@lobehub/lobehub 2.0.0-next.20 → 2.0.0-next.22

package/.github/workflows/claude-auto-testing.yml

@@ -0,0 +1,73 @@
+name: Claude Auto Testing Coverage
+description: Automatically add unit tests to improve code coverage
+
+on:
+  schedule:
+    # Run daily at 05:30 UTC (13:30 Beijing Time)
+    - cron: '30 5 * * *'
+  workflow_dispatch:
+    inputs:
+      target_module:
+        description: 'Specific module to add tests (e.g., packages/database, src/services/user)'
+        required: false
+        type: string
+
+concurrency:
+  group: auto-testing
+  cancel-in-progress: false
+
+jobs:
+  add-tests:
+    runs-on: ubuntu-latest
+    timeout-minutes: 45
+    permissions:
+      contents: write
+      pull-requests: write
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v5
+        with:
+          fetch-depth: 1
+
+      - name: Setup Bun
+        uses: oven-sh/setup-bun@v2
+
+      - name: Install dependencies
+        run: bun install --frozen-lockfile
+
+      - name: Configure Git
+        run: |
+          git config --global user.name "claude-bot[bot]"
+          git config --global user.email "claude-bot[bot]@users.noreply.github.com"
+
+      - name: Copy testing prompt
+        run: |
+          mkdir -p /tmp/claude-prompts
+          cp .claude/prompts/auto-testing.md /tmp/claude-prompts/
+
+      - name: Run Claude Code for Auto Testing
+        uses: anthropics/claude-code-action@main
+        with:
+          github_token: ${{ secrets.GH_TOKEN }}
+          allowed_non_write_users: "*"
+          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
+          claude_args: "--allowed-tools Bash,Read,Edit,Write,Glob,Grep"
+          prompt: |
+            Follow the auto testing guide located at:
+            ```bash
+            cat /tmp/claude-prompts/auto-testing.md
+            ```
+
+            ## Task Assignment
+
+            ${{ inputs.target_module && format('Process the specified module: {0}', inputs.target_module) || 'Automatically select one module from the target directories that needs test coverage' }}
+
+            ## Environment Information
+            - Repository: ${{ github.repository }}
+            - Branch: ${{ github.ref_name }}
+            - Target Module: ${{ inputs.target_module || 'Auto-select' }}
+            - Run ID: ${{ github.run_id }}
+
+            **Start the auto testing process now.**

package/.github/workflows/claude-translate-comments.yml

@@ -0,0 +1,67 @@
+name: Claude Translate Non-English Comments
+description: Automatically detect and translate non-English comments to English in codebase
+
+on:
+  schedule:
+    # Run daily at 02:00 UTC (10:00 Beijing Time)
+    - cron: '0 2 * * *'
+  workflow_dispatch:
+    inputs:
+      target_module:
+        description: 'Specific module to translate (e.g., packages/database, apps/desktop/src/modules/auth)'
+        required: false
+        type: string
+
+concurrency:
+  group: translate-comments
+  cancel-in-progress: false
+
+jobs:
+  translate-comments:
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+    permissions:
+      contents: write
+      pull-requests: write
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v5
+        with:
+          fetch-depth: 1
+
+      - name: Configure Git
+        run: |
+          git config --global user.name "claude-bot[bot]"
+          git config --global user.email "claude-bot[bot]@users.noreply.github.com"
+
+      - name: Copy translation prompt
+        run: |
+          mkdir -p /tmp/claude-prompts
+          cp .claude/prompts/translate-comments.md /tmp/claude-prompts/
+
+      - name: Run Claude Code for Comment Translation
+        uses: anthropics/claude-code-action@main
+        with:
+          github_token: ${{ secrets.GH_TOKEN }}
+          allowed_non_write_users: "*"
+          claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
+          claude_args: "--allowed-tools Bash,Read,Edit,Glob,Grep"
+          prompt: |
+            Follow the translation guide located at:
+            ```bash
+            cat /tmp/claude-prompts/translate-comments.md
+            ```
+
+            ## Task Assignment
+
+            ${{ inputs.target_module && format('Process the specified module: {0}', inputs.target_module) || 'Automatically select one module from the target directories that has not been processed recently' }}
+
+            ## Environment Information
+            - Repository: ${{ github.repository }}
+            - Branch: ${{ github.ref_name }}
+            - Target Module: ${{ inputs.target_module || 'Auto-select' }}
+            - Run ID: ${{ github.run_id }}
+
+            **Start the translation process now.**

