@lobehub/chat 1.79.7 → 1.79.9

package/src/libs/trpc/{index.ts → edge/index.ts}

@@ -10,40 +10,40 @@
 import { DESKTOP_USER_ID } from '@/const/desktop';
 import { isDesktop } from '@/const/version';
 
-import { trpc } from './init';
+import { userAuth } from '../middleware/userAuth';
+import { edgeTrpc } from './init';
 import { jwtPayloadChecker } from './middleware/jwtPayload';
-import { userAuth } from './middleware/userAuth';
 
 /**
  * Create a router
  * @link https://trpc.io/docs/v11/router
  */
-export const router = trpc.router;
+export const router = edgeTrpc.router;
 
 /**
  * Create an unprotected procedure
  * @link https://trpc.io/docs/v11/procedures
  **/
-export const publicProcedure = trpc.procedure.use(({ next, ctx }) => {
+export const publicProcedure = edgeTrpc.procedure.use(({ next, ctx }) => {
   return next({
     ctx: { userId: isDesktop ? DESKTOP_USER_ID : ctx.userId },
   });
 });
 
 // procedure that asserts that the user is logged in
-export const authedProcedure = trpc.procedure.use(userAuth);
+export const authedProcedure = edgeTrpc.procedure.use(userAuth);
 
 // procedure that asserts that the user add the password
-export const passwordProcedure = trpc.procedure.use(jwtPayloadChecker);
+export const passwordProcedure = edgeTrpc.procedure.use(jwtPayloadChecker);
 
 /**
  * Merge multiple routers together
  * @link https://trpc.io/docs/v11/merging-routers
  */
-export const mergeRouters = trpc.mergeRouters;
+export const mergeRouters = edgeTrpc.mergeRouters;
 
 /**
  * Create a server-side caller
  * @link https://trpc.io/docs/v11/server/server-side-calls
  */
-export const createCallerFactory = trpc.createCallerFactory;
+export const createCallerFactory = edgeTrpc.createCallerFactory;

package/src/libs/trpc/{init.ts → edge/init.ts}

@@ -10,9 +10,9 @@
 import { initTRPC } from '@trpc/server';
 import superjson from 'superjson';
 
-import type { Context } from '@/server/context';
+import type { EdgeContext } from './context';
 
-export const trpc = initTRPC.context<Context>().create({
+export const edgeTrpc = initTRPC.context<EdgeContext>().create({
   /**
    * @link https://trpc.io/docs/v11/error-formatting
    */

package/src/libs/trpc/{middleware → edge/middleware}/jwtPayload.test.ts

@@ -2,9 +2,9 @@
 import { TRPCError } from '@trpc/server';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
 
-import { createCallerFactory } from '@/libs/trpc';
-import { trpc } from '@/libs/trpc/init';
-import { AuthContext, createContextInner } from '@/server/context';
+import { createCallerFactory } from '@/libs/trpc/edge';
+import { AuthContext, createContextInner } from '@/libs/trpc/edge/context';
+import { edgeTrpc as trpc } from '@/libs/trpc/edge/init';
 import * as utils from '@/utils/server/jwt';
 
 import { jwtPayloadChecker } from './jwtPayload';

package/src/libs/trpc/{middleware → edge/middleware}/jwtPayload.ts

@@ -1,9 +1,10 @@
 import { TRPCError } from '@trpc/server';
 
-import { trpc } from '@/libs/trpc/init';
 import { getJWTPayload } from '@/utils/server/jwt';
 
