@lobehub/lobehub 2.0.0-next.194 → 2.0.0-next.196

package/src/app/(backend)/_deprecated/createBizOpenAI/index.ts

@@ -1,10 +1,9 @@
-import { ChatErrorType, type ErrorType } from '@lobechat/types';
+import { ChatErrorType } from '@lobechat/types';
 import type OpenAI from 'openai';
 
 import { getOpenAIAuthFromRequest } from '@/const/fetch';
 import { createErrorResponse } from '@/utils/errorResponse';
 
-import { checkAuth } from './auth';
 import { createOpenai } from './createOpenai';
 
 /**
@@ -13,13 +12,7 @@ import { createOpenai } from './createOpenai';
  * if auth not pass ,just return error response
  */
 export const createBizOpenAI = (req: Request): Response | OpenAI => {
-  const { apiKey, accessCode, endpoint, oauthAuthorized } = getOpenAIAuthFromRequest(req);
-
-  const result = checkAuth({ accessCode, apiKey, oauthAuthorized });
-
-  if (!result.auth) {
-    return createErrorResponse(result.error as ErrorType);
-  }
+  const { apiKey, endpoint } = getOpenAIAuthFromRequest(req);
 
   let openai: OpenAI;
 

package/src/app/(backend)/middleware/auth/index.ts

@@ -92,7 +92,6 @@ export const checkAuth =
 
       if (!isUseOidcAuth)
         checkAuthMethod({
-          accessCode: jwtPayload.accessCode,
           apiKey: jwtPayload.apiKey,
           betterAuthAuthorized,
           clerkAuth,

package/src/app/(backend)/middleware/auth/utils.test.ts

@@ -1,8 +1,6 @@
 import { type AuthObject } from '@clerk/backend';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
 
-import { getAppConfig } from '@/envs/app';
-
 import { checkAuthMethod } from './utils';
 
 let enableClerkMock = false;
@@ -26,15 +24,9 @@ vi.mock('@/const/auth', async (importOriginal) => {
   };
 });
 
-vi.mock('@/envs/app', () => ({
-  getAppConfig: vi.fn(),
-}));
-
 describe('checkAuthMethod', () => {
   beforeEach(() => {
-    vi.mocked(getAppConfig).mockReturnValue({
-      ACCESS_CODES: ['validAccessCode'],
-    } as any);
+    vi.clearAllMocks();
   });
 
   it('should pass with valid Clerk auth', () => {
@@ -91,39 +83,7 @@ describe('checkAuthMethod', () => {
     ).not.toThrow();
   });
 
-  it('should pass with no access code required', () => {
-    vi.mocked(getAppConfig).mockReturnValueOnce({
-      ACCESS_CODES: [],
-    } as any);
-
+  it('should pass with no auth params', () => {
     expect(() => checkAuthMethod({})).not.toThrow();
   });
-
-  it('should pass with valid access code', () => {
-    expect(() =>
-      checkAuthMethod({
-        accessCode: 'validAccessCode',
-      }),
-    ).not.toThrow();
-  });
-
-  it('should throw error with invalid access code', () => {
-    try {
-      checkAuthMethod({
-        accessCode: 'invalidAccessCode',
-      });
-    } catch (e) {
-      expect(e).toEqual({
-        errorType: 'InvalidAccessCode',
-      });
-    }
-
-    try {
-      checkAuthMethod({});
-    } catch (e) {
-      expect(e).toEqual({
-        errorType: 'InvalidAccessCode',
-      });
-    }
-  });
 });

package/src/app/(backend)/middleware/auth/utils.ts

@@ -3,28 +3,25 @@ import { AgentRuntimeError } from '@lobechat/model-runtime';
 import { ChatErrorType } from '@lobechat/types';
 
 import { enableBetterAuth, enableClerk, enableNextAuth } from '@/const/auth';
-import { getAppConfig } from '@/envs/app';
 
