@lobehub/lobehub 2.0.0-next.355 → 2.0.0-next.356

package/scripts/prebuild.mts

@@ -9,10 +9,11 @@ import { fileURLToPath } from 'node:url';
 
 // Use createRequire for CommonJS module compatibility
 const require = createRequire(import.meta.url);
-const { checkDeprecatedClerkEnv } = require('./_shared/checkDeprecatedClerkEnv.js');
+const { checkDeprecatedAuth } = require('./_shared/checkDeprecatedAuth.js');
 
 const isDesktop = process.env.NEXT_PUBLIC_IS_DESKTOP_APP === '1';
 const isBundleAnalyzer = process.env.ANALYZE === 'true' && process.env.CI === 'true';
+const isServerDB = !!process.env.DATABASE_URL;
 
 if (isDesktop) {
   dotenvExpand.expand(dotenv.config({ path: '.env.desktop' }));
@@ -21,10 +22,40 @@ if (isDesktop) {
   dotenvExpand.expand(dotenv.config());
 }
 
-// Auth flags - use process.env directly for build-time dead code elimination
-// Better Auth is the default auth solution when NextAuth is not explicitly enabled
-const enableNextAuth = process.env.NEXT_PUBLIC_ENABLE_NEXT_AUTH === '1';
-const enableBetterAuth = !enableNextAuth;
+const AUTH_SECRET_DOC_URL = 'https://lobehub.com/docs/self-hosting/environment-variables/auth#auth-secret';
+const KEY_VAULTS_SECRET_DOC_URL = 'https://lobehub.com/docs/self-hosting/environment-variables/basic#key-vaults-secret';
+
+/**
+ * Check for required environment variables in server database mode
+ */
+const checkRequiredEnvVars = () => {
+  if (isDesktop || !isServerDB) return;
+
+  const missingVars: { docUrl: string; name: string }[] = [];
+
+  if (!process.env.AUTH_SECRET) {
+    missingVars.push({ docUrl: AUTH_SECRET_DOC_URL, name: 'AUTH_SECRET' });
+  }
+
+  if (!process.env.KEY_VAULTS_SECRET) {
+    missingVars.push({ docUrl: KEY_VAULTS_SECRET_DOC_URL, name: 'KEY_VAULTS_SECRET' });
+  }
+
+  if (missingVars.length > 0) {
+    console.error('\n' + '═'.repeat(70));
+    console.error('❌ ERROR: Missing required environment variables!');
+    console.error('═'.repeat(70));
+    console.error('\nThe following environment variables are required for server database mode:\n');
+    for (const { name, docUrl } of missingVars) {
+      console.error(`  • ${name}`);
+      console.error(`    📖 Documentation: ${docUrl}\n`);
+    }
+    console.error('Please configure these environment variables and redeploy.');
+    console.error('═'.repeat(70) + '\n');
+    process.exit(1);
+  }
+};
+
 
 const getCommandVersion = (command: string): string | null => {
   try {
@@ -58,13 +89,32 @@ const printEnvInfo = () => {
   console.log(`    VERCEL_PROJECT_PRODUCTION_URL: ${process.env.VERCEL_PROJECT_PRODUCTION_URL ?? '(not set)'}`);
   console.log(`    AUTH_EMAIL_VERIFICATION: ${process.env.AUTH_EMAIL_VERIFICATION ?? '(not set)'}`);
   console.log(`    ENABLE_MAGIC_LINK: ${process.env.ENABLE_MAGIC_LINK ?? '(not set)'}`);
-  console.log(`    AUTH_SECRET: ${process.env.AUTH_SECRET ? '✓ set' : '✗ not set'}`);
-  console.log(`    KEY_VAULTS_SECRET: ${process.env.KEY_VAULTS_SECRET ? '✓ set' : '✗ not set'}`);
 
