kennethnym/aris
1
0
Fork 0
mirror of https://github.com/kennethnym/aris.git synced 2026-06-13 11:01:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

chore: rename aelis to freya

Browse Source
This commit is contained in:
Kenneth
2026-06-12 17:32:20 +01:00
parent 7e77870c13
commit de91dfc2a2
247 changed files with 585 additions and 585 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
apps/freya-backend/.env.example Normal file
View File

@@ -0,0 +1,22 @@
# PostgreSQL connection string
DATABASE_URL=postgresql://user:password@localhost:5432/aris
# BetterAuth secret (min 32 chars, generate with: openssl rand -base64 32)
BETTER_AUTH_SECRET=
# Encryption key for source credentials at rest (32 bytes, generate with: openssl rand -base64 32)
CREDENTIAL_ENCRYPTION_KEY=
# Base URL of the backend
BETTER_AUTH_URL=http://localhost:3000
# OpenRouter (LLM feed enhancement)
OPENROUTER_API_KEY=
# Optional: override the default model (default: openai/gpt-4.1-mini)
# OPENROUTER_MODEL=openai/gpt-4.1-mini
# Apple WeatherKit credentials
WEATHERKIT_PRIVATE_KEY=
WEATHERKIT_KEY_ID=
WEATHERKIT_TEAM_ID=
WEATHERKIT_SERVICE_ID=

20
apps/freya-backend/auth.ts Normal file
View File

@@ -0,0 +1,20 @@
// Used by Better Auth CLI for schema generation.
// Run: bunx --bun auth@latest generate --config auth.ts --output src/db/auth-schema.ts
import { betterAuth } from "better-auth"
import { drizzleAdapter } from "better-auth/adapters/drizzle"
import { admin } from "better-auth/plugins"
import { SQL } from "bun"
import { drizzle } from "drizzle-orm/bun-sql"
const client = new SQL({ url: process.env.DATABASE_URL })
const db = drizzle({ client })
export const auth = betterAuth({
database: drizzleAdapter(db, { provider: "pg" }),
emailAndPassword: {
enabled: true,
},
plugins: [admin()],
})
export default auth

10
apps/freya-backend/drizzle.config.ts Normal file
View File

@@ -0,0 +1,10 @@
import { defineConfig } from "drizzle-kit"
export default defineConfig({
out: "./drizzle",
schema: "./src/db/schema.ts",
dialect: "postgresql",
dbCredentials: {
url: process.env.DATABASE_URL!,
},
})

66
apps/freya-backend/drizzle/0000_wakeful_scorpion.sql Normal file
View File

@@ -0,0 +1,66 @@
CREATE TABLE "account" (
"id" text PRIMARY KEY NOT NULL,
"account_id" text NOT NULL,
"provider_id" text NOT NULL,
"user_id" text NOT NULL,
"access_token" text,
"refresh_token" text,
"id_token" text,
"access_token_expires_at" timestamp,
"refresh_token_expires_at" timestamp,
"scope" text,
"password" text,
"created_at" timestamp NOT NULL,
"updated_at" timestamp NOT NULL
);
--> statement-breakpoint
CREATE TABLE "session" (
"id" text PRIMARY KEY NOT NULL,
"expires_at" timestamp NOT NULL,
"token" text NOT NULL,
"created_at" timestamp NOT NULL,
"updated_at" timestamp NOT NULL,
"ip_address" text,
"user_agent" text,
"user_id" text NOT NULL,
CONSTRAINT "session_token_unique" UNIQUE("token")
);
--> statement-breakpoint
CREATE TABLE "user" (
"id" text PRIMARY KEY NOT NULL,
"name" text NOT NULL,
"email" text NOT NULL,
"email_verified" boolean DEFAULT false NOT NULL,
"image" text,
"created_at" timestamp NOT NULL,
"updated_at" timestamp NOT NULL,
CONSTRAINT "user_email_unique" UNIQUE("email")
);
--> statement-breakpoint
CREATE TABLE "user_sources" (
"id" uuid PRIMARY KEY DEFAULT gen_random_uuid() NOT NULL,
"user_id" text NOT NULL,
"source_id" text NOT NULL,
"enabled" boolean DEFAULT true NOT NULL,
"config" jsonb DEFAULT '{}'::jsonb,
"credentials" "bytea",
"created_at" timestamp DEFAULT now() NOT NULL,
"updated_at" timestamp DEFAULT now() NOT NULL,
CONSTRAINT "user_sources_user_id_source_id_unique" UNIQUE("user_id","source_id")
);
--> statement-breakpoint
CREATE TABLE "verification" (
"id" text PRIMARY KEY NOT NULL,
"identifier" text NOT NULL,
"value" text NOT NULL,
"expires_at" timestamp NOT NULL,
"created_at" timestamp NOT NULL,
"updated_at" timestamp NOT NULL
);
--> statement-breakpoint
ALTER TABLE "account" ADD CONSTRAINT "account_user_id_user_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."user"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "session" ADD CONSTRAINT "session_user_id_user_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."user"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
ALTER TABLE "user_sources" ADD CONSTRAINT "user_sources_user_id_user_id_fk" FOREIGN KEY ("user_id") REFERENCES "public"."user"("id") ON DELETE cascade ON UPDATE no action;--> statement-breakpoint
CREATE INDEX "account_userId_idx" ON "account" USING btree ("user_id");--> statement-breakpoint
CREATE INDEX "session_userId_idx" ON "session" USING btree ("user_id");--> statement-breakpoint
CREATE INDEX "verification_identifier_idx" ON "verification" USING btree ("identifier");

1
apps/freya-backend/drizzle/0001_misty_white_tiger.sql Normal file
View File

@@ -0,0 +1 @@
CREATE INDEX "user_sources_user_id_enabled_idx" ON "user_sources" USING btree ("user_id","enabled");

