@lobehub/lobehub 2.0.0-next.174 → 2.0.0-next.176

package/packages/database/migrations/meta/_journal.json

@@ -448,6 +448,27 @@
       "when": 1766157362540,
       "tag": "0063_add_columns_for_several_tables",
       "breakpoints": true
+    },
+    {
+      "idx": 64,
+      "version": "7",
+      "when": 1766297832021,
+      "tag": "0064_add_agents_session_group_id",
+      "breakpoints": true
+    },
+    {
+      "idx": 65,
+      "version": "7",
+      "when": 1766408202688,
+      "tag": "0065_add_passkey",
+      "breakpoints": true
+    },
+    {
+      "idx": 66,
+      "version": "7",
+      "when": 1766474494249,
+      "tag": "0066_add_document_fields",
+      "breakpoints": true
     }
   ],
   "version": "6"

package/packages/database/package.json

@@ -17,10 +17,25 @@
     "@lobechat/const": "workspace:*",
     "@lobechat/types": "workspace:*",
     "@lobechat/utils": "workspace:*",
+    "@lobehub/charts": "^2.1.2",
+    "@lobehub/chat-plugin-sdk": "^1.32.4",
+    "@neondatabase/serverless": "^1.0.2",
+    "@trpc/server": "^11.7.1",
+    "debug": "^4.4.3",
+    "drizzle-zod": "^0.5.1",
+    "lodash-es": "^4.17.21",
+    "model-bank": "workspace:*",
+    "next-auth": "5.0.0-beta.30",
+    "p-map": "^7.0.4",
     "random-words": "^2.0.1",
     "ts-md5": "^2.0.1",
+    "type-fest": "^5.2.0",
     "ws": "^8.18.3"
   },
+  "devDependencies": {
+    "dotenv": "^17.2.3",
+    "fake-indexeddb": "^6.2.5"
+  },
   "peerDependencies": {
     "@electric-sql/pglite": "^0.2.17",
     "dayjs": ">=1.11.19",

