    ## See: https://www.authelia.com/c/oidc
-    - id: lobe-chat
-      description: LobeChat
-      secret: '$pbkdf2-sha512$310000$c8p78n7pUMln0jzvd4aK4Q$JNRBzwAo0ek5qKn50cFzzvE9RXV88h1wJn5KGiHrD0YKtZaR/nCb2CJPOsKaPK0hjf.9yHxzQGZziziccp6Yng'  # The digest of 'insecure_secret'.
-      public: false
-      authorization_policy: two_factor
-      redirect_uris:
-        - https://chat.example.com/api/auth/callback/authelia
-      scopes:
-        - openid
-        - profile
-        - email
-      userinfo_signing_algorithm: none
-```
+  ```yaml
+  identity_providers:
+    oidc:
+      ...
+      ## The other portions of the mandatory OpenID Connect 1.0 configuration go here.
+      ## See: https://www.authelia.com/c/oidc
+      - id: lobe-chat
+        description: LobeChat
+        secret: '$pbkdf2-sha512$310000$c8p78n7pUMln0jzvd4aK4Q$JNRBzwAo0ek5qKn50cFzzvE9RXV88h1wJn5KGiHrD0YKtZaR/nCb2CJPOsKaPK0hjf.9yHxzQGZziziccp6Yng'  # The digest of 'insecure_secret'.
+        public: false
+        authorization_policy: two_factor
+        redirect_uris:
+          - https://chat.example.com/api/auth/callback/authelia
+        scopes:
+          - openid
+          - profile
+          - email
+        userinfo_signing_algorithm: none
+  ```
 
-Make sure to replace secret and redirect_urls with your own values. Note! The secret configured in Authelia is ciphertext, i.e., a salted hash value. Its corresponding plaintext needs to be filled in LobeChat later.
+  Make sure to replace secret and `redirect_urls` with your own values. Note! The secret configured in Authelia is ciphertext, i.e., a salted hash value. Its corresponding plaintext needs to be filled in LobeChat later.
 
-Save the configuration file and restart the Authelia service. Now we have completed the Authelia configuration.
+  Save the configuration file and restart the Authelia service. Now we have completed the Authelia configuration.
 
-### Configure Environment Variables
+  ### Configure Environment Variables
 
-When deploying LobeChat, you need to configure the following environment variables:
+  When deploying LobeChat, you need to configure the following environment variables:
 
-| Environment Variable | Type | Description |
-| --- | --- | --- |
-| `NEXT_AUTH_SECRET` | Required | The secret used to encrypt Auth.js session tokens. You can generate a secret using the following command: `openssl rand -base64 32` |
-| `NEXT_AUTH_SSO_PROVIDERS` | Required | Select the SSO provider for LoboChat. Use `authentik` for Authentik. |
-| `AUTH_AUTHELIA_ID` | Required | The id just configured in Authelia, example value is lobe-chat |
-| `AUTH_AUTHELIA_SECRET` | Required | The plaintext corresponding to the secret just configured in Authelia, example value is insecure_secret |
-| `AUTH_AUTHELIA_ISSUER` | Required | Your Authelia URL, for example https://sso.example.com |
-| `NEXTAUTH_URL` | Required | This URL is used to specify the callback address for Auth.js when performing OAuth verification. It only needs to be set when the default generated redirect address is incorrect. https://chat.example.com/api/auth |
+  | Environment Variable      | Type     | Description                                                                                                                                                                                                                                               |
+  | ------------------------- | -------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+  | `NEXT_AUTH_SECRET`        | Required | The secret used to encrypt Auth.js session tokens. You can generate a secret using the following command: `openssl rand -base64 32`                                                                                                                       |
+  | `NEXT_AUTH_SSO_PROVIDERS` | Required | Select the SSO provider for LoboChat. Use `authentik` for Authentik.                                                                                                                                                                                      |
+  | `AUTH_AUTHELIA_ID`        | Required | The id just configured in Authelia, example value is lobe-chat                                                                                                                                                                                            |
+  | `AUTH_AUTHELIA_SECRET`    | Required | The plaintext corresponding to the secret just configured in Authelia, example value is `insecure_secret`                                                                                                                                                 |
+  | `AUTH_AUTHELIA_ISSUER`    | Required | Your Authelia URL, for example [https://sso.example.com](https://sso.example.com)                                                                                                                                                                         |
+  | `NEXTAUTH_URL`            | Required | This URL is used to specify the callback address for Auth.js when performing OAuth verification. It only needs to be set when the default generated redirect address is incorrect. [https://chat.example.com/api/auth](https://chat.example.com/api/auth) |
 