457
apps/freya-backend/drizzle/meta/0000_snapshot.json Normal file
View File

@@ -0,0 +1,457 @@
{
"id": "d8c59ec7-b686-41a7-a472-da29f3ab6727",
"prevId": "00000000-0000-0000-0000-000000000000",
"version": "7",
"dialect": "postgresql",
"tables": {
"public.account": {
"name": "account",
"schema": "",
"columns": {
"id": {
"name": "id",
"type": "text",
"primaryKey": true,
"notNull": true
},
"account_id": {
"name": "account_id",
"type": "text",
"primaryKey": false,
"notNull": true
},
"provider_id": {
"name": "provider_id",
"type": "text",
"primaryKey": false,
"notNull": true
},
"user_id": {
"name": "user_id",
"type": "text",
"primaryKey": false,
"notNull": true
},
"access_token": {
"name": "access_token",
"type": "text",
"primaryKey": false,
"notNull": false
},
"refresh_token": {
"name": "refresh_token",
"type": "text",
"primaryKey": false,
"notNull": false
},
"id_token": {
"name": "id_token",
"type": "text",
"primaryKey": false,
"notNull": false
},
"access_token_expires_at": {
"name": "access_token_expires_at",
"type": "timestamp",
"primaryKey": false,
"notNull": false
},
"refresh_token_expires_at": {
"name": "refresh_token_expires_at",
"type": "timestamp",
"primaryKey": false,
"notNull": false
},
"scope": {
"name": "scope",
"type": "text",
"primaryKey": false,
"notNull": false
},
"password": {
"name": "password",
"type": "text",
"primaryKey": false,
"notNull": false
},
"created_at": {
"name": "created_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
},
"updated_at": {
"name": "updated_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
}
},
"indexes": {
"account_userId_idx": {
"name": "account_userId_idx",
"columns": [
{
"expression": "user_id",
"isExpression": false,
"asc": true,
"nulls": "last"
}
],
"isUnique": false,
"concurrently": false,
"method": "btree",
"with": {}
}
},
"foreignKeys": {
"account_user_id_user_id_fk": {
"name": "account_user_id_user_id_fk",
"tableFrom": "account",
"tableTo": "user",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"policies": {},
"checkConstraints": {},
"isRLSEnabled": false
},
"public.session": {
"name": "session",
"schema": "",
"columns": {
"id": {
"name": "id",
"type": "text",
"primaryKey": true,
"notNull": true
},
"expires_at": {
"name": "expires_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
},
"token": {
"name": "token",
"type": "text",
"primaryKey": false,
"notNull": true
},
"created_at": {
"name": "created_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
},
"updated_at": {
"name": "updated_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
},
"ip_address": {
"name": "ip_address",
"type": "text",
"primaryKey": false,
"notNull": false
},
"user_agent": {
"name": "user_agent",
"type": "text",
"primaryKey": false,
"notNull": false
},
"user_id": {
"name": "user_id",
"type": "text",
"primaryKey": false,
"notNull": true
}
},
"indexes": {
"session_userId_idx": {
"name": "session_userId_idx",
"columns": [
{
"expression": "user_id",
"isExpression": false,
"asc": true,
"nulls": "last"
}
],
"isUnique": false,
"concurrently": false,
"method": "btree",
"with": {}
}
},
"foreignKeys": {
"session_user_id_user_id_fk": {
"name": "session_user_id_user_id_fk",
"tableFrom": "session",
"tableTo": "user",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {
"session_token_unique": {
"name": "session_token_unique",
"nullsNotDistinct": false,
"columns": [
"token"
]
}
},
"policies": {},
"checkConstraints": {},
"isRLSEnabled": false
},
"public.user": {
"name": "user",
"schema": "",
"columns": {
"id": {
"name": "id",
"type": "text",
"primaryKey": true,
"notNull": true
},
"name": {
"name": "name",
"type": "text",
"primaryKey": false,
"notNull": true
},
"email": {
"name": "email",
"type": "text",
"primaryKey": false,
"notNull": true
},
"email_verified": {
"name": "email_verified",
"type": "boolean",
"primaryKey": false,
"notNull": true,
"default": false
},
"image": {
"name": "image",
"type": "text",
"primaryKey": false,
"notNull": false
},
"created_at": {
"name": "created_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
},
"updated_at": {
"name": "updated_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
}
},
"indexes": {},
"foreignKeys": {},
"compositePrimaryKeys": {},
"uniqueConstraints": {
"user_email_unique": {
"name": "user_email_unique",
"nullsNotDistinct": false,
"columns": [
"email"
]
}
},
"policies": {},
"checkConstraints": {},
"isRLSEnabled": false
},
"public.user_sources": {
"name": "user_sources",
"schema": "",
"columns": {
"id": {
"name": "id",
"type": "uuid",
"primaryKey": true,
"notNull": true,
"default": "gen_random_uuid()"
},
"user_id": {
"name": "user_id",
"type": "text",
"primaryKey": false,
"notNull": true
},
"source_id": {
"name": "source_id",
"type": "text",
"primaryKey": false,
"notNull": true
},
"enabled": {
"name": "enabled",
"type": "boolean",
"primaryKey": false,
"notNull": true,
"default": true
},
"config": {
"name": "config",
"type": "jsonb",
"primaryKey": false,
"notNull": false,
"default": "'{}'::jsonb"
},
"credentials": {
"name": "credentials",
"type": "bytea",
"primaryKey": false,
"notNull": false
},
"created_at": {
"name": "created_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true,
"default": "now()"
},
"updated_at": {
"name": "updated_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true,
"default": "now()"
}
},
"indexes": {},
"foreignKeys": {
"user_sources_user_id_user_id_fk": {
"name": "user_sources_user_id_user_id_fk",
"tableFrom": "user_sources",
"tableTo": "user",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {
"user_sources_user_id_source_id_unique": {
"name": "user_sources_user_id_source_id_unique",
"nullsNotDistinct": false,
"columns": [
"user_id",
"source_id"
]
}
},
"policies": {},
"checkConstraints": {},
"isRLSEnabled": false
},
"public.verification": {
"name": "verification",
"schema": "",
"columns": {
"id": {
"name": "id",
"type": "text",
"primaryKey": true,
"notNull": true
},
"identifier": {
"name": "identifier",
"type": "text",
"primaryKey": false,
"notNull": true
},
"value": {
"name": "value",
"type": "text",
"primaryKey": false,
"notNull": true
},
"expires_at": {
"name": "expires_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
},
"created_at": {
"name": "created_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
},
"updated_at": {
"name": "updated_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
}
},
"indexes": {
"verification_identifier_idx": {
"name": "verification_identifier_idx",
"columns": [
{
"expression": "identifier",
"isExpression": false,
"asc": true,
"nulls": "last"
}
],
"isUnique": false,
"concurrently": false,
"method": "btree",
"with": {}
}
},
"foreignKeys": {},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"policies": {},
"checkConstraints": {},
"isRLSEnabled": false
}
},
"enums": {},
"schemas": {},
"sequences": {},
"roles": {},
"policies": {},
"views": {},
"_meta": {
"columns": {},
"schemas": {},
"tables": {}
}
}