package/packages/database/src/core/migrations.json

@@ -223,7 +223,10 @@
     "hash": "9646161fa041354714f823d726af27247bcd6e60fa3be5698c0d69f337a5700b"
   },
   {
-    "sql": ["DROP TABLE \"user_budgets\";", "\nDROP TABLE \"user_subscriptions\";"],
+    "sql": [
+      "DROP TABLE \"user_budgets\";",
+      "\nDROP TABLE \"user_subscriptions\";"
+    ],
     "bps": true,
     "folderMillis": 1729699958471,
     "hash": "7dad43a2a25d1aec82124a4e53f8d82f8505c3073f23606c1dc5d2a4598eacf9"
@@ -295,7 +298,9 @@
     "hash": "845a692ceabbfc3caf252a97d3e19a213bc0c433df2689900135f9cfded2cf49"
   },
   {
-    "sql": ["ALTER TABLE \"messages\" ADD COLUMN \"reasoning\" jsonb;"],
+    "sql": [
+      "ALTER TABLE \"messages\" ADD COLUMN \"reasoning\" jsonb;"
+    ],
     "bps": true,
     "folderMillis": 1737609172353,
     "hash": "2cb36ae4fcdd7b7064767e04bfbb36ae34518ff4bb1b39006f2dd394d1893868"
@@ -510,7 +515,9 @@
     "hash": "a7ccf007fd185ff922823148d1eae6fafe652fc98d2fd2793f84a84f29e93cd1"
   },
   {
-    "sql": ["ALTER TABLE \"ai_providers\" ADD COLUMN \"config\" jsonb;"],
+    "sql": [
+      "ALTER TABLE \"ai_providers\" ADD COLUMN \"config\" jsonb;"
+    ],
     "bps": true,
     "folderMillis": 1749309388370,
     "hash": "39cea379f08ee4cb944875c0b67f7791387b508c2d47958bb4cd501ed1ef33eb"
@@ -628,7 +635,9 @@
     "hash": "1ba9b1f74ea13348da98d6fcdad7867ab4316ed565bf75d84d160c526cdac14b"
   },
   {
-    "sql": ["ALTER TABLE \"agents\" ADD COLUMN IF NOT EXISTS \"virtual\" boolean DEFAULT false;"],
+    "sql": [
+      "ALTER TABLE \"agents\" ADD COLUMN IF NOT EXISTS \"virtual\" boolean DEFAULT false;"
+    ],
     "bps": true,
     "folderMillis": 1759116400580,
     "hash": "433ddae88e785f2db734e49a4c115eee93e60afe389f7919d66e5ba9aa159a37"
@@ -678,13 +687,17 @@
     "hash": "4bdc6505797d7a33b622498c138cfd47f637239f6905e1c484cd01d9d5f21d6b"
   },
   {
-    "sql": ["ALTER TABLE \"user_settings\" ADD COLUMN IF NOT EXISTS \"image\" jsonb;"],
+    "sql": [
+      "ALTER TABLE \"user_settings\" ADD COLUMN IF NOT EXISTS \"image\" jsonb;"
+    ],
     "bps": true,
     "folderMillis": 1760108430562,
     "hash": "ce09b301abb80f6563abc2f526bdd20b4f69bae430f09ba2179b9e3bfec43067"
   },
   {
-    "sql": ["ALTER TABLE \"documents\" ADD COLUMN IF NOT EXISTS \"editor_data\" jsonb;"],
+    "sql": [
+      "ALTER TABLE \"documents\" ADD COLUMN IF NOT EXISTS \"editor_data\" jsonb;"
+    ],
     "bps": true,
     "folderMillis": 1761554153406,
     "hash": "bf2f21293e90e11cf60a784cf3ec219eafa95f7545d7d2f9d1449c0b0949599a"
@@ -764,13 +777,17 @@
     "hash": "923ccbdf46c32be9a981dabd348e6923b4a365444241e9b8cc174bf5b914cbc5"
   },
   {
-    "sql": ["ALTER TABLE \"agents\" ADD COLUMN IF NOT EXISTS \"market_identifier\" text;\n"],
+    "sql": [
+      "ALTER TABLE \"agents\" ADD COLUMN IF NOT EXISTS \"market_identifier\" text;\n"
+    ],
     "bps": true,
     "folderMillis": 1762870034882,
     "hash": "4178aacb4b8892b7fd15d29209bbf9b1d1f9d7c406ba796f27542c0bcd919680"
   },
   {
-    "sql": ["ALTER TABLE \"message_plugins\" ADD COLUMN IF NOT EXISTS \"intervention\" jsonb;\n"],
+    "sql": [
+      "ALTER TABLE \"message_plugins\" ADD COLUMN IF NOT EXISTS \"intervention\" jsonb;\n"
+    ],
     "bps": true,
     "folderMillis": 1762911968658,
     "hash": "552a032cc0e595277232e70b5f9338658585bafe9481ae8346a5f322b673a68b"
@@ -799,7 +816,9 @@
     "hash": "f823b521f4d25e5dc5ab238b372727d2d2d7f0aed27b5eabc8a9608ce4e50568"
   },
   {
-    "sql": ["ALTER TABLE \"agents\" ADD COLUMN IF NOT EXISTS \"editor_data\" jsonb;"],