 interface CheckAuthParams {
-  accessCode?: string;
   apiKey?: string;
   betterAuthAuthorized?: boolean;
   clerkAuth?: AuthObject;
   nextAuthAuthorized?: boolean;
 }
 /**
- * Check if the provided access code is valid, a user API key should be used or the OAuth 2 header is provided.
+ * Check if authentication is valid based on various auth methods.
  *
  * @param {CheckAuthParams} params - Authentication parameters extracted from headers.
- * @param {string} [params.accessCode] - The access code to check.
  * @param {string} [params.apiKey] - The user API key.
  * @param {boolean} [params.betterAuthAuthorized] - Whether the Better Auth session exists.
  * @param {AuthObject} [params.clerkAuth] - Clerk authentication payload from middleware.
  * @param {boolean} [params.nextAuthAuthorized] - Whether the OAuth 2 header is provided.
- * @throws {AgentRuntimeError} If the access code is invalid and no user API key is provided.
+ * @throws {AgentRuntimeError} If authentication fails.
  */
 export const checkAuthMethod = (params: CheckAuthParams) => {
-  const { apiKey, betterAuthAuthorized, nextAuthAuthorized, accessCode, clerkAuth } = params;
+  const { apiKey, betterAuthAuthorized, nextAuthAuthorized, clerkAuth } = params;
   // clerk auth handler
   if (enableClerk) {
     // if there is no userId, means the use is not login, just throw error
@@ -42,15 +39,4 @@ export const checkAuthMethod = (params: CheckAuthParams) => {
 
   // if apiKey exist
   if (apiKey) return;
-
-  const { ACCESS_CODES } = getAppConfig();
-
-  // if accessCode doesn't exist
-  if (!ACCESS_CODES.length) return;
-
-  if (!accessCode || !ACCESS_CODES.includes(accessCode)) {
-    // Avoid logging user-provided credentials (access code) for security reasons
-    console.warn('Invalid access code provided');
-    throw AgentRuntimeError.createError(ChatErrorType.InvalidAccessCode);
-  }
 };

package/src/app/(backend)/webapi/chat/[provider]/route.test.ts

@@ -62,7 +62,6 @@ describe('POST handler', () => {
 
       // 设置 getJWTPayload 和 initModelRuntimeWithUserPayload 的模拟返回值
       vi.mocked(getXorPayload).mockReturnValueOnce({
-        accessCode: 'test-access-code',
         apiKey: 'test-api-key',
         azureApiVersion: 'v1',
       });
@@ -105,7 +104,6 @@ describe('POST handler', () => {
       mockState.enableClerk = true;
 
       vi.mocked(getXorPayload).mockReturnValueOnce({
-        accessCode: 'test-access-code',
         apiKey: 'test-api-key',
         azureApiVersion: 'v1',
       });
@@ -133,7 +131,6 @@ describe('POST handler', () => {
       await POST(request, { params: mockParams });
 
       expect(checkAuthMethod).toBeCalledWith({
-        accessCode: 'test-access-code',
         apiKey: 'test-api-key',
         betterAuthAuthorized: false,
         clerkAuth: {},
@@ -163,7 +160,6 @@ describe('POST handler', () => {
   describe('chat', () => {
     it('should correctly handle chat completion with valid payload', async () => {
       vi.mocked(getXorPayload).mockReturnValueOnce({
-        accessCode: 'test-access-code',
         apiKey: 'test-api-key',
         azureApiVersion: 'v1',
         userId: 'abc',
@@ -193,7 +189,6 @@ describe('POST handler', () => {
     it('should return an error response when chat completion fails', async () => {
       // 设置 getJWTPayload 和 initAgentRuntimeWithUserPayload 的模拟返回值
       vi.mocked(getXorPayload).mockReturnValueOnce({
-        accessCode: 'test-access-code',
         apiKey: 'test-api-key',
         azureApiVersion: 'v1',
       });

package/src/app/(backend)/webapi/models/[provider]/route.test.ts

@@ -41,7 +41,6 @@ describe('GET handler', () => {
       const mockParams = Promise.resolve({ provider: 'google' });
 
       vi.mocked(getXorPayload).mockReturnValueOnce({
-        accessCode: 'test-access-code',
         apiKey: 'test-api-key',
       });
 