package/.github/workflows/release.yml

@@ -54,7 +54,7 @@ jobs:
         env:
           DATABASE_TEST_URL: postgresql://postgres:postgres@localhost:5432/postgres
           DATABASE_DRIVER: node
-          KEY_VAULTS_SECRET: LA7n9k3JdEcbSgml2sxfw+4TV1AzaaFU5+R176aQz4s=
+          KEY_VAULTS_SECRET: Kix2wcUONd4CX51E/ZPAd36BqM4wzJgKjPtz2sGztqQ=
           S3_PUBLIC_DOMAIN: https://example.com
           APP_URL: https://home.com
 

package/.github/workflows/test.yml

@@ -119,6 +119,43 @@ jobs:
           files: ./coverage/app/lcov.info
           flags: app
 
+  test-desktop:
+    name: Test Desktop App
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v5
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v6
+        with:
+          node-version: 24
+          package-manager-cache: false
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@v2
+        with:
+          version: 10
+
+      - name: Install deps
+        run: pnpm install
+        working-directory: apps/desktop
+        env:
+          NODE_OPTIONS: --max-old-space-size=6144
+
+
+      - name: Test Desktop Client
+        run: pnpm test
+        working-directory: apps/desktop
+
+      - name: Upload Desktop App Coverage to Codecov
+        uses: codecov/codecov-action@v5
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          files: ./apps/desktop/coverage/lcov.info
+          flags: desktop
+
   test-databsae:
     name: Test Database
 
@@ -156,7 +193,7 @@ jobs:
       - name: Test Client DB
         run: pnpm --filter @lobechat/database test:client-db
         env:
-          KEY_VAULTS_SECRET: LA7n9k3JdEcbSgml2sxfw+4TV1AzaaFU5+R176aQz4s=
+          KEY_VAULTS_SECRET: Kix2wcUONd4CX51E/ZPAd36BqM4wzJgKjPtz2sGztqQ=
           S3_PUBLIC_DOMAIN: https://example.com
           APP_URL: https://home.com
 
@@ -165,7 +202,7 @@ jobs:
         env:
           DATABASE_TEST_URL: postgresql://postgres:postgres@localhost:5432/postgres
           DATABASE_DRIVER: node
-          KEY_VAULTS_SECRET: LA7n9k3JdEcbSgml2sxfw+4TV1AzaaFU5+R176aQz4s=
+          KEY_VAULTS_SECRET: Kix2wcUONd4CX51E/ZPAd36BqM4wzJgKjPtz2sGztqQ=
           S3_PUBLIC_DOMAIN: https://example.com
           APP_URL: https://home.com
 

package/CHANGELOG.md

@@ -2,6 +2,48 @@
 
 # Changelog
 
+## [Version 2.0.0-next.22](https://github.com/lobehub/lobe-chat/compare/v2.0.0-next.21...v2.0.0-next.22)
+
+<sup>Released on **2025-11-04**</sup>
+
+<br/>
+
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+
+</details>
+
+<div align="right">
+
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+
+</div>
+
+## [Version 2.0.0-next.21](https://github.com/lobehub/lobe-chat/compare/v2.0.0-next.20...v2.0.0-next.21)
+
+<sup>Released on **2025-11-04**</sup>
+
+#### 🐛 Bug Fixes
+
+- **misc**: Fix oidc auth timeout issue on the desktop.
+
+<br/>
+
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+
+#### What's fixed
+
+- **misc**: Fix oidc auth timeout issue on the desktop, closes [#10025](https://github.com/lobehub/lobe-chat/issues/10025) ([20666db](https://github.com/lobehub/lobe-chat/commit/20666db))
+
+</details>
+
+<div align="right">
+
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+
+</div>
+
 ## [Version 2.0.0-next.20](https://github.com/lobehub/lobe-chat/compare/v2.0.0-next.19...v2.0.0-next.20)
 