-export const jwtPayloadChecker = trpc.middleware(async (opts) => {
+import { edgeTrpc } from '../init';
+
+export const jwtPayloadChecker = edgeTrpc.middleware(async (opts) => {
   const { ctx } = opts;
 
   if (!ctx.authorizationHeader) throw new TRPCError({ code: 'UNAUTHORIZED' });

package/src/libs/trpc/lambda/context.ts

@@ -0,0 +1,70 @@
+import { User } from 'next-auth';
+import { NextRequest } from 'next/server';
+
+import { JWTPayload, LOBE_CHAT_AUTH_HEADER, enableClerk, enableNextAuth } from '@/const/auth';
+import { ClerkAuth, IClerkAuth } from '@/libs/clerk-auth';
+
+export interface AuthContext {
+  authorizationHeader?: string | null;
+  clerkAuth?: IClerkAuth;
+  jwtPayload?: JWTPayload | null;
+  nextAuth?: User;
+  userId?: string | null;
+}
+
+/**
+ * Inner function for `createContext` where we create the context.
+ * This is useful for testing when we don't want to mock Next.js' request/response
+ */
+export const createContextInner = async (params?: {
+  authorizationHeader?: string | null;
+  clerkAuth?: IClerkAuth;
+  nextAuth?: User;
+  userId?: string | null;
+}): Promise<AuthContext> => ({
+  authorizationHeader: params?.authorizationHeader,
+  clerkAuth: params?.clerkAuth,
+  nextAuth: params?.nextAuth,
+  userId: params?.userId,
+});
+
+export type LambdaContext = Awaited<ReturnType<typeof createContextInner>>;
+
+/**
+ * Creates context for an incoming request
+ * @link https://trpc.io/docs/v11/context
+ */
+export const createLambdaContext = async (request: NextRequest): Promise<LambdaContext> => {
+  // for API-response caching see https://trpc.io/docs/v11/caching
+
+  const authorization = request.headers.get(LOBE_CHAT_AUTH_HEADER);
+
+  let userId;
+  let auth;
+
+  if (enableClerk) {
+    const clerkAuth = new ClerkAuth();
+    const result = clerkAuth.getAuthFromRequest(request);
+    auth = result.clerkAuth;
+    userId = result.userId;
+
+    return createContextInner({ authorizationHeader: authorization, clerkAuth: auth, userId });
+  }
+
+  if (enableNextAuth) {
+    try {
+      const { default: NextAuthEdge } = await import('@/libs/next-auth/edge');
+
+      const session = await NextAuthEdge.auth();
+      if (session && session?.user?.id) {
+        auth = session.user;
+        userId = session.user.id;
+      }
+      return createContextInner({ authorizationHeader: authorization, nextAuth: auth, userId });
+    } catch (e) {
+      console.error('next auth err', e);
+    }
+  }
+
+  return createContextInner({ authorizationHeader: authorization, userId });
+};

package/src/libs/trpc/lambda/index.ts

@@ -1 +1,39 @@
-export * from './serverDatabase';
+/**
+ * This is your entry point to setup the root configuration for tRPC on the server.
+ * - `initTRPC` should only be used once per app.
+ * - We export only the functionality that we use so we can enforce which base procedures should be used
+ *
+ * Learn how to create protected base procedures and other things below:
+ * @link https://trpc.io/docs/v11/router
+ * @link https://trpc.io/docs/v11/procedures
+ */
+import { DESKTOP_USER_ID } from '@/const/desktop';
+import { isDesktop } from '@/const/version';
+
+import { userAuth } from '../middleware/userAuth';
+import { trpc } from './init';
+
+/**
+ * Create a router
+ * @link https://trpc.io/docs/v11/router
+ */
+export const router = trpc.router;
+
+/**
+ * Create an unprotected procedure
+ * @link https://trpc.io/docs/v11/procedures
+ **/
+export const publicProcedure = trpc.procedure.use(({ next, ctx }) => {
+  return next({
+    ctx: { userId: isDesktop ? DESKTOP_USER_ID : ctx.userId },
+  });
+});
+
+// procedure that asserts that the user is logged in
+export const authedProcedure = trpc.procedure.use(userAuth);
+
+/**
+ * Create a server-side caller
+ * @link https://trpc.io/docs/v11/server/server-side-calls
+ */
+export const createCallerFactory = trpc.createCallerFactory;