@@ -73,7 +72,6 @@ describe('GET handler', () => {
       const mockParams = Promise.resolve({ provider: 'google' });
 
       vi.mocked(getXorPayload).mockReturnValueOnce({
-        accessCode: 'test-access-code',
         apiKey: 'test-api-key',
       });
 
@@ -103,7 +101,6 @@ describe('GET handler', () => {
       const mockParams = Promise.resolve({ provider: 'google' });
 
       vi.mocked(getXorPayload).mockReturnValueOnce({
-        accessCode: 'test-access-code',
         apiKey: 'test-api-key',
       });
 
@@ -128,7 +125,6 @@ describe('GET handler', () => {
       const mockParams = Promise.resolve({ provider: 'google' });
 
       vi.mocked(getXorPayload).mockReturnValueOnce({
-        accessCode: 'test-access-code',
         apiKey: 'test-api-key',
       });
 
@@ -145,7 +141,6 @@ describe('GET handler', () => {
       const mockParams = Promise.resolve({ provider: 'openai' });
 
       vi.mocked(getXorPayload).mockReturnValueOnce({
-        accessCode: 'test-access-code',
         apiKey: 'test-api-key',
       });
 
@@ -165,7 +160,6 @@ describe('GET handler', () => {
       const mockParams = Promise.resolve({ provider: 'openai' });
 
       vi.mocked(getXorPayload).mockReturnValueOnce({
-        accessCode: 'test-access-code',
         apiKey: 'test-api-key',
       });
 

package/src/app/(backend)/webapi/plugin/gateway/route.ts

@@ -1,36 +1,15 @@
 import { AgentRuntimeError } from '@lobechat/model-runtime';
-import { ChatErrorType, type ErrorType, TraceNameMap } from '@lobechat/types';
-import { getXorPayload } from '@lobechat/utils/server';
+import { ChatErrorType, TraceNameMap } from '@lobechat/types';
 import type { PluginRequestPayload } from '@lobehub/chat-plugin-sdk';
 import { createGatewayOnEdgeRuntime } from '@lobehub/chat-plugins-gateway';
 
-import { LOBE_CHAT_AUTH_HEADER, OAUTH_AUTHORIZED, enableNextAuth } from '@/const/auth';
+import { LOBE_CHAT_AUTH_HEADER } from '@/const/auth';
 import { LOBE_CHAT_TRACE_ID } from '@/const/trace';
 import { getAppConfig } from '@/envs/app';
 import { TraceClient } from '@/libs/traces';
 import { parserPluginSettings } from '@/server/services/pluginGateway/settings';
-import { createErrorResponse } from '@/utils/errorResponse';
 import { getTracePayload } from '@/utils/trace';
 
-const checkAuth = (accessCode: string | null, oauthAuthorized: boolean | null) => {
-  const { ACCESS_CODES, PLUGIN_SETTINGS } = getAppConfig();
-
-  // if there is no plugin settings, just skip the auth
-  if (!PLUGIN_SETTINGS) return { auth: true };
-
-  // If authorized by oauth
-  if (oauthAuthorized && enableNextAuth) return { auth: true };
-
-  // if accessCode doesn't exist
-  if (!ACCESS_CODES.length) return { auth: true };
-
-  if (!accessCode || !ACCESS_CODES.includes(accessCode)) {
-    return { auth: false, error: ChatErrorType.InvalidAccessCode };
-  }
-
-  return { auth: true };
-};
-
 const { PLUGINS_INDEX_URL: pluginsIndexUrl, PLUGIN_SETTINGS } = getAppConfig();
 
 const defaultPluginSettings = parserPluginSettings(PLUGIN_SETTINGS);
@@ -42,15 +21,6 @@ export const POST = async (req: Request) => {
   const authorization = req.headers.get(LOBE_CHAT_AUTH_HEADER);
   if (!authorization) throw AgentRuntimeError.createError(ChatErrorType.Unauthorized);
 