-  // Auth flags
-  console.log('\n  Auth Flags:');
-  console.log(`    enableBetterAuth: ${enableBetterAuth}`);
-  console.log(`    enableNextAuth: ${enableNextAuth}`);
+  // Check SSO providers configuration
+  const ssoProviders = process.env.AUTH_SSO_PROVIDERS;
+  console.log(`    AUTH_SSO_PROVIDERS: ${ssoProviders ?? '(not set)'}`);
+
+  if (ssoProviders) {
+    const getEnvPrefix = (provider: string) => `AUTH_${provider.toUpperCase().replaceAll('-', '_')}`;
+
+    const providers = ssoProviders.split(/[,，]/).map(p => p.trim()).filter(Boolean);
+    const missingProviders: string[] = [];
+
+    for (const provider of providers) {
+      const envPrefix = getEnvPrefix(provider);
+      const hasEnvVar = Object.keys(process.env).some(key => key.startsWith(envPrefix));
+      if (!hasEnvVar) {
+        missingProviders.push(provider);
+      }
+    }
+
+    if (missingProviders.length > 0) {
+      console.log('\n  ⚠️  SSO Provider Configuration Warning:');
+      for (const provider of missingProviders) {
+        console.log(`    - "${provider}" is configured but no ${getEnvPrefix(provider)}_* env vars found`);
+      }
+    }
+  }
 
   console.log('─'.repeat(50));
 };
@@ -160,8 +210,11 @@ export const runPrebuild = async (targetDir: string = 'src') => {
 const isMainModule = process.argv[1] === fileURLToPath(import.meta.url);
 
 if (isMainModule) {
-  // Check for deprecated Clerk env vars first - fail fast if found
-  checkDeprecatedClerkEnv();
+  // Check for deprecated auth env vars first - fail fast if found
+  checkDeprecatedAuth();
+
+  // Check for required env vars in server database mode
+  checkRequiredEnvVars();
 
   printEnvInfo();
   // 执行删除操作

package/scripts/serverLauncher/startServer.js

@@ -7,11 +7,11 @@ const { existsSync } = require('node:fs');
 // Resolve shared module path for both local dev and Docker environments
 // Local: scripts/serverLauncher/startServer.js -> scripts/_shared/...
 // Docker: /app/startServer.js -> /app/scripts/_shared/...
-const localPath = path.join(__dirname, '..', '_shared', 'checkDeprecatedClerkEnv.js');
-const dockerPath = '/app/scripts/_shared/checkDeprecatedClerkEnv.js';
+const localPath = path.join(__dirname, '..', '_shared', 'checkDeprecatedAuth.js');
+const dockerPath = '/app/scripts/_shared/checkDeprecatedAuth.js';
 const sharedModulePath = existsSync(localPath) ? localPath : dockerPath;
 
-const { checkDeprecatedClerkEnv } = require(sharedModulePath);
+const { checkDeprecatedAuth } = require(sharedModulePath);
 
 // Set file paths
 const DB_MIGRATION_SCRIPT_PATH = '/app/docker.cjs';
@@ -139,8 +139,8 @@ const runServer = async () => {
 
 // Main execution block
 (async () => {
-  // Check for deprecated Clerk env vars first - fail fast if found
-  checkDeprecatedClerkEnv({ action: 'restart' });
+  // Check for deprecated auth env vars first - fail fast if found
+  checkDeprecatedAuth({ action: 'restart' });
 
   console.log('🌐 DNS Server:', dns.getServers());
   console.log('-------------------------------------');

package/src/app/(backend)/api/auth/[...all]/route.ts

@@ -1,32 +1,14 @@
+import { toNextJsHandler } from 'better-auth/next-js';
 import type { NextRequest } from 'next/server';
 
-import { enableBetterAuth, enableNextAuth } from '@/envs/auth';
+import { auth } from '@/auth';
 
