feat: surface per-user credentials to feed source providers (#110)

Add credentials parameter to FeedSourceProvider.feedSourceForUser so providers can receive decrypted per-user credentials (OAuth tokens, passwords) from the user_sources table. Wire CredentialEncryptor into UserSessionManager to handle encrypt/decrypt. Providers receive plaintext and handle validation internally. Existing providers ignore the new parameter. Co-authored-by: Ona <no-reply@ona.com>
2026-04-22 17:51:18 +01:00 · 2026-04-11 15:18:24 +01:00
parent bfc25fa704
commit 98ce546eff
11 changed files with 452 additions and 20 deletions
--- a/apps/aelis-backend/src/tfl/provider.ts
+++ b/apps/aelis-backend/src/tfl/provider.ts
@@ -23,7 +23,11 @@ export class TflSourceProvider implements FeedSourceProvider {
 		this.client = "client" in options ? options.client : undefined
 	}

-	async feedSourceForUser(_userId: string, config: unknown): Promise<TflSource> {
+	async feedSourceForUser(
+		_userId: string,
+		config: unknown,
+		_credentials: unknown,
+	): Promise<TflSource> {
 		const parsed = tflConfig(config)
 		if (parsed instanceof type.errors) {
 			throw new Error(`Invalid TFL config: ${parsed.summary}`)