479
apps/freya-backend/drizzle/meta/0001_snapshot.json Normal file
View File

@@ -0,0 +1,479 @@
{
"id": "d963322c-77e2-4ac9-bd3c-ca544c85ae35",
"prevId": "d8c59ec7-b686-41a7-a472-da29f3ab6727",
"version": "7",
"dialect": "postgresql",
"tables": {
"public.account": {
"name": "account",
"schema": "",
"columns": {
"id": {
"name": "id",
"type": "text",
"primaryKey": true,
"notNull": true
},
"account_id": {
"name": "account_id",
"type": "text",
"primaryKey": false,
"notNull": true
},
"provider_id": {
"name": "provider_id",
"type": "text",
"primaryKey": false,
"notNull": true
},
"user_id": {
"name": "user_id",
"type": "text",
"primaryKey": false,
"notNull": true
},
"access_token": {
"name": "access_token",
"type": "text",
"primaryKey": false,
"notNull": false
},
"refresh_token": {
"name": "refresh_token",
"type": "text",
"primaryKey": false,
"notNull": false
},
"id_token": {
"name": "id_token",
"type": "text",
"primaryKey": false,
"notNull": false
},
"access_token_expires_at": {
"name": "access_token_expires_at",
"type": "timestamp",
"primaryKey": false,
"notNull": false
},
"refresh_token_expires_at": {
"name": "refresh_token_expires_at",
"type": "timestamp",
"primaryKey": false,
"notNull": false
},
"scope": {
"name": "scope",
"type": "text",
"primaryKey": false,
"notNull": false
},
"password": {
"name": "password",
"type": "text",
"primaryKey": false,
"notNull": false
},
"created_at": {
"name": "created_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
},
"updated_at": {
"name": "updated_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
}
},
"indexes": {
"account_userId_idx": {
"name": "account_userId_idx",
"columns": [
{
"expression": "user_id",
"isExpression": false,
"asc": true,
"nulls": "last"
}
],
"isUnique": false,
"concurrently": false,
"method": "btree",
"with": {}
}
},
"foreignKeys": {
"account_user_id_user_id_fk": {
"name": "account_user_id_user_id_fk",
"tableFrom": "account",
"tableTo": "user",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"policies": {},
"checkConstraints": {},
"isRLSEnabled": false
},
"public.session": {
"name": "session",
"schema": "",
"columns": {
"id": {
"name": "id",
"type": "text",
"primaryKey": true,
"notNull": true
},
"expires_at": {
"name": "expires_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
},
"token": {
"name": "token",
"type": "text",
"primaryKey": false,
"notNull": true
},
"created_at": {
"name": "created_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
},
"updated_at": {
"name": "updated_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
},
"ip_address": {
"name": "ip_address",
"type": "text",
"primaryKey": false,
"notNull": false
},
"user_agent": {
"name": "user_agent",
"type": "text",
"primaryKey": false,
"notNull": false
},
"user_id": {
"name": "user_id",
"type": "text",
"primaryKey": false,
"notNull": true
}
},
"indexes": {
"session_userId_idx": {
"name": "session_userId_idx",
"columns": [
{
"expression": "user_id",
"isExpression": false,
"asc": true,
"nulls": "last"
}
],
"isUnique": false,
"concurrently": false,
"method": "btree",
"with": {}
}
},
"foreignKeys": {
"session_user_id_user_id_fk": {
"name": "session_user_id_user_id_fk",
"tableFrom": "session",
"tableTo": "user",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {
"session_token_unique": {
"name": "session_token_unique",
"nullsNotDistinct": false,
"columns": [
"token"
]
}
},
"policies": {},
"checkConstraints": {},
"isRLSEnabled": false
},
"public.user": {
"name": "user",
"schema": "",
"columns": {
"id": {
"name": "id",
"type": "text",
"primaryKey": true,
"notNull": true
},
"name": {
"name": "name",
"type": "text",
"primaryKey": false,
"notNull": true
},
"email": {
"name": "email",
"type": "text",
"primaryKey": false,
"notNull": true
},
"email_verified": {
"name": "email_verified",
"type": "boolean",
"primaryKey": false,
"notNull": true,
"default": false
},
"image": {
"name": "image",
"type": "text",
"primaryKey": false,
"notNull": false
},
"created_at": {
"name": "created_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
},
"updated_at": {
"name": "updated_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
}
},
"indexes": {},
"foreignKeys": {},
"compositePrimaryKeys": {},
"uniqueConstraints": {
"user_email_unique": {
"name": "user_email_unique",
"nullsNotDistinct": false,
"columns": [
"email"
]
}
},
"policies": {},
"checkConstraints": {},
"isRLSEnabled": false
},
"public.user_sources": {
"name": "user_sources",
"schema": "",
"columns": {
"id": {
"name": "id",
"type": "uuid",
"primaryKey": true,
"notNull": true,
"default": "gen_random_uuid()"
},
"user_id": {
"name": "user_id",
"type": "text",
"primaryKey": false,
"notNull": true
},
"source_id": {
"name": "source_id",
"type": "text",
"primaryKey": false,
"notNull": true
},
"enabled": {
"name": "enabled",
"type": "boolean",
"primaryKey": false,
"notNull": true,
"default": true
},
"config": {
"name": "config",
"type": "jsonb",
"primaryKey": false,
"notNull": false,
"default": "'{}'::jsonb"
},
"credentials": {
"name": "credentials",
"type": "bytea",
"primaryKey": false,
"notNull": false
},
"created_at": {
"name": "created_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true,
"default": "now()"
},
"updated_at": {
"name": "updated_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true,
"default": "now()"
}
},
"indexes": {
"user_sources_user_id_enabled_idx": {
"name": "user_sources_user_id_enabled_idx",
"columns": [
{
"expression": "user_id",
"isExpression": false,
"asc": true,
"nulls": "last"
},
{
"expression": "enabled",
"isExpression": false,
"asc": true,
"nulls": "last"
}
],
"isUnique": false,
"concurrently": false,
"method": "btree",
"with": {}
}
},
"foreignKeys": {
"user_sources_user_id_user_id_fk": {
"name": "user_sources_user_id_user_id_fk",
"tableFrom": "user_sources",
"tableTo": "user",
"columnsFrom": [
"user_id"
],
"columnsTo": [
"id"
],
"onDelete": "cascade",
"onUpdate": "no action"
}
},
"compositePrimaryKeys": {},
"uniqueConstraints": {
"user_sources_user_id_source_id_unique": {
"name": "user_sources_user_id_source_id_unique",
"nullsNotDistinct": false,
"columns": [
"user_id",
"source_id"
]
}
},
"policies": {},
"checkConstraints": {},
"isRLSEnabled": false
},
"public.verification": {
"name": "verification",
"schema": "",
"columns": {
"id": {
"name": "id",
"type": "text",
"primaryKey": true,
"notNull": true
},
"identifier": {
"name": "identifier",
"type": "text",
"primaryKey": false,
"notNull": true
},
"value": {
"name": "value",
"type": "text",
"primaryKey": false,
"notNull": true
},
"expires_at": {
"name": "expires_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
},
"created_at": {
"name": "created_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
},
"updated_at": {
"name": "updated_at",
"type": "timestamp",
"primaryKey": false,
"notNull": true
}
},
"indexes": {
"verification_identifier_idx": {
"name": "verification_identifier_idx",
"columns": [
{
"expression": "identifier",
"isExpression": false,
"asc": true,
"nulls": "last"
}
],
"isUnique": false,
"concurrently": false,
"method": "btree",
"with": {}
}
},
"foreignKeys": {},
"compositePrimaryKeys": {},
"uniqueConstraints": {},
"policies": {},
"checkConstraints": {},
"isRLSEnabled": false
}
},
"enums": {},
"schemas": {},
"sequences": {},
"roles": {},
"policies": {},
"views": {},
"_meta": {
"columns": {},
"schemas": {},
"tables": {}
}
}

20
apps/freya-backend/drizzle/meta/_journal.json Normal file
View File

@@ -0,0 +1,20 @@
{
"version": "7",
"dialect": "postgresql",
"entries": [
{
"idx": 0,
"version": "7",
"when": 1773620066366,
"tag": "0000_wakeful_scorpion",
"breakpoints": true
},
{
"idx": 1,
"version": "7",
"when": 1773624297794,
"tag": "0001_misty_white_tiger",
"breakpoints": true
}
]
}

35
apps/freya-backend/package.json Normal file
View File

@@ -0,0 +1,35 @@
{
"name": "@freya/backend",
"version": "0.0.0",
"type": "module",
"main": "src/server.ts",
"scripts": {
"dev": "bun run --watch --inspect=0.0.0.0:6499 src/server.ts",
"start": "bun run src/server.ts",
"test": "bun test src/",
"db:generate": "bunx drizzle-kit generate",
"db:generate-auth": "bunx --bun auth@latest generate --config auth.ts --output src/db/auth-schema.ts -y",
"db:push": "bunx drizzle-kit push",
"db:migrate": "bunx drizzle-kit migrate",
"db:studio": "bunx drizzle-kit studio",
"create-admin": "bun run src/scripts/create-admin.ts"
},
"dependencies": {
"@freya/core": "workspace:*",
"@freya/source-caldav": "workspace:*",
"@freya/source-google-calendar": "workspace:*",
"@freya/source-location": "workspace:*",
"@freya/source-tfl": "workspace:*",
"@freya/source-weatherkit": "workspace:*",
"@openrouter/sdk": "^0.9.11",
"arktype": "^2.1.29",
"better-auth": "^1",
"drizzle-orm": "^0.45.1",
"hono": "^4",
"lodash.merge": "^4.6.2"
},
"devDependencies": {
"@types/lodash.merge": "^4.6.9",
"drizzle-kit": "^0.31.9"
}
}