+    "sql": [
+      "ALTER TABLE \"agents\" ADD COLUMN IF NOT EXISTS \"editor_data\" jsonb;"
+    ],
     "bps": true,
     "folderMillis": 1764215503726,
     "hash": "4188893a9083b3c7baebdbad0dd3f9d9400ede7584ca2394f5c64305dc9ec7b0"
@@ -840,7 +859,9 @@
     "hash": "2c103eee82bdf329944fb622dd9c2b9f20df80eb54f23eb9254d2285de413099"
   },
   {
-    "sql": ["ALTER TABLE \"user_settings\" ADD COLUMN IF NOT EXISTS \"market\" jsonb;"],
+    "sql": [
+      "ALTER TABLE \"user_settings\" ADD COLUMN IF NOT EXISTS \"market\" jsonb;"
+    ],
     "bps": true,
     "folderMillis": 1764335703306,
     "hash": "28c0d738c0b1fdf5fd871363be1a1477b4accbabdc140fe8dc6e9b339aae2c89"
@@ -1023,5 +1044,37 @@
     "bps": true,
     "folderMillis": 1766157362540,
     "hash": "7a8ee107778222390e676951173baa81bfa09dd47216a8467575fca54915172c"
+  },
+  {
+    "sql": [
+      "ALTER TABLE \"agents\" ADD COLUMN IF NOT EXISTS \"session_group_id\" text;",
+      "\nDO $$ BEGIN\n  IF NOT EXISTS (SELECT 1 FROM pg_constraint WHERE conname = 'agents_session_group_id_session_groups_id_fk') THEN\n    ALTER TABLE \"agents\" ADD CONSTRAINT \"agents_session_group_id_session_groups_id_fk\" FOREIGN KEY (\"session_group_id\") REFERENCES \"public\".\"session_groups\"(\"id\") ON DELETE set null ON UPDATE no action;\n  END IF;\nEND $$;",
+      "\nCREATE INDEX IF NOT EXISTS \"agents_session_group_id_idx\" ON \"agents\" USING btree (\"session_group_id\");\n"
+    ],
+    "bps": true,
+    "folderMillis": 1766297832021,
+    "hash": "431a620396060130c46d6174d4bef3a517a0872aff8d19f3044bd9e7dec78ba5"
+  },
+  {
+    "sql": [
+      "CREATE TABLE IF NOT EXISTS \"passkey\" (\n\t\"aaguid\" text,\n\t\"backedUp\" boolean,\n\t\"counter\" integer,\n\t\"createdAt\" timestamp DEFAULT now(),\n\t\"credentialID\" text NOT NULL,\n\t\"deviceType\" text,\n\t\"id\" text PRIMARY KEY NOT NULL,\n\t\"name\" text,\n\t\"publicKey\" text NOT NULL,\n\t\"transports\" text,\n\t\"userId\" text NOT NULL\n);\n",
+      "\nDO $$ BEGIN\n  IF NOT EXISTS (SELECT 1 FROM pg_constraint WHERE conname = 'passkey_userId_users_id_fk') THEN\n    ALTER TABLE \"passkey\" ADD CONSTRAINT \"passkey_userId_users_id_fk\" FOREIGN KEY (\"userId\") REFERENCES \"public\".\"users\"(\"id\") ON DELETE cascade ON UPDATE no action;\n  END IF;\nEND $$;\n",
+      "\t\nCREATE UNIQUE INDEX IF NOT EXISTS \"passkey_credential_id_unique\" ON \"passkey\" USING btree (\"credentialID\");",
+      "\nCREATE INDEX IF NOT EXISTS \"passkey_user_id_idx\" ON \"passkey\" USING btree (\"userId\");"
+    ],
+    "bps": true,
+    "folderMillis": 1766408202688,
+    "hash": "1ae24d25f4b0ee7f38353b6d7fc6be4ae1171c105eb329d8aa97888abc85373b"
+  },
+  {
+    "sql": [
+      "ALTER TABLE \"documents\" ADD COLUMN IF NOT EXISTS \"description\" text;",
+      "\nALTER TABLE \"documents\" ADD COLUMN IF NOT EXISTS \"knowledge_base_id\" text;",
+      "\nDO $$ BEGIN\n  IF NOT EXISTS (SELECT 1 FROM pg_constraint WHERE conname = 'documents_knowledge_base_id_knowledge_bases_id_fk') THEN\n    ALTER TABLE \"documents\" ADD CONSTRAINT \"documents_knowledge_base_id_knowledge_bases_id_fk\" FOREIGN KEY (\"knowledge_base_id\") REFERENCES \"public\".\"knowledge_bases\"(\"id\") ON DELETE set null ON UPDATE no action;\n  END IF;\nEND $$;",
+      "\nCREATE INDEX IF NOT EXISTS \"documents_knowledge_base_id_idx\" ON \"documents\" USING btree (\"knowledge_base_id\");\n"
+    ],
+    "bps": true,
+    "folderMillis": 1766474494249,
+    "hash": "42d46c25f68aa3d6ab46b7c15734d984a9a8452e8058e98de79f4d675a38e28f"
   }
-]
+]

