feat: surface per-user credentials to feed source providers (#110)

Add credentials parameter to FeedSourceProvider.feedSourceForUser so providers can receive decrypted per-user credentials (OAuth tokens, passwords) from the user_sources table. Wire CredentialEncryptor into UserSessionManager to handle encrypt/decrypt. Providers receive plaintext and handle validation internally. Existing providers ignore the new parameter. Co-authored-by: Ona <no-reply@ona.com>
2026-04-21 01:01:18 +01:00 · 2026-04-11 15:18:24 +01:00
parent bfc25fa704
commit 98ce546eff
11 changed files with 452 additions and 20 deletions
--- a/apps/aelis-backend/src/session/feed-source-provider.ts
+++ b/apps/aelis-backend/src/session/feed-source-provider.ts
@@ -8,5 +8,5 @@ export interface FeedSourceProvider {
 	readonly sourceId: string
 	/** Arktype schema for validating user-provided config. Omit if the source has no config. */
 	readonly configSchema?: ConfigSchema
-	feedSourceForUser(userId: string, config: unknown): Promise<FeedSource>
+	feedSourceForUser(userId: string, config: unknown, credentials: unknown): Promise<FeedSource>
 }