-  const oauthAuthorized = !!req.headers.get(OAUTH_AUTHORIZED);
-  const payload = getXorPayload(authorization);
-
-  const result = checkAuth(payload.accessCode!, oauthAuthorized);
-
-  if (!result.auth) {
-    return createErrorResponse(result.error as ErrorType);
-  }
-
   // TODO: need to be replace by better telemetry system
   // add trace
   const tracePayload = getTracePayload(req);

package/src/app/[variants]/(main)/settings/common/features/Common/Common.tsx

@@ -1,6 +1,6 @@
 'use client';
 
-import { Form, type FormGroupItemType, Icon, ImageSelect, InputPassword } from '@lobehub/ui';
+import { Form, type FormGroupItemType, Icon, ImageSelect } from '@lobehub/ui';
 import { Select, Skeleton } from '@lobehub/ui';
 import { Segmented, Switch } from 'antd';
 import isEqual from 'fast-deep-equal';
@@ -14,8 +14,6 @@ import { isDesktop } from '@/const/version';
 import { localeOptions } from '@/locales/resources';
 import { useGlobalStore } from '@/store/global';
 import { systemStatusSelectors } from '@/store/global/selectors';
-import { useServerConfigStore } from '@/store/serverConfig';
-import { serverConfigSelectors } from '@/store/serverConfig/selectors';
 import { useUserStore } from '@/store/user';
 import { settingsSelectors } from '@/store/user/selectors';
 import { type LocaleMode } from '@/types/locale';
@@ -23,7 +21,6 @@ import { type LocaleMode } from '@/types/locale';
 const Common = memo(() => {
   const { t } = useTranslation('setting');
 
-  const showAccessCodeConfig = useServerConfigStore(serverConfigSelectors.enabledAccessCode);
   const general = useUserStore((s) => settingsSelectors.currentSettings(s).general, isEqual);
   const themeMode = useGlobalStore(systemStatusSelectors.themeMode);
   const language = useGlobalStore(systemStatusSelectors.language);
@@ -137,18 +134,6 @@ const Common = memo(() => {
         name: 'contextMenuMode',
       },
 
-      {
-        children: (
-          <InputPassword
-            autoComplete={'new-password'}
-            placeholder={t('settingSystem.accessCode.placeholder')}
-          />
-        ),
-        desc: t('settingSystem.accessCode.desc'),
-        hidden: !showAccessCodeConfig,
-        label: t('settingSystem.accessCode.title'),
-        name: 'password',
-      },
       {
         children: (
           <Select

package/src/envs/app.ts

@@ -82,6 +82,7 @@ export const getAppConfig = () => {
        * @default false
        */
       enableQueueAgentRuntime: z.boolean().optional(),
+      TELEMETRY_DISABLED: z.boolean().optional(),
     },
     runtimeEnv: {
       // Sentry
@@ -121,6 +122,7 @@ export const getAppConfig = () => {
       MARKET_TRUSTED_CLIENT_ID: process.env.MARKET_TRUSTED_CLIENT_ID,
 
       enableQueueAgentRuntime: process.env.AGENT_RUNTIME_MODE === 'queue',
+      TELEMETRY_DISABLED: process.env.TELEMETRY_DISABLED === '1',
     },
   });
 };

package/src/libs/trpc/lambda/middleware/index.ts

@@ -1,3 +1,4 @@
 export * from './keyVaults';
 export * from './marketUserInfo';
 export * from './serverDatabase';
+export * from './telemetry';