package/packages/database/src/repositories/tableViewer/index.test.ts

@@ -23,7 +23,7 @@ describe('TableViewerRepo', () => {
     it('should return all tables with counts', async () => {
       const result = await repo.getAllTables();
 
-      expect(result.length).toEqual(72);
+      expect(result.length).toEqual(73);
       expect(result[0]).toEqual({ name: 'accounts', count: 0, type: 'BASE TABLE' });
     });
 

package/packages/database/src/schemas/agent.ts

@@ -15,6 +15,7 @@ import { createInsertSchema } from 'drizzle-zod';
 import { idGenerator, randomSlug } from '../utils/idGenerator';
 import { timestamps } from './_helpers';
 import { files, knowledgeBases } from './file';
+import { sessionGroups } from './session';
 import { users } from './user';
 
 // Agent table is the main table for storing agents
@@ -60,6 +61,10 @@ export const agents = pgTable(
     openingMessage: text('opening_message'),
     openingQuestions: text('opening_questions').array().default([]),
 
+    sessionGroupId: text('session_group_id').references(() => sessionGroups.id, {
+      onDelete: 'set null',
+    }),
+
     ...timestamps,
   },
   (t) => [
@@ -68,6 +73,7 @@ export const agents = pgTable(
     index('agents_user_id_idx').on(t.userId),
     index('agents_title_idx').on(t.title),
     index('agents_description_idx').on(t.description),
+    index('agents_session_group_id_idx').on(t.sessionGroupId),
   ],
 );
 

package/packages/database/src/schemas/betterAuth.ts

@@ -1,5 +1,13 @@
 import { relations } from 'drizzle-orm';
-import { index, pgTable, text, timestamp } from 'drizzle-orm/pg-core';
+import {
+  boolean,
+  index,
+  integer,
+  pgTable,
+  text,
+  timestamp,
+  uniqueIndex,
+} from 'drizzle-orm/pg-core';
 
 import { users } from './user';
 
@@ -92,8 +100,32 @@ export const twoFactor = pgTable(
   ],
 );
 
+export const passkey = pgTable(
+  'passkey',
+  {
+    aaguid: text('aaguid'),
+    backedUp: boolean('backedUp'),
+    counter: integer('counter'),
+    createdAt: timestamp('createdAt').defaultNow(),
+    credentialID: text('credentialID').notNull(),
+    deviceType: text('deviceType'),
+    id: text('id').primaryKey(),
+    name: text('name'),
+    publicKey: text('publicKey').notNull(),
+    transports: text('transports'),
+    userId: text('userId')
+      .notNull()
+      .references(() => users.id, { onDelete: 'cascade' }),
+  },
+  (table) => [
+    uniqueIndex('passkey_credential_id_unique').on(table.credentialID),
+    index('passkey_user_id_idx').on(table.userId),
+  ],
+);
+
 export const usersRelations = relations(users, ({ many }) => ({
   accounts: many(account),
+  passkeys: many(passkey),
   sessions: many(session),
   twoFactors: many(twoFactor),
 }));
@@ -118,3 +150,10 @@ export const twoFactorRelations = relations(twoFactor, ({ one }) => ({
     references: [users.id],
   }),
 }));
+
+export const passkeysRelations = relations(passkey, ({ one }) => ({
+  users: one(users, {
+    fields: [passkey.userId],
+    references: [users.id],
+  }),
+}));

package/packages/database/src/schemas/file.ts

@@ -18,7 +18,7 @@ import { createInsertSchema } from 'drizzle-zod';
 import { LobeDocumentPage } from '@/types/document';
 import { FileSource } from '@/types/files';
 
-import { idGenerator } from '../utils/idGenerator';
+import { idGenerator, randomSlug } from '../utils/idGenerator';
 import { accessedAt, createdAt, timestamps } from './_helpers';
 import { asyncTasks } from './asyncTask';
 import { users } from './user';
@@ -55,6 +55,7 @@ export const documents = pgTable(
 
     // Basic information
     title: text('title'),
+    description: text('description'),
     content: text('content'),
 
     // Special type: custom/folder
@@ -72,13 +73,17 @@ export const documents = pgTable(
     pages: jsonb('pages').$type<LobeDocumentPage[]>(),
 
     // Source type
-    sourceType: text('source_type', { enum: ['file', 'web', 'api'] }).notNull(),
+    sourceType: text('source_type', { enum: ['file', 'web', 'api', 'topic'] }).notNull(),
     source: text('source').notNull(), // File path or web URL
 