195
apps/freya-backend/src/admin/http.test.ts Normal file
View File

@@ -0,0 +1,195 @@
import type { ActionDefinition, ContextEntry, FeedItem, FeedSource } from "@freya/core"
import { describe, expect, mock, test } from "bun:test"
import { Hono } from "hono"
import type { AdminMiddleware } from "../auth/admin-middleware.ts"
import type { AuthSession, AuthUser } from "../auth/session.ts"
import type { Database } from "../db/index.ts"
import type { FeedSourceProvider } from "../session/feed-source-provider.ts"
import { UserSessionManager } from "../session/user-session-manager.ts"
import { registerAdminHttpHandlers } from "./http.ts"
let mockEnabledSourceIds: string[] = []
mock.module("../sources/user-sources.ts", () => ({
sources: (_db: Database, _userId: string) => ({
async enabled() {
const now = new Date()
return mockEnabledSourceIds.map((sourceId) => ({
id: crypto.randomUUID(),
userId: _userId,
sourceId,
enabled: true,
config: {},
credentials: null,
createdAt: now,
updatedAt: now,
}))
},
async find(sourceId: string) {
const now = new Date()
return {
id: crypto.randomUUID(),
userId: _userId,
sourceId,
enabled: true,
config: {},
credentials: null,
createdAt: now,
updatedAt: now,
}
},
}),
}))
function createStubSource(id: string): FeedSource {
return {
id,
async listActions(): Promise<Record<string, ActionDefinition>> {
return {}
},
async executeAction(): Promise<unknown> {
return undefined
},
async fetchContext(): Promise<readonly ContextEntry[] | null> {
return null
},
async fetchItems(): Promise<FeedItem[]> {
return []
},
}
}
function createStubProvider(sourceId: string): FeedSourceProvider {
return {
sourceId,
async feedSourceForUser() {
return createStubSource(sourceId)
},
}
}
/** Passthrough admin middleware for testing (assumes admin). */
function passthroughAdminMiddleware(): AdminMiddleware {
const now = new Date()
return async (c, next) => {
c.set("user", {
id: "admin-1",
name: "Admin",
email: "admin@test.com",
emailVerified: true,
image: null,
createdAt: now,
updatedAt: now,
role: "admin",
banned: false,
banReason: null,
banExpires: null,
} as AuthUser)
c.set("session", { id: "sess-1" } as AuthSession)
await next()
}
}
const fakeDb = {} as Database
function createApp(providers: FeedSourceProvider[]) {
mockEnabledSourceIds = providers.map((p) => p.sourceId)
const sessionManager = new UserSessionManager({ db: fakeDb, providers })
const app = new Hono()
registerAdminHttpHandlers(app, {
sessionManager,
adminMiddleware: passthroughAdminMiddleware(),
db: fakeDb,
})
return { app, sessionManager }
}
const validWeatherConfig = {
credentials: {
privateKey: "pk-123",
keyId: "key-456",
teamId: "team-789",
serviceId: "svc-abc",
},
}
describe("PUT /api/admin/:sourceId/config", () => {
test("returns 404 for unknown provider", async () => {
const { app } = createApp([createStubProvider("freya.location")])
const res = await app.request("/api/admin/freya.nonexistent/config", {
method: "PUT",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ key: "value" }),
})
expect(res.status).toBe(404)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("not found")
})
test("returns 404 for provider without runtime config support", async () => {
const { app } = createApp([createStubProvider("freya.location")])
const res = await app.request("/api/admin/freya.location/config", {
method: "PUT",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ key: "value" }),
})
expect(res.status).toBe(404)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("not found")
})
test("returns 400 for invalid JSON body", async () => {
const { app } = createApp([createStubProvider("freya.weather")])
const res = await app.request("/api/admin/freya.weather/config", {
method: "PUT",
headers: { "Content-Type": "application/json" },
body: "not json",
})
expect(res.status).toBe(400)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("Invalid JSON")
})
test("returns 400 when weather config fails validation", async () => {
const { app } = createApp([createStubProvider("freya.weather")])
const res = await app.request("/api/admin/freya.weather/config", {
method: "PUT",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ credentials: { privateKey: 123 } }),
})
expect(res.status).toBe(400)
const body = (await res.json()) as { error: string }
expect(body.error).toBeDefined()
})
test("returns 204 and applies valid weather config", async () => {
const { app, sessionManager } = createApp([createStubProvider("freya.weather")])
const originalProvider = sessionManager.getProvider("freya.weather")
const res = await app.request("/api/admin/freya.weather/config", {
method: "PUT",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(validWeatherConfig),
})
expect(res.status).toBe(204)
// Provider was replaced with a new instance
const provider = sessionManager.getProvider("freya.weather")
expect(provider).toBeDefined()
expect(provider!.sourceId).toBe("freya.weather")
expect(provider).not.toBe(originalProvider)
})
})

86
apps/freya-backend/src/admin/http.ts Normal file
View File

@@ -0,0 +1,86 @@
import type { Context, Hono } from "hono"
import { type } from "arktype"
import { createMiddleware } from "hono/factory"
import type { AdminMiddleware } from "../auth/admin-middleware.ts"
import type { Database } from "../db/index.ts"
import type { UserSessionManager } from "../session/index.ts"
import { WeatherSourceProvider } from "../weather/provider.ts"
type Env = {
Variables: {
sessionManager: UserSessionManager
db: Database
}
}
interface AdminHttpHandlersDeps {
sessionManager: UserSessionManager
adminMiddleware: AdminMiddleware
db: Database
}
export function registerAdminHttpHandlers(
app: Hono,
{ sessionManager, adminMiddleware, db }: AdminHttpHandlersDeps,
) {
const inject = createMiddleware<Env>(async (c, next) => {
c.set("sessionManager", sessionManager)
c.set("db", db)
await next()
})
app.put("/api/admin/:sourceId/config", inject, adminMiddleware, handleUpdateProviderConfig)
}
const WeatherKitSourceProviderConfig = type({
credentials: {
privateKey: "string",
keyId: "string",
teamId: "string",
serviceId: "string",
},
})
async function handleUpdateProviderConfig(c: Context<Env>) {
const sourceId = c.req.param("sourceId")
if (!sourceId) {
return c.body(null, 404)
}
const sessionManager = c.get("sessionManager")
let body: unknown
try {
body = await c.req.json()
} catch {
return c.json({ error: "Invalid JSON" }, 400)
}
switch (sourceId) {
case "freya.weather": {
const parsed = WeatherKitSourceProviderConfig(body)
if (parsed instanceof type.errors) {
return c.json({ error: parsed.summary }, 400)
}
const updated = new WeatherSourceProvider({
credentials: parsed.credentials,
})
try {
await sessionManager.replaceProvider(updated)
} catch (err) {
console.error(`[admin] replaceProvider("${sourceId}") failed:`, err)
return c.json({ error: "Failed to apply config" }, 500)
}
return c.body(null, 204)
}
default:
return c.json({ error: `Provider "${sourceId}" not found` }, 404)
}
}