-<Callout type={'tip'}>
-  Go to  [📘 Environment Variables](/docs/self-hosting/environment-variable#Authelia) for details about the variables.
-</Callout>
+  <Callout type={'tip'}>
+    Go to  [📘 Environment Variables](/docs/self-hosting/environment-variable#Authelia) for details about the variables.
+  </Callout>
 </Steps>
 
 <Callout type={'info'}>

package/docs/self-hosting/advanced/auth/next-auth/authelia.zh-CN.mdx

@@ -14,56 +14,55 @@ tags:
 ## Authelia 配置流程
 
 <Steps>
-### 创建 Authelia 提供应用
+  ### 创建 Authelia 提供应用
 
-我们现在默认您已经了解了如何使用 Authelia。假设您的 LobeChat 实例部署在 `https://lobe.example.com/` 中。注意，目前只有 `localhost` 支持 HTTP 访问，其他域名需要启用 TLS，否则 Authelia 默认将主动中断身份认证。
+  我们现在默认您已经了解了如何使用 Authelia。假设您的 LobeChat 实例部署在 `https://lobe.example.com/` 中。注意，目前只有 `localhost` 支持 HTTP 访问，其他域名需要启用 TLS，否则 Authelia 默认将主动中断身份认证。
 
-现在，我们打开 Authelia 实例的配置文件进行编辑：
+  现在，我们打开 Authelia 实例的配置文件进行编辑：
 
-在 `identity_providers`-> `oidc` 下新增一个 `lobe-chat` 的项目：
+  在 `identity_providers`-> `oidc` 下新增一个 `lobe-chat` 的项目：
 
-```yaml
-...
-identity_providers:
-  oidc:
-    ...
-    ## The other portions of the mandatory OpenID Connect 1.0 configuration go here.
-    ## See: https://www.authelia.com/c/oidc
-    - id: lobe-chat
-      description: LobeChat
-      secret: '$pbkdf2-sha512$310000$c8p78n7pUMln0jzvd4aK4Q$JNRBzwAo0ek5qKn50cFzzvE9RXV88h1wJn5KGiHrD0YKtZaR/nCb2CJPOsKaPK0hjf.9yHxzQGZziziccp6Yng'  # The digest of 'insecure_secret'.
-      public: false
-      authorization_policy: two_factor
-      redirect_uris:
-        - https://chat.example.com/api/auth/callback/authelia
-      scopes:
-        - openid
-        - profile
-        - email
-      userinfo_signing_algorithm: none
-```
+  ```yaml
+  ...
+  identity_providers:
+    oidc:
+      ...
+      ## The other portions of the mandatory OpenID Connect 1.0 configuration go here.
+      ## See: https://www.authelia.com/c/oidc
+      - id: lobe-chat
+        description: LobeChat
+        secret: '$pbkdf2-sha512$310000$c8p78n7pUMln0jzvd4aK4Q$JNRBzwAo0ek5qKn50cFzzvE9RXV88h1wJn5KGiHrD0YKtZaR/nCb2CJPOsKaPK0hjf.9yHxzQGZziziccp6Yng'  # The digest of 'insecure_secret'.
+        public: false
+        authorization_policy: two_factor
+        redirect_uris:
+          - https://chat.example.com/api/auth/callback/authelia
+        scopes:
+          - openid
+          - profile
+          - email
+        userinfo_signing_algorithm: none
+  ```
 
-请您确保 `secret` 和 `redirect_urls` 替换成您自己的值。注意！Authelia 中配置 `secret` 是密文，即加盐哈希值。其对应的明文稍后需要填写在 lobeChat 中。
+  请您确保 `secret` 和 `redirect_urls` 替换成您自己的值。注意！Authelia 中配置 `secret` 是密文，即加盐哈希值。其对应的明文稍后需要填写在 lobeChat 中。
 