     // Associated file (optional)
     // forward reference needs AnyPgColumn to avoid circular type inference
     // eslint-disable-next-line @typescript-eslint/no-use-before-define
     fileId: text('file_id').references((): AnyPgColumn => files.id, { onDelete: 'set null' }),
+    // eslint-disable-next-line @typescript-eslint/no-use-before-define
+    knowledgeBaseId: text('knowledge_base_id').references(() => knowledgeBases.id, {
+      onDelete: 'set null',
+    }),
 
     // Parent document (for folder hierarchy structure)
     parentId: varchar('parent_id', { length: 255 }).references((): AnyPgColumn => documents.id, {
@@ -93,7 +98,7 @@ export const documents = pgTable(
 
     editorData: jsonb('editor_data').$type<Record<string, any>>(),
 
-    slug: varchar('slug', { length: 255 }),
+    slug: varchar('slug', { length: 255 }).$defaultFn(() => randomSlug(3)),
 
     // Timestamps
     ...timestamps,
@@ -105,6 +110,7 @@ export const documents = pgTable(
     index('documents_user_id_idx').on(table.userId),
     index('documents_file_id_idx').on(table.fileId),
     index('documents_parent_id_idx').on(table.parentId),
+    index('documents_knowledge_base_id_idx').on(table.knowledgeBaseId),
     uniqueIndex('documents_client_id_user_id_unique').on(table.clientId, table.userId),
     uniqueIndex('documents_slug_user_id_unique')
       .on(table.slug, table.userId)

package/packages/electron-client-ipc/package.json

@@ -4,6 +4,9 @@
   "private": true,
   "main": "src/index.ts",
   "types": "src/index.ts",
+  "devDependencies": {
+    "electron": "^34.0.0"
+  },
   "peerDependencies": {
     "react": "^19.2.0"
   }

package/packages/model-bank/package.json

@@ -80,6 +80,9 @@
     "test:coverage": "vitest --coverage --silent='passed-only'"
   },
   "dependencies": {
+    "type-fest": "^5.2.0"
+  },
+  "peerDependencies": {
     "zod": "^3.25.76"
   }
 }

package/packages/model-runtime/package.json

@@ -12,15 +12,32 @@
     "test:update": "vitest -u"
   },
   "dependencies": {
+    "@anthropic-ai/sdk": "^0.67.1",
     "@aws-sdk/client-bedrock-runtime": "^3.941.0",
+    "@azure-rest/ai-inference": "1.0.0-beta.5",
+    "@azure/core-auth": "^1.10.1",
+    "@fal-ai/client": "^1.7.2",
+    "@google/genai": "^1.29.0",
     "@huggingface/inference": "^4.13.4",
     "@lobechat/const": "workspace:*",
     "@lobechat/types": "workspace:*",
     "@lobechat/utils": "workspace:*",
     "async-retry": "^1.3.3",
+    "dayjs": "^1.11.19",
     "debug": "^4.4.3",
+    "immer": "^10.2.0",
+    "langfuse": "^3.38.6",
+    "langfuse-core": "^3.38.6",
+    "lodash-es": "^4.17.21",
     "model-bank": "workspace:*",
+    "nanoid": "^5.1.6",
+    "ollama": "^0.6.2",
     "openai": "^4.104.0",
-    "replicate": "^1.4.0"
+    "replicate": "^1.4.0",
+    "type-fest": "^5.2.0",
+    "url-join": "^5.0.0"
+  },
+  "peerDependencies": {
+    "zod": "^3.25.76"
   }
 }

package/packages/types/package.json

@@ -4,9 +4,20 @@
   "private": true,
   "main": "./src/index.ts",
   "dependencies": {
+    "@lobechat/model-runtime": "workspace:*",
+    "@lobechat/python-interpreter": "workspace:*",
     "@lobechat/web-crawler": "workspace:*",
     "@lobehub/chat-plugin-sdk": "^1.32.4",
+    "@lobehub/market-sdk": "beta",
+    "@lobehub/market-types": "^1.11.4",
+    "@lobehub/ui": "^2.13.8",
+    "model-bank": "workspace:*",
+    "react": "19.2.0",
     "type-fest": "^4.41.0",
+    "zod": "^3.25.76",
+    "zustand": "5.0.4"
+  },
+  "peerDependencies": {
     "zod": "^3.25.76"
   }
 }