-const createHandler = async () => {
-  if (enableBetterAuth) {
-    const [{ toNextJsHandler }, { auth }] = await Promise.all([
-      import('better-auth/next-js'),
-      import('@/auth'),
-    ]);
-    return toNextJsHandler(auth);
-  }
-
-  if (enableNextAuth) {
-    const NextAuthNode = await import('@/libs/next-auth');
-    return NextAuthNode.default.handlers;
-  }
-
-  return { GET: undefined, POST: undefined };
-};
-
-const handler = createHandler();
+const handler = toNextJsHandler(auth);
 
 export const GET = async (req: NextRequest) => {
-  const { GET } = await handler;
-  return GET?.(req);
+  return handler.GET(req);
 };
 
 export const POST = async (req: NextRequest) => {
-  const { POST } = await handler;
-  return POST?.(req);
+  return handler.POST(req);
 };

package/src/app/(backend)/api/webhooks/casdoor/route.ts

@@ -3,7 +3,7 @@ import { NextResponse } from 'next/server';
 import { serverDB } from '@/database/server';
 import { authEnv } from '@/envs/auth';
 import { pino } from '@/libs/logger';
-import { NextAuthUserService } from '@/server/services/nextAuthUser';
+import { WebhookUserService } from '@/server/services/webhookUser';
 
 import { validateRequest } from './validateRequest';
 
@@ -19,13 +19,13 @@ export const POST = async (req: Request): Promise<NextResponse> => {
 
   const { action, object } = payload;
 
-  const nextAuthUserService = new NextAuthUserService(serverDB);
+  const webhookUserService = new WebhookUserService(serverDB);
   switch (action) {
     case 'update-user': {
-      return nextAuthUserService.safeUpdateUser(
+      return webhookUserService.safeUpdateUser(
         {
-          provider: 'casdoor',
-          providerAccountId: object.id,
+          accountId: object.id,
+          providerId: 'casdoor',
         },
         {
           avatar: object?.avatar,

package/src/app/(backend)/api/webhooks/logto/route.ts

@@ -3,7 +3,7 @@ import { NextResponse } from 'next/server';
 import { serverDB } from '@/database/server';
 import { authEnv } from '@/envs/auth';
 import { pino } from '@/libs/logger';
-import { NextAuthUserService } from '@/server/services/nextAuthUser';
+import { WebhookUserService } from '@/server/services/webhookUser';
 
 import { validateRequest } from './validateRequest';
 
@@ -21,13 +21,13 @@ export const POST = async (req: Request): Promise<NextResponse> => {
 
   pino.trace(`logto webhook payload: ${{ data, event }}`);
 
-  const nextAuthUserService = new NextAuthUserService(serverDB);
+  const webhookUserService = new WebhookUserService(serverDB);
   switch (event) {
     case 'User.Data.Updated': {
-      return nextAuthUserService.safeUpdateUser(
+      return webhookUserService.safeUpdateUser(
         {
-          provider: 'logto',
-          providerAccountId: data.id,
+          accountId: data.id,
+          providerId: 'logto',
         },
         {
           avatar: data?.avatar,
@@ -38,9 +38,9 @@ export const POST = async (req: Request): Promise<NextResponse> => {
     }
     case 'User.SuspensionStatus.Updated': {
       if (data.isSuspended) {
-        return nextAuthUserService.safeSignOutUser({
-          provider: 'logto',
-          providerAccountId: data.id,
+        return webhookUserService.safeSignOutUser({
+          accountId: data.id,
+          providerId: 'logto',
         });
       }
       return NextResponse.json({ message: 'user reactivated', success: true }, { status: 200 });

package/src/app/(backend)/middleware/auth/index.test.ts

@@ -24,10 +24,17 @@ vi.mock('@/envs/auth', async (importOriginal) => {
   const actual = await importOriginal<typeof import('@/envs/auth')>();
   return {
     ...actual,
-    enableBetterAuth: false,
   };
 });
 
+vi.mock('@/auth', () => ({
+  auth: {
+    api: {
+      getSession: vi.fn().mockResolvedValue(null),
+    },
+  },
+}));
+
 describe('checkAuth', () => {
   const mockHandler: RequestHandler = vi.fn();
   const mockRequest = new Request('https://example.com');

package/src/app/(backend)/middleware/auth/index.ts

@@ -6,14 +6,10 @@ import {
 import { ChatErrorType, type ClientSecretPayload } from '@lobechat/types';
 import { getXorPayload } from '@lobechat/utils/server';
 