-保存配置文件，然后重启 Authelia 服务。现在我们完成了 Authelia 的配置工作。
+  保存配置文件，然后重启 Authelia 服务。现在我们完成了 Authelia 的配置工作。
 
-### 配置环境变量
+  ### 配置环境变量
 
-在部署 LobeChat 时，你需要配置以下环境变量：
+  在部署 LobeChat 时，你需要配置以下环境变量：
 
-| 环境变量 | 类型 | 描述 |
-| --- | --- | --- |
-| `NEXT_AUTH_SECRET` | 必选 | 用于加密 Auth.js 会话令牌的密钥。您可以使用以下命令生成秘钥： `openssl rand -base64 32` |
-| `NEXT_AUTH_SSO_PROVIDERS` | 必选 | 选择 LoboChat 的单点登录提供商。使用 Authelia 请填写 `authelia`。 |
-| `AUTH_AUTHELIA_ID` | 必选 | 刚刚在 Authelia 配置的 `id`，示例值是 `lobe-chat` |
-| `AUTH_AUTHELIA_SECRET` | 必选 | 刚刚在 Authelia 配置的 `secret` 对应的明文，示例值是 `insecure_secret` |
-| `AUTH_AUTHELIA_ISSUER` | 必选 | 您的 Authelia 的网址，例如 `https://sso.example.com` |
-| `NEXTAUTH_URL` | 必选 | 该 URL 用于指定 Auth.js 在执行 OAuth 验证时的回调地址，当默认生成的重定向地址发生不正确时才需要设置。`https://chat.example.com/api/auth` |
+  | 环境变量                      | 类型 | 描述                                                                                               |
+  | ------------------------- | -- | ------------------------------------------------------------------------------------------------ |
+  | `NEXT_AUTH_SECRET`        | 必选 | 用于加密 Auth.js 会话令牌的密钥。您可以使用以下命令生成秘钥： `openssl rand -base64 32`                                    |
+  | `NEXT_AUTH_SSO_PROVIDERS` | 必选 | 选择 LoboChat 的单点登录提供商。使用 Authelia 请填写 `authelia`。                                                 |
+  | `AUTH_AUTHELIA_ID`        | 必选 | 刚刚在 Authelia 配置的 `id`，示例值是 `lobe-chat`                                                           |
+  | `AUTH_AUTHELIA_SECRET`    | 必选 | 刚刚在 Authelia 配置的 `secret` 对应的明文，示例值是 `insecure_secret`                                           |
+  | `AUTH_AUTHELIA_ISSUER`    | 必选 | 您的 Authelia 的网址，例如 `https://sso.example.com`                                                     |
+  | `NEXTAUTH_URL`            | 必选 | 该 URL 用于指定 Auth.js 在执行 OAuth 验证时的回调地址，当默认生成的重定向地址发生不正确时才需要设置。`https://chat.example.com/api/auth` |
 
   <Callout type={'tip'}>
     前往 [📘 环境变量](/zh/docs/self-hosting/environment-variable#Authelia) 可查阅相关变量详情。
-
-</Callout>
+  </Callout>
 </Steps>
 
 <Callout type={'info'}>

package/docs/self-hosting/advanced/auth/next-auth/authentik.mdx

@@ -19,52 +19,47 @@ tags:
 <Steps>
   ### Create an Authentik Application Provider
 
-In your Authentik instance, use the administrator account to go to **Admin Interface** -> **Applications** -> **Providers** and create a new provider.
+  In your Authentik instance, use the administrator account to go to **Admin Interface** -> **Applications** -> **Providers** and create a new provider.
 
-Select **OAuth2/OpenID Provider** as the provider type. Fill in the provider name, select the authentication flow and authorization flow.
+  Select **OAuth2/OpenID Provider** as the provider type. Fill in the provider name, select the authentication flow and authorization flow.
 