95
apps/freya-backend/src/auth/admin-middleware.test.ts Normal file
View File

@@ -0,0 +1,95 @@
import { describe, expect, test } from "bun:test"
import { Hono } from "hono"
import type { Auth } from "./index.ts"
import type { AuthSession, AuthUser } from "./session.ts"
import { createRequireAdmin } from "./admin-middleware.ts"
function makeUser(role: string | null): AuthUser {
const now = new Date()
return {
id: "user-1",
name: "Test User",
email: "test@example.com",
emailVerified: true,
image: null,
createdAt: now,
updatedAt: now,
role,
banned: false,
banReason: null,
banExpires: null,
}
}
function makeSession(): AuthSession {
const now = new Date()
return {
id: "sess-1",
userId: "user-1",
token: "tok-1",
expiresAt: new Date(now.getTime() + 7 * 24 * 60 * 60 * 1000),
ipAddress: "127.0.0.1",
userAgent: "test",
createdAt: now,
updatedAt: now,
}
}
function mockAuth(sessionResult: { user: AuthUser; session: AuthSession } | null): Auth {
return {
api: {
getSession: async () => sessionResult,
},
} as unknown as Auth
}
function createApp(auth: Auth) {
const app = new Hono()
const middleware = createRequireAdmin(auth)
app.get("/api/admin/test", middleware, (c) => c.json({ ok: true }))
return app
}
describe("createRequireAdmin", () => {
test("returns 401 when no session", async () => {
const app = createApp(mockAuth(null))
const res = await app.request("/api/admin/test")
expect(res.status).toBe(401)
const body = (await res.json()) as { error: string }
expect(body.error).toBe("Unauthorized")
})
test("returns 403 when user is not admin", async () => {
const app = createApp(mockAuth({ user: makeUser("user"), session: makeSession() }))
const res = await app.request("/api/admin/test")
expect(res.status).toBe(403)
const body = (await res.json()) as { error: string }
expect(body.error).toBe("Forbidden")
})
test("returns 403 when role is null", async () => {
const app = createApp(mockAuth({ user: makeUser(null), session: makeSession() }))
const res = await app.request("/api/admin/test")
expect(res.status).toBe(403)
})
test("allows admin users through and sets context", async () => {
const user = makeUser("admin")
const session = makeSession()
const app = createApp(mockAuth({ user, session }))
const res = await app.request("/api/admin/test")
expect(res.status).toBe(200)
const body = (await res.json()) as { ok: boolean }
expect(body.ok).toBe(true)
})
})

28
apps/freya-backend/src/auth/admin-middleware.ts Normal file
View File

@@ -0,0 +1,28 @@
import type { Context, MiddlewareHandler, Next } from "hono"
import type { Auth } from "./index.ts"
import type { AuthSessionEnv } from "./session-middleware.ts"
export type AdminMiddleware = MiddlewareHandler<AuthSessionEnv>
/**
* Creates a middleware that requires a valid session with admin role.
* Returns 401 if not authenticated, 403 if not admin.
*/
export function createRequireAdmin(auth: Auth): AdminMiddleware {
return async (c: Context, next: Next): Promise<Response | void> => {
const session = await auth.api.getSession({ headers: c.req.raw.headers })
if (!session) {
return c.json({ error: "Unauthorized" }, 401)
}
if (session.user.role !== "admin") {
return c.json({ error: "Forbidden" }, 403)
}
c.set("user", session.user)
c.set("session", session.session)
await next()
}
}

7
apps/freya-backend/src/auth/http.ts Normal file
View File

@@ -0,0 +1,7 @@
import type { Hono } from "hono"
import type { Auth } from "./index.ts"
export function registerAuthHandlers(app: Hono, auth: Auth): void {
app.on(["POST", "GET"], "/api/auth/*", (c) => auth.handler(c.req.raw))
}

29
apps/freya-backend/src/auth/index.ts Normal file
View File

@@ -0,0 +1,29 @@
import { betterAuth } from "better-auth"
import { drizzleAdapter } from "better-auth/adapters/drizzle"
import { admin } from "better-auth/plugins"
import type { Database } from "../db/index.ts"
import * as schema from "../db/schema.ts"
export function createAuth(db: Database) {
if (!process.env.BETTER_AUTH_SECRET) {
throw new Error("BETTER_AUTH_SECRET is not set")
}
return betterAuth({
database: drizzleAdapter(db, {
provider: "pg",
schema,
}),
advanced: {
disableCSRFCheck: process.env.NODE_ENV !== "production",
},
emailAndPassword: {
enabled: true,
},
plugins: [admin()],
})
}
export type Auth = ReturnType<typeof createAuth>

109
apps/freya-backend/src/auth/session-middleware.ts Normal file
View File

@@ -0,0 +1,109 @@
import type { Context, MiddlewareHandler, Next } from "hono"
import type { Auth } from "./index.ts"
import type { AuthSession, AuthUser } from "./session.ts"
export interface SessionVariables {
user: AuthUser | null
session: AuthSession | null
}
export type AuthSessionEnv = { Variables: SessionVariables }
export type AuthSessionMiddleware = MiddlewareHandler<AuthSessionEnv>
declare module "hono" {
interface ContextVariableMap extends SessionVariables {}
}
/**
* Creates a middleware that attaches session and user to the context.
* Does not reject unauthenticated requests - use createRequireSession for that.
*/
export function createSessionMiddleware(auth: Auth): AuthSessionMiddleware {
return async (c: Context, next: Next): Promise<void> => {
const session = await auth.api.getSession({ headers: c.req.raw.headers })
if (session) {
c.set("user", session.user)
c.set("session", session.session)
} else {
c.set("user", null)
c.set("session", null)
}
await next()
}
}
/**
* Creates a middleware that requires a valid session. Returns 401 if not authenticated.
*/
export function createRequireSession(auth: Auth): AuthSessionMiddleware {
return async (c: Context, next: Next): Promise<Response | void> => {
const session = await auth.api.getSession({ headers: c.req.raw.headers })
if (!session) {
return c.json({ error: "Unauthorized" }, 401)
}
c.set("user", session.user)
c.set("session", session.session)
await next()
}
}
/**
* Creates a function to get session from headers. Useful for WebSocket upgrade validation.
*/
export function createGetSessionFromHeaders(auth: Auth) {
return async (headers: Headers): Promise<{ user: AuthUser; session: AuthSession } | null> => {
const session = await auth.api.getSession({ headers })
return session
}
}
/**
* Dev/test middleware that injects a fake user and session.
* Pass userId to simulate an authenticated request, or omit to get 401.
*/
export function mockAuthSessionMiddleware(userId?: string): AuthSessionMiddleware {
return async (c: Context, next: Next): Promise<Response | void> => {
if (!userId) {
return c.json({ error: "Unauthorized" }, 401)
}
const now = new Date()
const expiresAt = new Date(now.getTime() + 7 * 24 * 60 * 60 * 1000)
const user: AuthUser = {
id: "k7Gx2mPqRvNwYs9TdLfA4bHcJeUo1iZn",
name: "Dev User",
email: "dev@freya.local",
emailVerified: true,
image: null,
createdAt: now,
updatedAt: now,
role: "admin",
banned: false,
banReason: null,
banExpires: null,
}
const session: AuthSession = {
id: "Wt3FvBpXaQrMhD8sKjE6LcYn0gUz5iRo",
userId: "k7Gx2mPqRvNwYs9TdLfA4bHcJeUo1iZn",
token: "Vb9CxNfRm2KwQs7TjPeA5dLhYg0UoZi4",
expiresAt,
ipAddress: "127.0.0.1",
userAgent: "freya-dev",
createdAt: now,
updatedAt: now,
}
c.set("user", user)
c.set("session", session)
await next()
}
}