package/packages/utils/package.json

@@ -16,10 +16,32 @@
   "dependencies": {
     "@lobechat/const": "workspace:*",
     "@lobechat/types": "workspace:*",
+    "@lobehub/chat-plugin-sdk": "^1.32.4",
+    "@vercel/functions": "^3.3.0",
+    "brotli-wasm": "^3.0.1",
+    "chroma-js": "^3.1.2",
+    "countries-and-timezones": "^3.8.0",
     "dayjs": "^1.11.19",
-    "dompurify": "^3.3.0"
+    "debug": "^4.4.3",
+    "dompurify": "^3.3.0",
+    "fast-deep-equal": "^3.1.3",
+    "lodash-es": "^4.17.21",
+    "mime": "^4.1.0",
+    "model-bank": "workspace:*",
+    "nanoid": "^5.1.6",
+    "next": "^16.0.1",
+    "numeral": "^2.0.6",
+    "pure-rand": "^7.0.1",
+    "remark": "^15.0.1",
+    "remark-gfm": "^4.0.1",
+    "remark-html": "^16.0.1",
+    "ssrf-safe-fetch": "workspace:*",
+    "tokenx": "^1.2.1",
+    "ua-parser-js": "^1.0.41",
+    "uuid": "^11.1.0",
+    "yaml": "^2.8.1"
   },
   "devDependencies": {
-    "vitest-canvas-mock": "^0.3.3"
+    "vitest-canvas-mock": "^1.1.3"
   }
 }

package/packages/web-crawler/package.json

@@ -12,8 +12,8 @@
     "@mozilla/readability": "^0.6.0",
     "happy-dom": "^20.0.11",
     "node-html-markdown": "^1.3.0",
-    "ssrf-safe-fetch": "workspace:*",
     "query-string": "^9.3.1",
+    "ssrf-safe-fetch": "workspace:*",
     "url-join": "^5"
   }
 }

package/public/.well-known/apple-app-site-association

@@ -0,0 +1,5 @@
+{
+  "webcredentials": {
+    "apps": ["4684H589ZU.com.lobehub.app"]
+  }
+}

package/public/.well-known/assetlinks.json

@@ -0,0 +1,18 @@
+[
+  {
+    "relation": [
+      "delegate_permission/common.handle_all_urls",
+      "delegate_permission/common.get_login_creds"
+    ],
+    "target": {
+      "namespace": "android_app",
+      "package_name": "com.lobehub.app",
+      "sha256_cert_fingerprints": [
+        "D7:54:DB:A3:78:D5:8B:8F:20:01:ED:7B:9B:18:D3:B0:5B:D1:22:AA:97:2B:59:E1:A6:8E:31:24:21:44:0D:2B",
+        "FA:C6:17:45:DC:09:03:78:6F:B9:ED:E6:2A:96:2B:39:9F:73:48:F0:BB:6F:89:9B:83:32:66:75:91:03:3B:9C",
+        "1B:21:38:5D:72:40:65:F5:16:20:1D:C9:D2:6B:04:63:C3:33:F1:97:AB:6A:06:66:0E:3E:F0:7E:60:82:7E:E7",
+        "1B:BE:D4:A0:AE:43:56:E5:58:01:74:C4:B9:A0:0B:0E:5A:B9:5E:0F:A9:C0:65:18:68:CF:1F:AA:3E:8F:4F:DB"
+      ]
+    }
+  }
+]

package/src/auth.ts

@@ -1,15 +1,19 @@
 /* eslint-disable sort-keys-fix/sort-keys-fix, typescript-sort-keys/interface */
+import { expo } from '@better-auth/expo';
+import { passkey } from '@better-auth/passkey';
 import { createNanoId, idGenerator, serverDB } from '@lobechat/database';
+import * as schema from '@lobechat/database/schemas';
 import { emailHarmony } from 'better-auth-harmony';
 import { drizzleAdapter } from 'better-auth/adapters/drizzle';
 import { betterAuth } from 'better-auth/minimal';
-import { admin, genericOAuth, magicLink } from 'better-auth/plugins';
+import { admin, emailOTP, genericOAuth, magicLink } from 'better-auth/plugins';
 