package/src/libs/trpc/lambda/middleware/telemetry.test.ts

@@ -0,0 +1,237 @@
+// @vitest-environment node
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+
+import { appEnv } from '@/envs/app';
+
+import { TelemetryContext, checkTelemetryEnabled } from './telemetry';
+
+const { mockGetUserSettings, mockGetUserPreference, MockUserModel } = vi.hoisted(() => {
+  const mockGetUserSettings = vi.fn();
+  const mockGetUserPreference = vi.fn();
+  const MockUserModel = vi.fn().mockImplementation(() => ({
+    getUserPreference: mockGetUserPreference,
+    getUserSettings: mockGetUserSettings,
+  })) as any;
+  return { MockUserModel, mockGetUserPreference, mockGetUserSettings };
+});
+
+vi.mock('@/envs/app', () => ({
+  appEnv: {
+    TELEMETRY_DISABLED: false,
+  },
+}));
+
+vi.mock('@/database/models/user', () => ({
+  UserModel: MockUserModel,
+}));
+
+describe('checkTelemetryEnabled', () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+    // Reset appEnv mock
+    vi.mocked(appEnv).TELEMETRY_DISABLED = false;
+    // Default mock returns
+    mockGetUserSettings.mockResolvedValue(null);
+    mockGetUserPreference.mockResolvedValue(null);
+  });
+
+  describe('environment variable priority (highest)', () => {
+    it('should return telemetryEnabled: false when TELEMETRY_DISABLED=true', async () => {
+      vi.mocked(appEnv).TELEMETRY_DISABLED = true;
+
+      const result = await checkTelemetryEnabled({
+        serverDB: {} as TelemetryContext['serverDB'],
+        userId: 'test-user',
+      });
+
+      expect(result).toEqual({ telemetryEnabled: false });
+      // Should not call database
+      expect(mockGetUserSettings).not.toHaveBeenCalled();
+    });
+
+    it('should check database when TELEMETRY_DISABLED is false', async () => {
+      await checkTelemetryEnabled({
+        serverDB: {} as TelemetryContext['serverDB'],
+        userId: 'test-user',
+      });
+
+      expect(mockGetUserSettings).toHaveBeenCalled();
+    });
+
+    it('should check database when TELEMETRY_DISABLED is undefined', async () => {
+      vi.mocked(appEnv).TELEMETRY_DISABLED = undefined;
+
+      await checkTelemetryEnabled({
+        serverDB: {} as TelemetryContext['serverDB'],
+        userId: 'test-user',
+      });
+
+      expect(mockGetUserSettings).toHaveBeenCalled();
+    });
+  });
+
+  describe('user_settings.general.telemetry', () => {
+    it('should return telemetryEnabled: true when settings.general.telemetry is true and preference is not set', async () => {
+      mockGetUserSettings.mockResolvedValue({
+        general: { telemetry: true },
+      });
+      mockGetUserPreference.mockResolvedValue(null);
+
+      const result = await checkTelemetryEnabled({
+        serverDB: {} as TelemetryContext['serverDB'],
+        userId: 'test-user',
+      });
+
+      expect(result).toEqual({ telemetryEnabled: true });
+    });
+
+    it('should return telemetryEnabled: false from settings.general', async () => {
+      mockGetUserSettings.mockResolvedValue({
+        general: { telemetry: false },
+      });
+
+      const result = await checkTelemetryEnabled({
+        serverDB: {} as TelemetryContext['serverDB'],
+        userId: 'test-user',
+      });
+
+      expect(result).toEqual({ telemetryEnabled: false });
+    });
+
+    it('should check preference when settings.general.telemetry is not set', async () => {
+      mockGetUserSettings.mockResolvedValue({
+        general: { fontSize: 14 }, // no telemetry field
+      });
+      mockGetUserPreference.mockResolvedValue({ telemetry: true });
+
+      const result = await checkTelemetryEnabled({
+        serverDB: {} as TelemetryContext['serverDB'],
+        userId: 'test-user',
+      });
+
+      // Should fall back to preference.telemetry
+      expect(result).toEqual({ telemetryEnabled: true });
+      expect(mockGetUserPreference).toHaveBeenCalled();
+    });
+  });
+
+  describe('users.preference.telemetry (deprecated, fallback)', () => {
+    it('should return telemetryEnabled: true from preference.telemetry', async () => {