4
apps/freya-backend/src/auth/session.ts Normal file
View File

@@ -0,0 +1,4 @@
import type { Auth } from "./index.ts"
export type AuthUser = Auth["$Infer"]["Session"]["user"]
export type AuthSession = Auth["$Infer"]["Session"]["session"]

85
apps/freya-backend/src/caldav/provider.test.ts Normal file
View File

@@ -0,0 +1,85 @@
import { describe, expect, test } from "bun:test"
import { CalDavSourceProvider } from "./provider.ts"
describe("CalDavSourceProvider", () => {
const provider = new CalDavSourceProvider()
test("sourceId is freya.caldav", () => {
expect(provider.sourceId).toBe("freya.caldav")
})
test("throws when credentials are null", async () => {
const config = { serverUrl: "https://caldav.icloud.com", username: "user@icloud.com" }
await expect(provider.feedSourceForUser("user-1", config, null)).rejects.toThrow(
"No CalDAV credentials configured",
)
})
test("throws when credentials are missing password", async () => {
const config = { serverUrl: "https://caldav.icloud.com", username: "user@icloud.com" }
await expect(provider.feedSourceForUser("user-1", config, {})).rejects.toThrow(
"password must be a string",
)
})
test("throws when config is missing serverUrl", async () => {
const credentials = { password: "app-specific-password" }
await expect(
provider.feedSourceForUser("user-1", { username: "user@icloud.com" }, credentials),
).rejects.toThrow("Invalid CalDAV config")
})
test("throws when config is missing username", async () => {
const credentials = { password: "app-specific-password" }
await expect(
provider.feedSourceForUser("user-1", { serverUrl: "https://caldav.icloud.com" }, credentials),
).rejects.toThrow("Invalid CalDAV config")
})
test("throws when config has extra keys", async () => {
const config = {
serverUrl: "https://caldav.icloud.com",
username: "user@icloud.com",
extra: true,
}
const credentials = { password: "app-specific-password" }
await expect(provider.feedSourceForUser("user-1", config, credentials)).rejects.toThrow(
"Invalid CalDAV config",
)
})
test("throws when credentials have extra keys", async () => {
const config = { serverUrl: "https://caldav.icloud.com", username: "user@icloud.com" }
const credentials = { password: "app-specific-password", extra: true }
await expect(provider.feedSourceForUser("user-1", config, credentials)).rejects.toThrow(
"extra must be removed",
)
})
test("returns CalDavSource with valid config and credentials", async () => {
const config = {
serverUrl: "https://caldav.icloud.com",
username: "user@icloud.com",
lookAheadDays: 3,
timeZone: "Europe/London",
}
const credentials = { password: "app-specific-password" }
const source = await provider.feedSourceForUser("user-1", config, credentials)
expect(source).toBeDefined()
expect(source.id).toBe("freya.caldav")
})
test("returns CalDavSource with minimal config", async () => {
const config = {
serverUrl: "https://caldav.icloud.com",
username: "user@icloud.com",
}
const credentials = { password: "app-specific-password" }
const source = await provider.feedSourceForUser("user-1", config, credentials)
expect(source).toBeDefined()
expect(source.id).toBe("freya.caldav")
})
})

53
apps/freya-backend/src/caldav/provider.ts Normal file
View File

@@ -0,0 +1,53 @@
import { CalDavSource } from "@freya/source-caldav"
import { type } from "arktype"
import type { FeedSourceProvider } from "../session/feed-source-provider.ts"
import { InvalidSourceCredentialsError } from "../sources/errors.ts"
const caldavConfig = type({
"+": "reject",
serverUrl: "string",
username: "string",
"lookAheadDays?": "number",
"timeZone?": "string",
})
const caldavCredentials = type({
"+": "reject",
password: "string",
})
export class CalDavSourceProvider implements FeedSourceProvider {
readonly sourceId = "freya.caldav"
readonly configSchema = caldavConfig
async feedSourceForUser(
_userId: string,
config: unknown,
credentials: unknown,
): Promise<CalDavSource> {
const parsed = caldavConfig(config)
if (parsed instanceof type.errors) {
throw new Error(`Invalid CalDAV config: ${parsed.summary}`)
}
if (!credentials) {
throw new InvalidSourceCredentialsError("freya.caldav", "No CalDAV credentials configured")
}
const creds = caldavCredentials(credentials)
if (creds instanceof type.errors) {
throw new InvalidSourceCredentialsError("freya.caldav", creds.summary)
}
return new CalDavSource({
serverUrl: parsed.serverUrl,
authMethod: "basic",
username: parsed.username,
password: creds.password,
lookAheadDays: parsed.lookAheadDays,
timeZone: parsed.timeZone,
})
}
}

96
apps/freya-backend/src/db/auth-schema.ts Normal file
View File

@@ -0,0 +1,96 @@
import { relations } from "drizzle-orm"
import { pgTable, text, timestamp, boolean, index } from "drizzle-orm/pg-core"
export const user = pgTable("user", {
id: text("id").primaryKey(),
name: text("name").notNull(),
email: text("email").notNull().unique(),
emailVerified: boolean("email_verified").default(false).notNull(),
image: text("image"),
createdAt: timestamp("created_at").notNull(),
updatedAt: timestamp("updated_at")
.$onUpdate(() => new Date())
.notNull(),
role: text("role"),
banned: boolean("banned").default(false),
banReason: text("ban_reason"),
banExpires: timestamp("ban_expires"),
})
export const session = pgTable(
"session",
{
id: text("id").primaryKey(),
expiresAt: timestamp("expires_at").notNull(),
token: text("token").notNull().unique(),
createdAt: timestamp("created_at").notNull(),
updatedAt: timestamp("updated_at")
.$onUpdate(() => new Date())
.notNull(),
ipAddress: text("ip_address"),
userAgent: text("user_agent"),
userId: text("user_id")
.notNull()
.references(() => user.id, { onDelete: "cascade" }),
impersonatedBy: text("impersonated_by"),
},
(table) => [index("session_userId_idx").on(table.userId)],
)
export const account = pgTable(
"account",
{
id: text("id").primaryKey(),
accountId: text("account_id").notNull(),
providerId: text("provider_id").notNull(),
userId: text("user_id")
.notNull()
.references(() => user.id, { onDelete: "cascade" }),
accessToken: text("access_token"),
refreshToken: text("refresh_token"),
idToken: text("id_token"),
accessTokenExpiresAt: timestamp("access_token_expires_at"),
refreshTokenExpiresAt: timestamp("refresh_token_expires_at"),
scope: text("scope"),
password: text("password"),
createdAt: timestamp("created_at").notNull(),
updatedAt: timestamp("updated_at")
.$onUpdate(() => new Date())
.notNull(),
},
(table) => [index("account_userId_idx").on(table.userId)],
)
export const verification = pgTable(
"verification",
{
id: text("id").primaryKey(),
identifier: text("identifier").notNull(),
value: text("value").notNull(),
expiresAt: timestamp("expires_at").notNull(),
createdAt: timestamp("created_at").notNull(),
updatedAt: timestamp("updated_at")
.$onUpdate(() => new Date())
.notNull(),
},
(table) => [index("verification_identifier_idx").on(table.identifier)],
)
export const userRelations = relations(user, ({ many }) => ({
sessions: many(session),
accounts: many(account),
}))
export const sessionRelations = relations(session, ({ one }) => ({
user: one(user, {
fields: [session.userId],
references: [user.id],
}),
}))
export const accountRelations = relations(account, ({ one }) => ({
user: one(user, {
fields: [account.userId],
references: [user.id],
}),
}))