 <sup>Released on **2025-11-03**</sup>

package/apps/desktop/package.json

@@ -72,7 +72,7 @@
     "tsx": "^4.19.3",
     "typescript": "^5.7.3",
     "undici": "^7.9.0",
-    "vite": "^6.3.5",
+    "vite": "^7.1.12",
     "vitest": "^3.2.4"
   },
   "pnpm": {

package/apps/desktop/src/main/controllers/AuthCtr.ts

@@ -14,39 +14,38 @@ const logger = createLogger('controllers:AuthCtr');
 
 /**
  * Authentication Controller
- * 使用中间页 + 轮询的方式实现 OAuth 授权流程
+ * Implements OAuth authorization flow using intermediate page + polling mechanism
  */
 export default class AuthCtr extends ControllerModule {
   /**
-   * 远程服务器配置控制器
+   * Remote server configuration controller
    */
   private get remoteServerConfigCtr() {
     return this.app.getController(RemoteServerConfigCtr);
   }
 
   /**
-   * 当前的 PKCE 参数
+   * Current PKCE parameters
    */
   private codeVerifier: string | null = null;
   private authRequestState: string | null = null;
 
   /**
-   * 轮询相关参数
+   * Polling related parameters
    */
   // eslint-disable-next-line no-undef
   private pollingInterval: NodeJS.Timeout | null = null;
   private cachedRemoteUrl: string | null = null;
 
   /**
-   * 自动刷新定时器
+   * Auto-refresh timer
    */
   // eslint-disable-next-line no-undef
   private autoRefreshTimer: NodeJS.Timeout | null = null;
 
   /**
-   * 构造 redirect_uri，确保授权和令牌交换时使用相同的 URI
-   * @param remoteUrl 远程服务器 URL
-   * @param includeHandoffId 是否包含 handoff ID（仅在授权时需要）
+   * Construct redirect_uri, ensuring the same URI is used for authorization and token exchange
+   * @param remoteUrl Remote server URL
    */
   private constructRedirectUri(remoteUrl: string): string {
     const callbackUrl = new URL('/oidc/callback/desktop', remoteUrl);
@@ -59,9 +58,12 @@ export default class AuthCtr extends ControllerModule {
    */
   @ipcClientEvent('requestAuthorization')
   async requestAuthorization(config: DataSyncConfig) {
+    // Clear any old authorization state
+    this.clearAuthorizationState();
+
     const remoteUrl = await this.remoteServerConfigCtr.getRemoteServerUrl(config);
 
-    // 缓存远程服务器 URL 用于后续轮询
+    // Cache remote server URL for subsequent polling
     this.cachedRemoteUrl = remoteUrl;
 
     logger.info(
@@ -115,7 +117,7 @@ export default class AuthCtr extends ControllerModule {
   }
 
   /**
-   * 启动轮询机制获取凭证
+   * Start polling mechanism to retrieve credentials
    */
   private startPolling() {
     if (!this.authRequestState) {
@@ -133,7 +135,7 @@ export default class AuthCtr extends ControllerModule {
         // Check if polling has timed out
         if (Date.now() - startTime > maxPollTime) {
           logger.warn('Credential polling timed out');
-          this.stopPolling();
+          this.clearAuthorizationState();
           this.broadcastAuthorizationFailed('Authorization timed out');
           return;
         }
@@ -167,14 +169,14 @@ export default class AuthCtr extends ControllerModule {
         }
       } catch (error) {
         logger.error('Error during credential polling:', error);
-        this.stopPolling();
+        this.clearAuthorizationState();
         this.broadcastAuthorizationFailed('Polling error: ' + error.message);
       }
     }, pollInterval);
   }
 
   /**
-   * 停止轮询
+   * Stop polling
    */
   private stopPolling() {
     if (this.pollingInterval) {
@@ -184,18 +186,30 @@ export default class AuthCtr extends ControllerModule {
   }
 