package/src/libs/trpc/lambda/init.ts

@@ -0,0 +1,26 @@
+/**
+ * This is your entry point to setup the root configuration for tRPC on the server.
+ * - `initTRPC` should only be used once per app.
+ * - We export only the functionality that we use so we can enforce which base procedures should be used
+ *
+ * Learn how to create protected base procedures and other things below:
+ * @link https://trpc.io/docs/v11/router
+ * @link https://trpc.io/docs/v11/procedures
+ */
+import { initTRPC } from '@trpc/server';
+import superjson from 'superjson';
+
+import type { LambdaContext } from './context';
+
+export const trpc = initTRPC.context<LambdaContext>().create({
+  /**
+   * @link https://trpc.io/docs/v11/error-formatting
+   */
+  errorFormatter({ shape }) {
+    return shape;
+  },
+  /**
+   * @link https://trpc.io/docs/v11/data-transformers
+   */
+  transformer: superjson,
+});

package/src/libs/trpc/lambda/middleware/index.ts

@@ -0,0 +1,2 @@
+export * from './keyVaults';
+export * from './serverDatabase';

package/src/libs/trpc/{middleware → lambda/middleware}/keyVaults.ts

@@ -1,8 +1,9 @@
 import { TRPCError } from '@trpc/server';
 
-import { trpc } from '@/libs/trpc/init';
 import { getJWTPayload } from '@/utils/server/jwt';
 
+import { trpc } from '../init';
+
 export const keyVaults = trpc.middleware(async (opts) => {
   const { ctx } = opts;
 

package/src/libs/trpc/lambda/{serverDatabase.ts → middleware/serverDatabase.ts}

@@ -1,5 +1,6 @@
 import { getServerDB } from '@/database/core/db-adaptor';
-import { trpc } from '@/libs/trpc/init';
+
+import { trpc } from '../init';
 
 export const serverDatabase = trpc.middleware(async (opts) => {
   const serverDB = await getServerDB();

package/src/libs/trpc/middleware/userAuth.test.ts

@@ -1,10 +1,10 @@
 import { TRPCError } from '@trpc/server';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
 
-import { createCallerFactory } from '@/libs/trpc';
-import { AuthContext, createContextInner } from '@/server/context';
+import { createCallerFactory } from '@/libs/trpc/lambda';
+import { AuthContext, createContextInner } from '@/libs/trpc/lambda/context';
 
-import { trpc } from '../init';
+import { trpc } from '../lambda/init';
 import { userAuth } from './userAuth';
 
 const appRouter = trpc.router({

package/src/libs/trpc/middleware/userAuth.ts

@@ -4,7 +4,7 @@ import { enableClerk } from '@/const/auth';
 import { DESKTOP_USER_ID } from '@/const/desktop';
 import { isDesktop } from '@/const/version';
 
-import { trpc } from '../init';
+import { trpc } from '../lambda/init';
 
 export const userAuth = trpc.middleware(async (opts) => {
   const { ctx } = opts;

package/src/libs/trpc/mock.ts

@@ -0,0 +1,7 @@
+/**
+ * This file contains the root router of your tRPC-backend
+ */
+import { createCallerFactory } from '@/libs/trpc/lambda';
+import { lambdaRouter } from '@/server/routers/lambda';
+
+export const createCaller = createCallerFactory(lambdaRouter);

package/src/locales/default/index.ts

@@ -13,6 +13,7 @@ import metadata from './metadata';
 import migration from './migration';
 import modelProvider from './modelProvider';
 import models from './models';
+import oauth from './oauth';
 import plugin from './plugin';
 import portal from './portal';
 import providers from './providers';
@@ -39,6 +40,7 @@ const resources = {
   migration,
   modelProvider,
   models,
+  oauth,
   plugin,
   portal,
   providers,