26
apps/freya-backend/src/db/index.ts Normal file
View File

@@ -0,0 +1,26 @@
import type { PgDatabase } from "drizzle-orm/pg-core"
import { SQL } from "bun"
import { drizzle, type BunSQLQueryResultHKT } from "drizzle-orm/bun-sql"
import * as schema from "./schema.ts"
/** Covers both the top-level drizzle instance and transaction handles. */
export type Database = PgDatabase<BunSQLQueryResultHKT, typeof schema>
export interface DatabaseConnection {
db: Database
close: () => Promise<void>
}
export function createDatabase(url: string): DatabaseConnection {
if (!url) {
throw new Error("DATABASE_URL is required")
}
const client = new SQL({ url })
return {
db: drizzle({ client, schema }),
close: () => client.close(),
}
}

62
apps/freya-backend/src/db/schema.ts Normal file
View File

@@ -0,0 +1,62 @@
import {
boolean,
customType,
index,
jsonb,
pgTable,
text,
timestamp,
unique,
uuid,
} from "drizzle-orm/pg-core"
// ---------------------------------------------------------------------------
// Better Auth core tables
// Re-exported from CLI-generated schema.
// Regenerate with: bunx --bun auth@latest generate --config auth.ts --output src/db/auth-schema.ts
// ---------------------------------------------------------------------------
export {
user,
session,
account,
verification,
userRelations,
sessionRelations,
accountRelations,
} from "./auth-schema.ts"
import { user } from "./auth-schema.ts"
// ---------------------------------------------------------------------------
// FREYA — per-user source configuration
// ---------------------------------------------------------------------------
const bytea = customType<{ data: Buffer }>({
dataType() {
return "bytea"
},
})
export const userSources = pgTable(
"user_sources",
{
id: uuid("id").primaryKey().defaultRandom(),
userId: text("user_id")
.notNull()
.references(() => user.id, { onDelete: "cascade" }),
sourceId: text("source_id").notNull(),
enabled: boolean("enabled").notNull().default(true),
config: jsonb("config").default({}),
credentials: bytea("credentials"),
createdAt: timestamp("created_at").notNull().defaultNow(),
updatedAt: timestamp("updated_at")
.notNull()
.defaultNow()
.$onUpdate(() => new Date()),
},
(t) => [
unique("user_sources_user_id_source_id_unique").on(t.userId, t.sourceId),
index("user_sources_user_id_enabled_idx").on(t.userId, t.enabled),
],
)