-In the `Redirect URL/Origin (regex)` field, fill in:
+  In the `Redirect URL/Origin (regex)` field, fill in:
 
-```bash
-https://your-domain/api/auth/callback/authentik
-```
+  ```bash
+  https://your-domain/api/auth/callback/authentik
+  ```
 
-<Callout type={'info'}>
-  - You can fill in or modify the `Redirect URL/Origin (regex)` later, but make sure the filled in
-  URL matches the deployed URL. - Replace `your-domain` with your own domain name
-</Callout>
+  <Callout type={'info'}>
+    - You can fill in or modify the `Redirect URL/Origin (regex)` later, but make sure the filled in
+      URL matches the deployed URL. - Replace `your-domain` with your own domain name
+  </Callout>
 
-<Image
-  alt="Create Authentik Provider"
-  inStep
-  src="https://github.com/lobehub/lobe-chat/assets/67304509/4244634e-5f68-48d5-aac0-e5f4b06d1c4b"
-/>
+  <Image alt="Create Authentik Provider" inStep src="https://github.com/lobehub/lobe-chat/assets/67304509/4244634e-5f68-48d5-aac0-e5f4b06d1c4b" />
 
-Click **Done**
+  Click **Done**
 
-After the creation is successful, click **Applications** on the left -> **Create**, fill in the name and Slug, select the provider created in the previous step, and click **Create**.
+  After the creation is successful, click **Applications** on the left -> **Create**, fill in the name and Slug, select the provider created in the previous step, and click **Create**.
 
-After the application provider is created, click the corresponding provider to enter the details page, click **Edit**, and save the `Client ID` and `Client Secret`.
+  After the application provider is created, click the corresponding provider to enter the details page, click **Edit**, and save the `Client ID` and `Client Secret`.
 
-Copy the URL of `OpenID Configuration Issuer` and save it.
+  Copy the URL of `OpenID Configuration Issuer` and save it.
 
-### Configure Environment Variables
+  ### Configure Environment Variables
 
-When deploying LobeChat, you need to configure the following environment variables:
+  When deploying LobeChat, you need to configure the following environment variables:
 
-| Environment Variable | Type | Description |
-| --- | --- | --- |
-| `NEXT_AUTH_SECRET` | Required | The secret used to encrypt Auth.js session tokens. You can generate a secret using the following command: `openssl rand -base64 32` |
-| `NEXT_AUTH_SSO_PROVIDERS` | Required | Select the SSO provider for LoboChat. Use `authentik` for Authentik. |
-| `AUTH_AUTHENTIK_ID` | Required | The Client ID from the Authentik application provider details page |
-| `AUTH_AUTHENTIK_SECRET` | Required | The Client Secret from the Authentik application provider details page |
-| `AUTH_AUTHENTIK_ISSUER` | Required | The OpenID Configuration Issuer from the Authentik application provider details page |
-| `NEXTAUTH_URL` | Required | This URL is used to specify the callback address for Auth.js when performing OAuth authentication. It only needs to be set when the default generated redirect address is incorrect. `https://example.com/api/auth` |
+  | Environment Variable      | Type     | Description                                                                                                                                                                                                         |
+  | ------------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+  | `NEXT_AUTH_SECRET`        | Required | The secret used to encrypt Auth.js session tokens. You can generate a secret using the following command: `openssl rand -base64 32`                                                                                 |
+  | `NEXT_AUTH_SSO_PROVIDERS` | Required | Select the SSO provider for LoboChat. Use `authentik` for Authentik.                                                                                                                                                |
+  | `AUTH_AUTHENTIK_ID`       | Required | The Client ID from the Authentik application provider details page                                                                                                                                                  |
+  | `AUTH_AUTHENTIK_SECRET`   | Required | The Client Secret from the Authentik application provider details page                                                                                                                                              |
+  | `AUTH_AUTHENTIK_ISSUER`   | Required | The OpenID Configuration Issuer from the Authentik application provider details page                                                                                                                                |
+  | `NEXTAUTH_URL`            | Required | This URL is used to specify the callback address for Auth.js when performing OAuth authentication. It only needs to be set when the default generated redirect address is incorrect. `https://example.com/api/auth` |
 
   <Callout type={'tip'}>
     Go to  [📘 Environment Variables](/docs/self-hosting/environment-variable#Authentik) for details about the variables.
-
-</Callout>
+  </Callout>
 </Steps>
 
 <Callout type={'info'}>