package/src/locales/default/oauth.ts

@@ -0,0 +1,43 @@
+const oauth = {
+  consent: {
+    buttons: {
+      accept: '授权',
+      deny: '拒绝',
+    },
+    description: '应用 {{clientName}} 申请您的账户授权',
+
+    error: {
+      sessionInvalid: {
+        message: '授权会话已过期或无效，请重新发起授权流程。',
+        title: '授权会话无效',
+      },
+      title: '发生错误',
+      unsupportedInteraction: {
+        message: '不支持的交互类型: {promptName}',
+        title: '不支持的交互类型',
+      },
+    },
+    permissionsTitle: '请求以下权限：',
+    redirectUri: '授权成功后将重定向到',
+    scope: {
+      'email': '访问您的电子邮件地址',
+      'offline_access': '允许客户端访问您的数据',
+      'openid': '使用您的 LobeChat 账户进行身份验证',
+      'profile': '访问您的基本资料信息（名称、头像等）',
+      'sync-read': '读取您的同步数据',
+      'sync-write': '写入并更新您的同步数据',
+    },
+    title: '授权 {{clientName}}',
+  },
+  failed: {
+    backToHome: '返回首页',
+    subTitle: '您已拒绝授权应用访问您的 LobeChat 账户',
+    title: '授权被拒绝',
+  },
+  success: {
+    subTitle: '您已成功授权应用访问您的 LobeChat 账户，可以关闭该页面了',
+    title: '授权成功',
+  },
+};
+
+export default oauth;

package/src/middleware.ts

@@ -1,4 +1,5 @@
 import { clerkMiddleware, createRouteMatcher } from '@clerk/nextjs/server';
+import debug from 'debug';
 import { NextRequest, NextResponse } from 'next/server';
 import { UAParser } from 'ua-parser-js';
 import urlJoin from 'url-join';
@@ -14,6 +15,15 @@ import { parseDefaultThemeFromCountry } from '@/utils/server/geo';
 import { RouteVariants } from '@/utils/server/routeVariants';
 
 import { OAUTH_AUTHORIZED } from './const/auth';
+import { oidcEnv } from './envs/oidc';
+
+// Create debug logger instances
+const logDefault = debug('lobe-middleware:default');
+const logNextAuth = debug('lobe-middleware:next-auth');
+const logClerk = debug('lobe-middleware:clerk');
+
+// OIDC session pre-sync constant
+const OIDC_SESSION_HEADER = 'x-oidc-session-sync';
 
 export const config = {
   matcher: [
@@ -37,19 +47,25 @@ export const config = {
     '/login(.*)',
     '/signup(.*)',
     '/next-auth/(.*)',
+    '/oauth(.*)',
+    '/oidc(.*)',
     // ↓ cloud ↓
   ],
 };
 
+const backendApiEndpoints = ['/api', '/trpc', '/webapi', '/oidc'];
+
 const defaultMiddleware = (request: NextRequest) => {
   const url = new URL(request.url);
+  logDefault('Processing request: %s %s', request.method, request.url);
 
   // skip all api requests
-  if (['/api', '/trpc', '/webapi'].some((path) => url.pathname.startsWith(path))) {
+  if (backendApiEndpoints.some((path) => url.pathname.startsWith(path))) {
+    logDefault('Skipping API request: %s', url.pathname);
     return NextResponse.next();
   }
 
-  // 1. 从 cookie 中读取用户偏好
+  // 1. Read user preferences from cookies
   const theme =
     request.cookies.get(LOBE_THEME_APPEARANCE)?.value || parseDefaultThemeFromCountry(request);
 
@@ -62,16 +78,36 @@ const defaultMiddleware = (request: NextRequest) => {
 
   const device = new UAParser(ua || '').getDevice();
 