+import { auth } from '@/auth';
 import { getServerDB } from '@/database/core/db-adaptor';
 import { type LobeChatDatabase } from '@/database/type';
-import {
-  LOBE_CHAT_AUTH_HEADER,
-  LOBE_CHAT_OIDC_AUTH_HEADER,
-  OAUTH_AUTHORIZED,
-  enableBetterAuth,
-} from '@/envs/auth';
+import { LOBE_CHAT_AUTH_HEADER, LOBE_CHAT_OIDC_AUTH_HEADER, OAUTH_AUTHORIZED } from '@/envs/auth';
 import { validateOIDCJWT } from '@/libs/oidc-provider/jwt';
 import { createErrorResponse } from '@/utils/errorResponse';
 
@@ -58,18 +54,13 @@ export const checkAuth =
       // get Authorization from header
       const authorization = req.headers.get(LOBE_CHAT_AUTH_HEADER);
       const oauthAuthorized = !!req.headers.get(OAUTH_AUTHORIZED);
-      let betterAuthAuthorized = false;
 
       // better auth handler
-      if (enableBetterAuth) {
-        const { auth: betterAuth } = await import('@/auth');
-
-        const session = await betterAuth.api.getSession({
-          headers: req.headers,
-        });
+      const session = await auth.api.getSession({
+        headers: req.headers,
+      });
 
-        betterAuthAuthorized = !!session?.user?.id;
-      }
+      const betterAuthAuthorized = !!session?.user?.id;
 
       if (!authorization) throw AgentRuntimeError.createError(ChatErrorType.Unauthorized);
 

package/src/app/(backend)/middleware/auth/utils.test.ts

@@ -2,49 +2,17 @@ import { beforeEach, describe, expect, it, vi } from 'vitest';
 
 import { checkAuthMethod } from './utils';
 
-let enableNextAuthMock = false;
-let enableBetterAuthMock = false;
-
-vi.mock('@/envs/auth', async (importOriginal) => {
-  const data = await importOriginal();
-
-  return {
-    ...(data as any),
-    get enableBetterAuth() {
-      return enableBetterAuthMock;
-    },
-    get enableNextAuth() {
-      return enableNextAuthMock;
-    },
-  };
-});
-
 describe('checkAuthMethod', () => {
   beforeEach(() => {
     vi.clearAllMocks();
   });
 
-  it('should pass with valid Next auth', () => {
-    enableNextAuthMock = true;
-    expect(() =>
-      checkAuthMethod({
-        nextAuthAuthorized: true,
-      }),
-    ).not.toThrow();
-
-    enableNextAuthMock = false;
-  });
-
   it('should pass with valid Better Auth session', () => {
-    enableBetterAuthMock = true;
-
     expect(() =>
       checkAuthMethod({
         betterAuthAuthorized: true,
       }),
     ).not.toThrow();
-
-    enableBetterAuthMock = false;
   });
 
   it('should pass with valid API key', () => {

package/src/app/(backend)/middleware/auth/utils.ts

@@ -1,5 +1,3 @@
-import { enableBetterAuth, enableNextAuth } from '@/envs/auth';
-
 interface CheckAuthParams {
   apiKey?: string;
   betterAuthAuthorized?: boolean;
@@ -11,16 +9,13 @@ interface CheckAuthParams {
  * @param {CheckAuthParams} params - Authentication parameters extracted from headers.
  * @param {string} [params.apiKey] - The user API key.
  * @param {boolean} [params.betterAuthAuthorized] - Whether the Better Auth session exists.
- * @param {boolean} [params.nextAuthAuthorized] - Whether the OAuth 2 header is provided.
+ * @param {boolean} [params.nextAuthAuthorized] - Whether the OAuth 2 header is provided (legacy, kept for compatibility).
  */
 export const checkAuthMethod = (params: CheckAuthParams) => {
-  const { apiKey, betterAuthAuthorized, nextAuthAuthorized } = params;
+  const { apiKey, betterAuthAuthorized } = params;
 
   // if better auth session exists
-  if (enableBetterAuth && betterAuthAuthorized) return;
-
-  // if next auth handler is provided
-  if (enableNextAuth && nextAuthAuthorized) return;
+  if (betterAuthAuthorized) return;
 