+      mockGetUserSettings.mockResolvedValue(null);
+      mockGetUserPreference.mockResolvedValue({ telemetry: true });
+
+      const result = await checkTelemetryEnabled({
+        serverDB: {} as TelemetryContext['serverDB'],
+        userId: 'test-user',
+      });
+
+      expect(result).toEqual({ telemetryEnabled: true });
+    });
+
+    it('should return telemetryEnabled: false from preference.telemetry', async () => {
+      mockGetUserSettings.mockResolvedValue(null);
+      mockGetUserPreference.mockResolvedValue({ telemetry: false });
+
+      const result = await checkTelemetryEnabled({
+        serverDB: {} as TelemetryContext['serverDB'],
+        userId: 'test-user',
+      });
+
+      expect(result).toEqual({ telemetryEnabled: false });
+    });
+
+    it('should use preference.telemetry when settings.general.telemetry is not false', async () => {
+      mockGetUserSettings.mockResolvedValue({
+        general: { telemetry: true },
+      });
+      mockGetUserPreference.mockResolvedValue({ telemetry: false });
+
+      const result = await checkTelemetryEnabled({
+        serverDB: {} as TelemetryContext['serverDB'],
+        userId: 'test-user',
+      });
+
+      // preference.telemetry is checked when settings.general.telemetry is not false
+      expect(result).toEqual({ telemetryEnabled: false });
+      expect(mockGetUserPreference).toHaveBeenCalled();
+    });
+
+    it('should not call getUserPreference when settings.general.telemetry is explicitly false', async () => {
+      mockGetUserSettings.mockResolvedValue({
+        general: { telemetry: false },
+      });
+      mockGetUserPreference.mockResolvedValue({ telemetry: true });
+
+      const result = await checkTelemetryEnabled({
+        serverDB: {} as TelemetryContext['serverDB'],
+        userId: 'test-user',
+      });
+
+      expect(result).toEqual({ telemetryEnabled: false });
+      expect(mockGetUserPreference).not.toHaveBeenCalled();
+    });
+  });
+
+  describe('default value', () => {
+    it('should default to true when settings is null', async () => {
+      mockGetUserSettings.mockResolvedValue(null);
+
+      const result = await checkTelemetryEnabled({
+        serverDB: {} as TelemetryContext['serverDB'],
+        userId: 'test-user',
+      });
+
+      // Default to true (enabled) unless explicitly disabled
+      expect(result).toEqual({ telemetryEnabled: true });
+    });
+
+    it('should default to true when general is null', async () => {
+      mockGetUserSettings.mockResolvedValue({
+        general: null,
+      });
+
+      const result = await checkTelemetryEnabled({
+        serverDB: {} as TelemetryContext['serverDB'],
+        userId: 'test-user',
+      });
+
+      // Default to true (enabled) unless explicitly disabled
+      expect(result).toEqual({ telemetryEnabled: true });
+    });
+  });
+
+  describe('missing context', () => {
+    it('should return telemetryEnabled: false when userId is missing', async () => {
+      const result = await checkTelemetryEnabled({
+        serverDB: {} as TelemetryContext['serverDB'],
+        userId: null,
+      });
+
+      expect(result).toEqual({ telemetryEnabled: false });
+      expect(mockGetUserSettings).not.toHaveBeenCalled();
+    });
+
+    it('should return telemetryEnabled: false when serverDB is missing', async () => {
+      const result = await checkTelemetryEnabled({
+        serverDB: undefined,
+        userId: 'test-user',
+      });
+
+      expect(result).toEqual({ telemetryEnabled: false });
+      expect(mockGetUserSettings).not.toHaveBeenCalled();
+    });
+  });
+
+  describe('error handling', () => {
+    it('should return telemetryEnabled: false when getUserSettings fails', async () => {
+      mockGetUserSettings.mockRejectedValue(new Error('Database error'));
+
+      const result = await checkTelemetryEnabled({
+        serverDB: {} as TelemetryContext['serverDB'],
+        userId: 'test-user',
+      });
+
+      expect(result).toEqual({ telemetryEnabled: false });
+    });
+  });
+});