-  // 2. 创建规范化的偏好值
+  logDefault('User preferences: %O', {
+    browserLanguage,
+    deviceType: device.type,
+    hasCookies: {
+      locale: !!request.cookies.get(LOBE_LOCALE_COOKIE)?.value,
+      theme: !!request.cookies.get(LOBE_THEME_APPEARANCE)?.value,
+    },
+    locale,
+    theme,
+  });
+
+  // 2. Create normalized preference values
   const route = RouteVariants.serializeVariants({
     isMobile: device.type === 'mobile',
     locale,
     theme,
   });
 
+  logDefault('Serialized route variant: %s', route);
+
   // if app is in docker, rewrite to self container
   // https://github.com/lobehub/lobe-chat/issues/5876
   if (appEnv.MIDDLEWARE_REWRITE_THROUGH_LOCAL) {
+    logDefault('Local container rewrite enabled: %O', {
+      host: '127.0.0.1',
+      original: url.toString(),
+      port: process.env.PORT || '3210',
+      protocol: 'http',
+    });
+
     url.protocol = 'http';
     url.host = '127.0.0.1';
     url.port = process.env.PORT || '3210';
@@ -86,7 +122,12 @@ const defaultMiddleware = (request: NextRequest) => {
     ? urlJoin(url.origin, nextPathname)
     : nextPathname;
 
-  console.log(`[rewrite] ${url.pathname} -> ${nextURL}`);
+  logDefault('URL rewrite: %O', {
+    isLocalRewrite: appEnv.MIDDLEWARE_REWRITE_THROUGH_LOCAL,
+    nextPathname: nextPathname,
+    nextURL: nextURL,
+    originalPathname: url.pathname,
+  });
 
   url.pathname = nextPathname;
 
@@ -95,6 +136,8 @@ const defaultMiddleware = (request: NextRequest) => {
 
 // Initialize an Edge compatible NextAuth middleware
 const nextAuthMiddleware = NextAuthEdge.auth((req) => {
+  logNextAuth('NextAuth middleware processing request: %s %s', req.method, req.url);
+
   const response = defaultMiddleware(req);
 
   // Just check if session exists
@@ -104,10 +147,25 @@ const nextAuthMiddleware = NextAuthEdge.auth((req) => {
   // refs: https://github.com/lobehub/lobe-chat/pull/1323
   const isLoggedIn = !!session?.expires;
 
+  logNextAuth('NextAuth session status: %O', {
+    expires: session?.expires,
+    isLoggedIn,
+    userId: session?.user?.id,
+  });
+
   // Remove & amend OAuth authorized header
   response.headers.delete(OAUTH_AUTHORIZED);
   if (isLoggedIn) {
+    logNextAuth('Setting auth header: %s = %s', OAUTH_AUTHORIZED, 'true');
     response.headers.set(OAUTH_AUTHORIZED, 'true');
+
+    // If OIDC is enabled and user is logged in, add OIDC session pre-sync header
+    if (oidcEnv.ENABLE_OIDC && session?.user?.id) {
+      logNextAuth('OIDC session pre-sync: Setting %s = %s', OIDC_SESSION_HEADER, session.user.id);
+      response.headers.set(OIDC_SESSION_HEADER, session.user.id);
+    }
+  } else {
+    logNextAuth('Not logged in, no auth header set');
   }
 
   return response;
@@ -122,9 +180,33 @@ const isProtectedRoute = createRouteMatcher([
 
 const clerkAuthMiddleware = clerkMiddleware(
   async (auth, req) => {
-    if (isProtectedRoute(req)) await auth.protect();
+    logClerk('Clerk middleware processing request: %s %s', req.method, req.url);
+
+    const isProtected = isProtectedRoute(req);
+    logClerk('Route protection status: %s, %s', req.url, isProtected ? 'protected' : 'public');
+
+    if (isProtected) {
+      logClerk('Protecting route: %s', req.url);
+      await auth.protect();
+    }
 