   // if apiKey exist
   if (apiKey) return;

package/src/app/(backend)/webapi/chat/[provider]/route.test.ts

@@ -27,10 +27,17 @@ vi.mock('@/envs/auth', async (importOriginal) => {
   const actual = await importOriginal<typeof import('@/envs/auth')>();
   return {
     ...actual,
-    enableBetterAuth: false,
   };
 });
 
+vi.mock('@/auth', () => ({
+  auth: {
+    api: {
+      getSession: vi.fn().mockResolvedValue(null),
+    },
+  },
+}));
+
 // 模拟请求和响应
 let request: Request;
 beforeEach(() => {

package/src/app/(backend)/webapi/create-image/comfyui/route.ts

@@ -21,7 +21,6 @@ const handler = async (req: Request, { jwtPayload }: { jwtPayload?: any }) => {
 
     const caller = createCaller({
       jwtPayload,
-      nextAuth: undefined, // WebAPI routes don't have nextAuth session
       userId: jwtPayload?.userId, // Required for userAuth middleware
     });
 

package/src/app/(backend)/webapi/models/[provider]/route.test.ts

@@ -21,10 +21,17 @@ vi.mock('@/envs/auth', async (importOriginal) => {
   const actual = await importOriginal<typeof import('@/envs/auth')>();
   return {
     ...actual,
-    enableBetterAuth: false,
   };
 });
 
+vi.mock('@/auth', () => ({
+  auth: {
+    api: {
+      getSession: vi.fn().mockResolvedValue(null),
+    },
+  },
+}));
+
 vi.mock('@/server/modules/ModelRuntime', () => ({
   initModelRuntimeFromDB: vi.fn(),
 }));

package/src/app/[variants]/(auth)/signin/SignInEmailStep.tsx

@@ -7,7 +7,7 @@ import { ChevronRight, Mail } from 'lucide-react';
 import { useEffect, useRef } from 'react';
 import { Trans, useTranslation } from 'react-i18next';
 
-import AuthIcons from '@/components/NextAuth/AuthIcons';
+import AuthIcons from '@/components/AuthIcons';
 import { PRIVACY_URL, TERMS_URL } from '@/const/url';
 
 import AuthCard from '../../../../features/AuthCard';

package/src/app/[variants]/(auth)/signup/[[...signup]]/page.tsx

@@ -1,5 +1,3 @@
-import { enableBetterAuth } from '@/envs/auth';
-import { notFound } from '@/libs/next/navigation';
 import { metadataModule } from '@/server/metadata';
 import { translation } from '@/server/translation';
 import { type DynamicLayoutProps } from '@/types/next';
@@ -9,28 +7,17 @@ import BetterAuthSignUpForm from './BetterAuthSignUpForm';
 
 export const generateMetadata = async (props: DynamicLayoutProps) => {
   const locale = await RouteVariants.getLocale(props);
-
-  if (enableBetterAuth) {
-    const { t } = await translation('auth', locale);
-    return metadataModule.generate({
-      description: t('betterAuth.signup.subtitle'),
-      title: t('betterAuth.signup.title'),
-      url: '/signup',
-    });
-  }
+  const { t } = await translation('auth', locale);
 
   return metadataModule.generate({
-    title: 'Sign Up',
+    description: t('betterAuth.signup.subtitle'),
+    title: t('betterAuth.signup.title'),
     url: '/signup',
   });
 };
 
 const Page = () => {
-  if (enableBetterAuth) {
-    return <BetterAuthSignUpForm />;
-  }
-
-  return notFound();
+  return <BetterAuthSignUpForm />;
 };
 
 export default Page;

package/src/app/[variants]/(main)/agent/cron/[cronId]/features/CronJobContentEditor.tsx