   /**
-   * 启动自动刷新定时器
+   * Clear authorization state
+   * Called before starting a new authorization flow or after authorization failure/timeout
+   */
+  private clearAuthorizationState() {
+    logger.debug('Clearing authorization state');
+    this.stopPolling();
+    this.codeVerifier = null;
+    this.authRequestState = null;
+    this.cachedRemoteUrl = null;
+  }
+
+  /**
+   * Start auto-refresh timer
    */
   private startAutoRefresh() {
-    // 先停止现有的定时器
+    // Stop existing timer first
     this.stopAutoRefresh();
 
-    const checkInterval = 2 * 60 * 1000; // 每 2 分钟检查一次
+    const checkInterval = 2 * 60 * 1000; // Check every 2 minutes
     logger.debug('Starting auto-refresh timer');
 
     this.autoRefreshTimer = setInterval(async () => {
       try {
-        // 检查 token 是否即将过期 (提前 5 分钟刷新)
+        // Check if token is expiring soon (refresh 5 minutes in advance)
         if (this.remoteServerConfigCtr.isTokenExpiringSoon()) {
           const expiresAt = this.remoteServerConfigCtr.getTokenExpiresAt();
           logger.info(
@@ -208,7 +222,7 @@ export default class AuthCtr extends ControllerModule {
             this.broadcastTokenRefreshed();
           } else {
             logger.error(`Auto-refresh failed: ${result.error}`);
-            // 如果自动刷新失败，停止定时器并清除 token
+            // If auto-refresh fails, stop timer and clear token
             this.stopAutoRefresh();
             await this.remoteServerConfigCtr.clearTokens();
             await this.remoteServerConfigCtr.setRemoteServerConfig({ active: false });
@@ -222,7 +236,7 @@ export default class AuthCtr extends ControllerModule {
   }
 
   /**
-   * 停止自动刷新定时器
+   * Stop auto-refresh timer
    */
   private stopAutoRefresh() {
     if (this.autoRefreshTimer) {
@@ -233,8 +247,8 @@ export default class AuthCtr extends ControllerModule {
   }
 
   /**
-   * 轮询获取凭证
-   * 直接发送 HTTP 请求到远程服务器
+   * Poll for credentials
+   * Sends HTTP request directly to remote server
    */
   private async pollForCredentials(): Promise<{ code: string; state: string } | null> {
     if (!this.authRequestState || !this.cachedRemoteUrl) {
@@ -242,17 +256,17 @@ export default class AuthCtr extends ControllerModule {
     }
 
     try {
-      // 使用缓存的远程服务器 URL
+      // Use cached remote server URL
       const remoteUrl = this.cachedRemoteUrl;
 
-      // 构造请求 URL
+      // Construct request URL
       const url = new URL('/oidc/handoff', remoteUrl);
       url.searchParams.set('id', this.authRequestState);
       url.searchParams.set('client', 'desktop');
 
       logger.debug(`Polling for credentials: ${url.toString()}`);
 
-      // 直接发送 HTTP 请求
+      // Send HTTP request directly
       const response = await fetch(url.toString(), {
         headers: {
           'Content-Type': 'application/json',
@@ -260,9 +274,9 @@ export default class AuthCtr extends ControllerModule {
         method: 'GET',
       });
 
-      // 检查响应状态
+      // Check response status
       if (response.status === 404) {
-        // 凭证还未准备好，这是正常情况
+        // Credentials not ready yet, this is normal
         return null;
       }
 
@@ -270,7 +284,7 @@ export default class AuthCtr extends ControllerModule {
         throw new Error(`HTTP ${response.status}: ${response.statusText}`);
       }
 
-      // 解析响应数据
+      // Parse response data
       const data = (await response.json()) as {
         data: {
           id: string;
@@ -511,7 +525,7 @@ export default class AuthCtr extends ControllerModule {
   }
 
   /**
-   * 应用启动后初始化
+   * Initialize after app is ready
    */
   afterAppReady() {
     logger.debug('AuthCtr initialized, checking for existing tokens');
@@ -519,7 +533,7 @@ export default class AuthCtr extends ControllerModule {
   }
 