 import { authEnv } from '@/envs/auth';
 import {
   getMagicLinkEmailTemplate,
   getResetPasswordEmailTemplate,
   getVerificationEmailTemplate,
+  getVerificationOTPEmailTemplate,
 } from '@/libs/better-auth/email-templates';
 import { initBetterAuthSSOProviders } from '@/libs/better-auth/sso';
 import { createSecondaryStorage, getTrustedOrigins } from '@/libs/better-auth/utils/config';
@@ -20,7 +24,34 @@ import { UserService } from '@/server/services/user';
 // Email verification link expiration time (in seconds)
 // Default is 1 hour (3600 seconds) as per Better Auth documentation
 const VERIFICATION_LINK_EXPIRES_IN = 3600;
+
+/**
+ * Safely extract hostname from AUTH_URL for passkey rpID.
+ * Returns undefined if AUTH_URL is not set (e.g., in e2e tests).
+ */
+const getPasskeyRpID = (): string | undefined => {
+  if (!authEnv.NEXT_PUBLIC_AUTH_URL) return undefined;
+  try {
+    return new URL(authEnv.NEXT_PUBLIC_AUTH_URL).hostname;
+  } catch {
+    return undefined;
+  }
+};
+
+/**
+ * Get passkey origins array.
+ * Returns undefined if AUTH_URL is not set (e.g., in e2e tests).
+ */
+const getPasskeyOrigins = (): string[] | undefined => {
+  if (!authEnv.NEXT_PUBLIC_AUTH_URL) return undefined;
+  return [
+    // Web origin
+    authEnv.NEXT_PUBLIC_AUTH_URL,
+  ];
+};
 const MAGIC_LINK_EXPIRES_IN = 900;
+// OTP expiration time (in seconds) - 5 minutes for mobile OTP verification
+const OTP_EXPIRES_IN = 300;
 const enableMagicLink = authEnv.NEXT_PUBLIC_ENABLE_MAGIC_LINK;
 const enabledSSOProviders = parseSSOProviders(authEnv.AUTH_SSO_PROVIDERS);
 
@@ -85,6 +116,8 @@ export const auth = betterAuth({
   },
   database: drizzleAdapter(serverDB, {
     provider: 'pg',
+    // experimental joins feature needs schema to pass full relation
+    schema,
   }),
   secondaryStorage: createSecondaryStorage(),
   /**
@@ -149,8 +182,43 @@ export const auth = betterAuth({
     },
   },
   plugins: [
+    expo(),
     emailHarmony({ allowNormalizedSignin: false }),
     admin(),
+    // Email OTP plugin for mobile verification
+    emailOTP({
+      expiresIn: OTP_EXPIRES_IN,
+      otpLength: 6,
+      allowedAttempts: 3,
+      // Don't automatically send OTP on sign up - let mobile client manually trigger it
+      sendVerificationOnSignUp: false,
+      async sendVerificationOTP({ email, otp }) {
+        const emailService = new EmailService();
+
+        // For all OTP types, use the same template
+        // userName is optional and will be null since we don't have user context here
+        const template = getVerificationOTPEmailTemplate({
+          expiresInSeconds: OTP_EXPIRES_IN,
+          otp,
+          userName: null,
+        });
+
+        await emailService.sendMail({
+          to: email,
+          ...template,
+        });
+      },
+    }),
+    passkey({
+      rpName: 'LobeHub',
+      // Extract rpID from auth URL (e.g., 'lobehub.com' from 'https://lobehub.com')
+      // Returns undefined if AUTH_URL is not set (e.g., in e2e tests)
+      rpID: getPasskeyRpID(),
+      // Support multiple origins: web + Android APK key hashes
+      // Android origin format: android:apk-key-hash:<base64url-sha256-fingerprint>
+      // Returns undefined if AUTH_URL is not set (e.g., in e2e tests)
+      origin: getPasskeyOrigins(),
+    }),
     ...(genericOAuthProviders.length > 0
       ? [
           genericOAuth({

package/src/libs/better-auth/email-templates/index.ts

@@ -1,3 +1,4 @@
 export { getMagicLinkEmailTemplate } from './magic-link';
 export { getResetPasswordEmailTemplate } from './reset-password';
 export { getVerificationEmailTemplate } from './verification';
+export { getVerificationOTPEmailTemplate } from './verification-otp';