@@ -11,7 +11,7 @@ import { Editor, useEditor } from '@lobehub/editor/react';
 import { Flexbox, Icon, Text } from '@lobehub/ui';
 import { Card } from 'antd';
 import { Clock } from 'lucide-react';
-import { memo, useCallback, useEffect, useRef } from 'react';
+import { type RefObject, memo, useCallback, useEffect, useRef } from 'react';
 import { useTranslation } from 'react-i18next';
 
 interface CronJobContentEditorProps {
@@ -20,8 +20,12 @@ interface CronJobContentEditorProps {
   onChange: (value: string) => void;
 }
 
-const CronJobContentEditor = memo<CronJobContentEditorProps>(
-  ({ enableRichRender, initialValue, onChange }) => {
+interface CronJobContentEditorInnerProps extends CronJobContentEditorProps {
+  contentRef: RefObject<string>;
+}
+
+const CronJobContentEditorInner = memo<CronJobContentEditorInnerProps>(
+  ({ enableRichRender, initialValue, onChange, contentRef }) => {
     const { t } = useTranslation('setting');
     const editor = useEditor();
     const currentValueRef = useRef(initialValue);
@@ -31,23 +35,6 @@ const CronJobContentEditor = memo<CronJobContentEditorProps>(
       currentValueRef.current = initialValue;
     }, [initialValue]);
 
-    // Initialize editor content when editor is ready
-    useEffect(() => {
-      if (!editor) return;
-      try {
-        setTimeout(() => {
-          if (initialValue) {
-            editor.setDocument(enableRichRender ? 'markdown' : 'text', initialValue);
-          }
-        }, 100);
-      } catch (error) {
-        console.error('[CronJobContentEditor] Failed to initialize editor content:', error);
-        setTimeout(() => {
-          editor.setDocument(enableRichRender ? 'markdown' : 'text', initialValue);
-        }, 100);
-      }
-    }, [editor, enableRichRender, initialValue]);
-
     // Handle content changes
     const handleContentChange = useCallback(
       (e: any) => {
@@ -57,13 +44,18 @@ const CronJobContentEditor = memo<CronJobContentEditorProps>(
 
         const finalContent = nextContent || '';
 
+        // Save to parent ref for restoration
+        if (contentRef) {
+          (contentRef as { current: string }).current = finalContent;
+        }
+
         // Only call onChange if content actually changed
         if (finalContent !== currentValueRef.current) {
           currentValueRef.current = finalContent;
           onChange(finalContent);
         }
       },
-      [enableRichRender, onChange],
+      [enableRichRender, onChange, contentRef],
     );
 
     return (
@@ -82,6 +74,14 @@ const CronJobContentEditor = memo<CronJobContentEditorProps>(
               content={''}
               editor={editor}
               lineEmptyPlaceholder={t('agentCronJobs.form.content.placeholder')}
+              onInit={(editor) => {
+                // Restore content from parent ref when editor re-initializes
+                if (contentRef?.current) {
+                  editor.setDocument(enableRichRender ? 'markdown' : 'text', contentRef.current);
+                } else if (initialValue) {
+                  editor.setDocument(enableRichRender ? 'markdown' : 'text', initialValue);
+                }
+              }}
               onTextChange={handleContentChange}
               placeholder={t('agentCronJobs.form.content.placeholder')}
               plugins={
@@ -108,4 +108,17 @@ const CronJobContentEditor = memo<CronJobContentEditorProps>(
   },
 );
 
+const CronJobContentEditor = (props: CronJobContentEditorProps) => {
+  // Ref to persist content across re-mounts when enableRichRender changes
+  const contentRef = useRef<string>(props.initialValue);
+
+  return (
+    <CronJobContentEditorInner
+      contentRef={contentRef}
+      key={`editor-${props.enableRichRender}`}
+      {...props}
+    />
+  );
+};
+
 export default CronJobContentEditor;

package/src/app/[variants]/(main)/settings/profile/features/SSOProvidersList/index.tsx