package/src/libs/trpc/lambda/middleware/telemetry.ts

@@ -0,0 +1,74 @@
+import type { LobeChatDatabase } from '@lobechat/database';
+import type { UserGeneralConfig } from '@lobechat/types';
+
+import { UserModel } from '@/database/models/user';
+import { appEnv } from '@/envs/app';
+
+import { trpc } from '../init';
+
+export interface TelemetryContext {
+  serverDB?: LobeChatDatabase;
+  userId?: string | null;
+}
+
+export interface TelemetryResult {
+  telemetryEnabled: boolean;
+}
+
+/**
+ * Check if telemetry is enabled for the current user
+ *
+ * Priority:
+ * 1. Environment variable TELEMETRY_DISABLED=1 → telemetryEnabled: false (highest priority)
+ * 2. User settings from database user_settings.general.telemetry (new location)
+ * 3. User preference from database users.preference.telemetry (old location, deprecated)
+ * 4. Default to true if not explicitly set
+ */
+export const checkTelemetryEnabled = async (ctx: TelemetryContext): Promise<TelemetryResult> => {
+  // Priority 1: Check environment variable (highest priority)
+  if (appEnv.TELEMETRY_DISABLED) {
+    return { telemetryEnabled: false };
+  }
+
+  // If userId or serverDB is not available, default to disabled
+  if (!ctx.userId || !ctx.serverDB) {
+    return { telemetryEnabled: false };
+  }
+
+  try {
+    const userModel = new UserModel(ctx.serverDB, ctx.userId);
+
+    // Priority 2: Check user settings (new location: settings.general.telemetry)
+    const settings = await userModel.getUserSettings();
+    const generalConfig = settings?.general as UserGeneralConfig | null | undefined;
+
+    if (generalConfig?.telemetry === false) {
+      return { telemetryEnabled: false };
+    }
+
+    // Priority 3: Check user preference (old location: preference.telemetry)
+    const preference = await userModel.getUserPreference();
+
+    if (typeof preference?.telemetry === 'boolean') {
+      return { telemetryEnabled: preference?.telemetry };
+    }
+
+    // Priority 4: Default to true if not explicitly set
+    return { telemetryEnabled: true };
+  } catch {
+    // If fetching user settings fails, default to disabled
+    return { telemetryEnabled: false };
+  }
+};
+
+/**
+ * Middleware that checks if telemetry is enabled for the current user
+ * and adds telemetryEnabled to the context
+ *
+ * Requires serverDatabase middleware to be applied first
+ */
+export const telemetry = trpc.middleware(async (opts) => {
+  const result = await checkTelemetryEnabled(opts.ctx as TelemetryContext);
+
+  return opts.next({ ctx: result });
+});

package/src/locales/default/setting.ts

@@ -442,9 +442,6 @@ export default {
   'settingOpening.openingQuestions.title': 'Opening Questions',
   'settingOpening.title': 'Opening Settings',
   'settingPlugin.title': 'Skill List',
-  'settingSystem.accessCode.desc': 'Encryption access is enabled by the administrator',
-  'settingSystem.accessCode.placeholder': 'Enter access password',
-  'settingSystem.accessCode.title': 'Access Password',
   'settingSystem.oauth.info.desc': 'Logged in',
   'settingSystem.oauth.info.title': 'Account Information',
   'settingSystem.oauth.signin.action': 'Sign In',