-    return defaultMiddleware(req);
+    const response = defaultMiddleware(req);
+
+    const data = await auth();
+    logClerk('Clerk auth status: %O', {
+      isSignedIn: !!data.userId,
+      userId: data.userId,
+    });
+
+    // If OIDC is enabled and Clerk user is logged in, add OIDC session pre-sync header
+    if (oidcEnv.ENABLE_OIDC && data.userId) {
+      logClerk('OIDC session pre-sync: Setting %s = %s', OIDC_SESSION_HEADER, data.userId);
+      response.headers.set(OIDC_SESSION_HEADER, data.userId);
+    } else if (oidcEnv.ENABLE_OIDC) {
+      logClerk('No Clerk user detected, not setting OIDC session sync header');
+    }
+
+    return response;
   },
   {
     // https://github.com/lobehub/lobe-chat/pull/3084
@@ -134,6 +216,12 @@ const clerkAuthMiddleware = clerkMiddleware(
   },
 );
 
+logDefault('Middleware configuration: %O', {
+  enableClerk: authEnv.NEXT_PUBLIC_ENABLE_CLERK_AUTH,
+  enableNextAuth: authEnv.NEXT_PUBLIC_ENABLE_NEXT_AUTH,
+  enableOIDC: oidcEnv.ENABLE_OIDC,
+});
+
 export default authEnv.NEXT_PUBLIC_ENABLE_CLERK_AUTH
   ? clerkAuthMiddleware
   : authEnv.NEXT_PUBLIC_ENABLE_NEXT_AUTH

package/src/server/routers/edge/appStatus.ts

@@ -1,3 +1,3 @@
-import { router } from '@/libs/trpc';
+import { router } from '@/libs/trpc/edge';
 
 export const appStatusRouter = router({});

package/src/server/routers/edge/config/index.test.ts

@@ -4,9 +4,8 @@ import { beforeEach, describe, expect, it, vi } from 'vitest';
 /**
  * This file contains the root router of your tRPC-backend
  */
-import { createCallerFactory } from '@/libs/trpc';
-import { AuthContext, createContextInner } from '@/server/context';
-import { GlobalServerConfig } from '@/types/serverConfig';
+import { createCallerFactory } from '@/libs/trpc/edge';
+import { AuthContext, createContextInner } from '@/libs/trpc/edge/context';
 
 import { configRouter } from './index';
 

package/src/server/routers/edge/config/index.ts

@@ -1,5 +1,5 @@
 import { getServerFeatureFlagsValue } from '@/config/featureFlags';
-import { publicProcedure, router } from '@/libs/trpc';
+import { publicProcedure, router } from '@/libs/trpc/edge';
 import { getServerDefaultAgentConfig, getServerGlobalConfig } from '@/server/globalConfig';
 import { GlobalRuntimeConfig } from '@/types/serverConfig';
 

package/src/server/routers/edge/index.ts

@@ -1,7 +1,7 @@
 /**
  * This file contains the edge router of Lobe Chat tRPC-backend
  */
-import { publicProcedure, router } from '@/libs/trpc';
+import { publicProcedure, router } from '@/libs/trpc/edge';
 
 import { appStatusRouter } from './appStatus';
 import { configRouter } from './config';

package/src/server/routers/edge/upload.ts

@@ -1,6 +1,6 @@
 import { z } from 'zod';
 
-import { passwordProcedure, router } from '@/libs/trpc';
+import { passwordProcedure, router } from '@/libs/trpc/edge';
 import { S3 } from '@/server/modules/S3';
 
 export const uploadRouter = router({

package/src/server/routers/lambda/_template.ts

@@ -2,8 +2,8 @@ import { z } from 'zod';
 
 import { SessionGroupModel } from '@/database/models/sessionGroup';
 import { insertSessionGroupSchema } from '@/database/schemas';
-import { authedProcedure, router } from '@/libs/trpc';
-import { serverDatabase } from '@/libs/trpc/lambda';
+import { authedProcedure, router } from '@/libs/trpc/lambda';
+import { serverDatabase } from '@/libs/trpc/lambda/middleware';
 import { SessionGroupItem } from '@/types/session';
 