@@ -5,8 +5,7 @@ import { type CSSProperties, memo, useMemo } from 'react';
 import { useTranslation } from 'react-i18next';
 
 import { modal, notification } from '@/components/AntdStaticMethods';
-import AuthIcons from '@/components/NextAuth/AuthIcons';
-import { userService } from '@/services/user';
+import AuthIcons from '@/components/AuthIcons';
 import { useServerConfigStore } from '@/store/serverConfig';
 import { serverConfigSelectors } from '@/store/serverConfig/selectors';
 import { useUserStore } from '@/store/user';
@@ -17,7 +16,7 @@ const providerNameStyle: CSSProperties = {
 };
 
 export const SSOProvidersList = memo(() => {
-  const isLoginWithBetterAuth = useUserStore(authSelectors.isLoginWithBetterAuth);
+  const isLogin = useUserStore(authSelectors.isLogin);
   const providers = useUserStore(authSelectors.authProviders);
   const hasPasswordAccount = useUserStore(authSelectors.hasPasswordAccount);
   const refreshAuthProviders = useUserStore((s) => s.refreshAuthProviders);
@@ -26,7 +25,7 @@ export const SSOProvidersList = memo(() => {
 
   // Allow unlink if user has multiple SSO providers OR has email/password login
   const allowUnlink = providers.length > 1 || hasPasswordAccount;
-  const enableBetterAuthActions = !isDesktop && isLoginWithBetterAuth;
+  const enableAuthActions = !isDesktop && isLogin;
 
   // Get linked provider IDs for filtering
   const linkedProviderIds = useMemo(() => {
@@ -38,9 +37,9 @@ export const SSOProvidersList = memo(() => {
     return (oAuthSSOProviders || []).filter((provider) => !linkedProviderIds.has(provider));
   }, [oAuthSSOProviders, linkedProviderIds]);
 
-  const handleUnlinkSSO = async (provider: string, providerAccountId: string) => {
+  const handleUnlinkSSO = async (provider: string) => {
     // Better-auth link/unlink operations are not available on desktop
-    if (isDesktop && isLoginWithBetterAuth) return;
+    if (isDesktop) return;
 
     // Prevent unlink if this is the only login method
     if (!allowUnlink) {
@@ -55,14 +54,8 @@ export const SSOProvidersList = memo(() => {
         danger: true,
       },
       onOk: async () => {
-        if (isLoginWithBetterAuth) {
-          // Use better-auth native API
-          const { unlinkAccount } = await import('@/libs/better-auth/auth-client');
-          await unlinkAccount({ providerId: provider });
-        } else {
-          // Fallback for NextAuth
-          await userService.unlinkSSOProvider(provider, providerAccountId);
-        }
+        const { unlinkAccount } = await import('@/libs/better-auth/auth-client');
+        await unlinkAccount({ providerId: provider });
         refreshAuthProviders();
       },
       title: <span style={providerNameStyle}>{t('profile.sso.unlink.title', { provider })}</span>,
@@ -70,7 +63,7 @@ export const SSOProvidersList = memo(() => {
   };
 
   const handleLinkSSO = async (provider: string) => {
-    if (enableBetterAuthActions) {
+    if (enableAuthActions) {
       // Use better-auth native linkSocial API
       const { linkSocial } = await import('@/libs/better-auth/auth-client');
       await linkSocial({
@@ -107,19 +100,19 @@ export const SSOProvidersList = memo(() => {
               </Text>
             )}
           </Flexbox>
-          {!(isDesktop && isLoginWithBetterAuth) && (
+          {!isDesktop && (
             <ActionIcon
               disabled={!allowUnlink}
               icon={Unlink}
-              onClick={() => handleUnlinkSSO(item.provider, item.providerAccountId)}
+              onClick={() => handleUnlinkSSO(item.provider)}
               size={'small'}
             />
           )}
         </Flexbox>
       ))}
 
-      {/* Link Account Button - Only show for Better-Auth users with available providers */}
-      {enableBetterAuthActions && availableProviders.length > 0 && (
+      {/* Link Account Button - Only show for logged in users with available providers */}
+      {enableAuthActions && availableProviders.length > 0 && (
         <DropdownMenu items={linkMenuItems} popupProps={{ style: { maxWidth: '200px' } }}>
           <Flexbox align={'center'} gap={6} horizontal style={{ cursor: 'pointer', fontSize: 12 }}>
             <Plus size={14} />