   /**
-   * 清理所有定时器
+   * Clean up all timers
    */
   cleanup() {
     logger.debug('Cleaning up AuthCtr timers');
@@ -528,14 +542,14 @@ export default class AuthCtr extends ControllerModule {
   }
 
   /**
-   * 初始化自动刷新功能
-   * 在应用启动时检查是否有有效的 token，如果有就启动自动刷新定时器
+   * Initialize auto-refresh functionality
+   * Checks for valid token at app startup and starts auto-refresh timer if token exists
    */
   private async initializeAutoRefresh() {
     try {
       const config = await this.remoteServerConfigCtr.getRemoteServerConfig();
 
-      // 检查是否配置了远程服务器且处于活动状态
+      // Check if remote server is configured and active
       if (!config.active || !config.remoteServerUrl) {
         logger.debug(
           'Remote server not active or configured, skipping auto-refresh initialization',
@@ -543,36 +557,36 @@ export default class AuthCtr extends ControllerModule {
         return;
       }
 
-      // 检查是否有有效的访问令牌
+      // Check if valid access token exists
       const accessToken = await this.remoteServerConfigCtr.getAccessToken();
       if (!accessToken) {
         logger.debug('No access token found, skipping auto-refresh initialization');
         return;
       }
 
-      // 检查是否有过期时间信息
+      // Check if token expiration time exists
       const expiresAt = this.remoteServerConfigCtr.getTokenExpiresAt();
       if (!expiresAt) {
         logger.debug('No token expiration time found, skipping auto-refresh initialization');
         return;
       }
 
-      // 检查 token 是否已经过期
+      // Check if token has already expired
       const currentTime = Date.now();
       if (currentTime >= expiresAt) {
         logger.info('Token has expired, attempting to refresh it');
 
-        // 尝试刷新 token
+        // Attempt to refresh token
         const refreshResult = await this.remoteServerConfigCtr.refreshAccessToken();
         if (refreshResult.success) {
           logger.info('Token refresh successful during initialization');
           this.broadcastTokenRefreshed();
-          // 重新启动自动刷新定时器
+          // Restart auto-refresh timer
           this.startAutoRefresh();
           return;
         } else {
           logger.error(`Token refresh failed during initialization: ${refreshResult.error}`);
-          // 只有在刷新失败时才清除 token 并要求重新授权
+          // Clear token and require re-authorization only on refresh failure
           await this.remoteServerConfigCtr.clearTokens();
           await this.remoteServerConfigCtr.setRemoteServerConfig({ active: false });
           this.broadcastAuthorizationRequired();
@@ -580,7 +594,7 @@ export default class AuthCtr extends ControllerModule {
         }
       }
 
-      // 启动自动刷新定时器
+      // Start auto-refresh timer
       logger.info(
         `Token is valid, starting auto-refresh timer. Token expires at: ${new Date(expiresAt).toISOString()}`,
       );

package/apps/desktop/src/main/controllers/MenuCtr.ts

@@ -2,16 +2,16 @@ import { ControllerModule, ipcClientEvent } from './index';
 
 export default class MenuController extends ControllerModule {
   /**
-   * 刷新菜单
+   * Refresh menu
    */
   @ipcClientEvent('refreshAppMenu')
   refreshAppMenu() {
-    // 注意：可能需要根据具体情况决定是否允许渲染进程刷新所有菜单
+    // Note: May need to decide whether to allow renderer process to refresh all menus based on specific circumstances
     return this.app.menuManager.refreshMenus();
   }
 
   /**
-   * 显示上下文菜单
+   * Show context menu
    */
   @ipcClientEvent('showContextMenu')
   showContextMenu(params: { data?: any; type: string }) {
@@ -19,11 +19,11 @@ export default class MenuController extends ControllerModule {
   }
 
   /**
-   * 设置开发菜单可见性
+   * Set development menu visibility
    */
   @ipcClientEvent('setDevMenuVisibility')
   setDevMenuVisibility(visible: boolean) {
-    // 调用 MenuManager 的方法来重建应用菜单
+    // Call MenuManager method to rebuild application menu
     return this.app.menuManager.rebuildAppMenu({ showDevItems: visible });
   }
 }