 const sessionProcedure = authedProcedure.use(serverDatabase).use(async (opts) => {

package/src/server/routers/lambda/agent.ts

@@ -8,8 +8,8 @@ import { KnowledgeBaseModel } from '@/database/models/knowledgeBase';
 import { SessionModel } from '@/database/models/session';
 import { UserModel } from '@/database/models/user';
 import { pino } from '@/libs/logger';
-import { authedProcedure, router } from '@/libs/trpc';
-import { serverDatabase } from '@/libs/trpc/lambda';
+import { authedProcedure, router } from '@/libs/trpc/lambda';
+import { serverDatabase } from '@/libs/trpc/lambda/middleware';
 import { AgentService } from '@/server/services/agent';
 import { KnowledgeItem, KnowledgeType } from '@/types/knowledgeBase';
 

package/src/server/routers/lambda/aiModel.ts

@@ -3,8 +3,8 @@ import { z } from 'zod';
 import { AiModelModel } from '@/database/models/aiModel';
 import { UserModel } from '@/database/models/user';
 import { AiInfraRepos } from '@/database/repositories/aiInfra';
-import { authedProcedure, router } from '@/libs/trpc';
-import { serverDatabase } from '@/libs/trpc/lambda';
+import { authedProcedure, router } from '@/libs/trpc/lambda';
+import { serverDatabase } from '@/libs/trpc/lambda/middleware';
 import { getServerGlobalConfig } from '@/server/globalConfig';
 import { KeyVaultsGateKeeper } from '@/server/modules/KeyVaultsEncrypt';
 import {

package/src/server/routers/lambda/aiProvider.ts

@@ -3,8 +3,8 @@ import { z } from 'zod';
 import { AiProviderModel } from '@/database/models/aiProvider';
 import { UserModel } from '@/database/models/user';
 import { AiInfraRepos } from '@/database/repositories/aiInfra';
-import { authedProcedure, router } from '@/libs/trpc';
-import { serverDatabase } from '@/libs/trpc/lambda';
+import { authedProcedure, router } from '@/libs/trpc/lambda';
+import { serverDatabase } from '@/libs/trpc/lambda/middleware';
 import { getServerGlobalConfig } from '@/server/globalConfig';
 import { KeyVaultsGateKeeper } from '@/server/modules/KeyVaultsEncrypt';
 import {

package/src/server/routers/lambda/chunk.ts

@@ -9,9 +9,8 @@ import { EmbeddingModel } from '@/database/models/embedding';
 import { FileModel } from '@/database/models/file';
 import { MessageModel } from '@/database/models/message';
 import { knowledgeBaseFiles } from '@/database/schemas';
-import { authedProcedure, router } from '@/libs/trpc';
-import { serverDatabase } from '@/libs/trpc/lambda';
-import { keyVaults } from '@/libs/trpc/middleware/keyVaults';
+import { authedProcedure, router } from '@/libs/trpc/lambda';
+import { keyVaults, serverDatabase } from '@/libs/trpc/lambda/middleware';
 import { getServerDefaultFilesConfig } from '@/server/globalConfig';
 import { initAgentRuntimeWithUserPayload } from '@/server/modules/AgentRuntime';
 import { ChunkService } from '@/server/services/chunk';

package/src/server/routers/lambda/exporter.ts

@@ -1,7 +1,7 @@
 import { DrizzleMigrationModel } from '@/database/models/drizzleMigration';
 import { DataExporterRepos } from '@/database/repositories/dataExporter';
-import { authedProcedure, router } from '@/libs/trpc';
-import { serverDatabase } from '@/libs/trpc/lambda';
+import { authedProcedure, router } from '@/libs/trpc/lambda';
+import { serverDatabase } from '@/libs/trpc/lambda/middleware';
 import { ExportDatabaseData } from '@/types/export';
 
 const exportProcedure = authedProcedure.use(serverDatabase).use(async (opts) => {