418
apps/freya-backend/src/engine/http.test.ts Normal file
View File

@@ -0,0 +1,418 @@
import type { ActionDefinition, ContextEntry, FeedItem, FeedSource } from "@freya/core"
import { contextKey } from "@freya/core"
import { describe, expect, mock, spyOn, test } from "bun:test"
import { Hono } from "hono"
import type { Database } from "../db/index.ts"
import { mockAuthSessionMiddleware } from "../auth/session-middleware.ts"
import { UserSessionManager } from "../session/index.ts"
import { registerFeedHttpHandlers } from "./http.ts"
interface FeedResponse {
items: Array<{
id: string
type: string
priority: number
timestamp: string
data: Record<string, unknown>
}>
errors: Array<{ sourceId: string; error: string }>
}
function createStubSource(
id: string,
items: FeedItem[] = [],
contextEntries: readonly ContextEntry[] | null = null,
): FeedSource {
return {
id,
async listActions(): Promise<Record<string, ActionDefinition>> {
return {}
},
async executeAction(): Promise<unknown> {
return undefined
},
async fetchContext(): Promise<readonly ContextEntry[] | null> {
return contextEntries
},
async fetchItems() {
return items
},
}
}
function buildTestApp(sessionManager: UserSessionManager, userId?: string) {
const app = new Hono()
registerFeedHttpHandlers(app, {
sessionManager,
authSessionMiddleware: mockAuthSessionMiddleware(userId),
})
return app
}
let mockEnabledSourceIds: string[] = []
mock.module("../sources/user-sources.ts", () => ({
sources: (_db: Database, _userId: string) => ({
async enabled() {
const now = new Date()
return mockEnabledSourceIds.map((sourceId) => ({
id: crypto.randomUUID(),
userId: _userId,
sourceId,
enabled: true,
config: {},
credentials: null,
createdAt: now,
updatedAt: now,
}))
},
async find(sourceId: string) {
const now = new Date()
return {
id: crypto.randomUUID(),
userId: _userId,
sourceId,
enabled: true,
config: {},
credentials: null,
createdAt: now,
updatedAt: now,
}
},
}),
}))
const fakeDb = {} as Database
describe("GET /api/feed", () => {
test("returns 401 without auth", async () => {
mockEnabledSourceIds = []
const manager = new UserSessionManager({ db: fakeDb, providers: [] })
const app = buildTestApp(manager)
const res = await app.request("/api/feed")
expect(res.status).toBe(401)
})
test("returns cached feed when available", async () => {
const items: FeedItem[] = [
{
id: "item-1",
sourceId: "test",
type: "test",
priority: 0.8,
timestamp: new Date("2025-01-01T00:00:00.000Z"),
data: { value: 42 },
},
]
mockEnabledSourceIds = ["test"]
const manager = new UserSessionManager({
db: fakeDb,
providers: [
{
sourceId: "test",
async feedSourceForUser() {
return createStubSource("test", items)
},
},
],
})
const app = buildTestApp(manager, "user-1")
// Prime the cache
const session = await manager.getOrCreate("user-1")
await session.engine.refresh()
expect(session.engine.lastFeed()).not.toBeNull()
const res = await app.request("/api/feed")
expect(res.status).toBe(200)
const body = (await res.json()) as FeedResponse
expect(body.items).toHaveLength(1)
expect(body.items[0]!.id).toBe("item-1")
expect(body.items[0]!.type).toBe("test")
expect(body.items[0]!.priority).toBe(0.8)
expect(body.items[0]!.timestamp).toBe("2025-01-01T00:00:00.000Z")
expect(body.errors).toHaveLength(0)
})
test("forces refresh when no cached feed", async () => {
const items: FeedItem[] = [
{
id: "fresh-1",
sourceId: "test",
type: "test",
priority: 0.5,
timestamp: new Date("2025-06-01T12:00:00.000Z"),
data: { fresh: true },
},
]
mockEnabledSourceIds = ["test"]
const manager = new UserSessionManager({
db: fakeDb,
providers: [
{
sourceId: "test",
async feedSourceForUser() {
return createStubSource("test", items)
},
},
],
})
const app = buildTestApp(manager, "user-1")
// No prior refresh — lastFeed() returns null, handler should call refresh()
const res = await app.request("/api/feed")
expect(res.status).toBe(200)
const body = (await res.json()) as FeedResponse
expect(body.items).toHaveLength(1)
expect(body.items[0]!.id).toBe("fresh-1")
expect(body.items[0]!.data.fresh).toBe(true)
expect(body.errors).toHaveLength(0)
})
test("serializes source errors as message strings", async () => {
const failingSource: FeedSource = {
id: "failing",
async listActions() {
return {}
},
async executeAction() {
return undefined
},
async fetchContext() {
return null
},
async fetchItems() {
throw new Error("connection timeout")
},
}
mockEnabledSourceIds = ["failing"]
const manager = new UserSessionManager({
db: fakeDb,
providers: [
{
sourceId: "failing",
async feedSourceForUser() {
return failingSource
},
},
],
})
const app = buildTestApp(manager, "user-1")
const res = await app.request("/api/feed")
expect(res.status).toBe(200)
const body = (await res.json()) as FeedResponse
expect(body.items).toHaveLength(0)
expect(body.errors).toHaveLength(1)
expect(body.errors[0]!.sourceId).toBe("failing")
expect(body.errors[0]!.error).toBe("connection timeout")
})
test("returns 503 when all providers fail", async () => {
mockEnabledSourceIds = ["test"]
const manager = new UserSessionManager({
db: fakeDb,
providers: [
{
sourceId: "test",
async feedSourceForUser() {
throw new Error("provider down")
},
},
],
})
const app = buildTestApp(manager, "user-1")
const spy = spyOn(console, "error").mockImplementation(() => {})
const res = await app.request("/api/feed")
expect(res.status).toBe(503)
const body = (await res.json()) as { error: string }
expect(body.error).toBe("Service unavailable")
spy.mockRestore()
})
})
describe("GET /api/context", () => {
const weatherKey = contextKey("freya.weather", "weather")
const weatherData = { temperature: 20, condition: "Clear" }
const contextEntries: readonly ContextEntry[] = [[weatherKey, weatherData]]
// The mock auth middleware always injects this hardcoded user ID
const mockUserId = "k7Gx2mPqRvNwYs9TdLfA4bHcJeUo1iZn"
async function buildContextApp(userId?: string) {
mockEnabledSourceIds = ["weather"]
const manager = new UserSessionManager({
db: fakeDb,
providers: [
{
sourceId: "weather",
async feedSourceForUser() {
return createStubSource("weather", [], contextEntries)
},
},
],
})
const app = buildTestApp(manager, userId)
const session = await manager.getOrCreate(mockUserId)
return { app, session }
}
test("returns 401 without auth", async () => {
mockEnabledSourceIds = []
const manager = new UserSessionManager({ db: fakeDb, providers: [] })
const app = buildTestApp(manager)
const res = await app.request('/api/context?key=["freya.weather","weather"]')
expect(res.status).toBe(401)
})
test("returns 400 when key param is missing", async () => {
const { app } = await buildContextApp("user-1")
const res = await app.request("/api/context")
expect(res.status).toBe(400)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("key")
})
test("returns 400 when key is invalid JSON", async () => {
const { app } = await buildContextApp("user-1")
const res = await app.request("/api/context?key=notjson")
expect(res.status).toBe(400)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("key")
})
test("returns 400 when key is not an array", async () => {
const { app } = await buildContextApp("user-1")
const res = await app.request('/api/context?key="string"')
expect(res.status).toBe(400)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("key")
})
test("returns 400 when key contains invalid element types", async () => {
const { app } = await buildContextApp("user-1")
const res = await app.request("/api/context?key=[true,null,[1,2]]")
expect(res.status).toBe(400)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("key")
})
test("returns 400 when key is an empty array", async () => {
const { app } = await buildContextApp("user-1")
const res = await app.request("/api/context?key=[]")
expect(res.status).toBe(400)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("key")
})
test("returns 400 when match param is invalid", async () => {
const { app } = await buildContextApp("user-1")
const res = await app.request('/api/context?key=["freya.weather"]&match=invalid')
expect(res.status).toBe(400)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("match")
})
test("returns exact match with match=exact", async () => {
const { app, session } = await buildContextApp("user-1")
await session.engine.refresh()
const res = await app.request('/api/context?key=["freya.weather","weather"]&match=exact')
expect(res.status).toBe(200)
const body = (await res.json()) as { match: string; value: unknown }
expect(body.match).toBe("exact")
expect(body.value).toEqual(weatherData)
})
test("returns 404 with match=exact when only prefix would match", async () => {
const { app, session } = await buildContextApp("user-1")
await session.engine.refresh()
const res = await app.request('/api/context?key=["freya.weather"]&match=exact')
expect(res.status).toBe(404)
})
test("returns prefix match with match=prefix", async () => {
const { app, session } = await buildContextApp("user-1")
await session.engine.refresh()
const res = await app.request('/api/context?key=["freya.weather"]&match=prefix')
expect(res.status).toBe(200)
const body = (await res.json()) as {
match: string
entries: Array<{ key: unknown[]; value: unknown }>
}
expect(body.match).toBe("prefix")
expect(body.entries).toHaveLength(1)
expect(body.entries[0]!.key).toEqual(["freya.weather", "weather"])
expect(body.entries[0]!.value).toEqual(weatherData)
})
test("default mode returns exact match when available", async () => {
const { app, session } = await buildContextApp("user-1")
await session.engine.refresh()
const res = await app.request('/api/context?key=["freya.weather","weather"]')
expect(res.status).toBe(200)
const body = (await res.json()) as { match: string; value: unknown }
expect(body.match).toBe("exact")
expect(body.value).toEqual(weatherData)
})
test("default mode falls back to prefix when no exact match", async () => {
const { app, session } = await buildContextApp("user-1")
await session.engine.refresh()
const res = await app.request('/api/context?key=["freya.weather"]')
expect(res.status).toBe(200)
const body = (await res.json()) as {
match: string
entries: Array<{ key: unknown[]; value: unknown }>
}
expect(body.match).toBe("prefix")
expect(body.entries).toHaveLength(1)
expect(body.entries[0]!.value).toEqual(weatherData)
})
test("returns 404 when neither exact nor prefix matches", async () => {
const { app, session } = await buildContextApp("user-1")
await session.engine.refresh()
const res = await app.request('/api/context?key=["nonexistent"]')
expect(res.status).toBe(404)
const body = (await res.json()) as { error: string }
expect(body.error).toBe("Context key not found")
})
})

133
apps/freya-backend/src/engine/http.ts Normal file
View File

@@ -0,0 +1,133 @@
import type { Context, Hono } from "hono"
import { contextKey } from "@freya/core"
import { createMiddleware } from "hono/factory"
import type { AuthSessionMiddleware } from "../auth/session-middleware.ts"
import type { UserSessionManager } from "../session/index.ts"
type Env = {
Variables: {
sessionManager: UserSessionManager
}
}
interface FeedHttpHandlersDeps {
sessionManager: UserSessionManager
authSessionMiddleware: AuthSessionMiddleware
}
export function registerFeedHttpHandlers(
app: Hono,
{ sessionManager, authSessionMiddleware }: FeedHttpHandlersDeps,
) {
const inject = createMiddleware<Env>(async (c, next) => {
c.set("sessionManager", sessionManager)
await next()
})
app.get("/api/feed", inject, authSessionMiddleware, handleGetFeed)
app.get("/api/context", inject, authSessionMiddleware, handleGetContext)
}
async function handleGetFeed(c: Context<Env>) {
const user = c.get("user")!
const sessionManager = c.get("sessionManager")
let session
try {
session = await sessionManager.getOrCreate(user.id)
} catch (err) {
console.error("[handleGetFeed] Failed to create session:", err)
return c.json({ error: "Service unavailable" }, 503)
}
const feed = await session.feed()
return c.json({
items: feed.items,
errors: feed.errors.map((e) => ({
sourceId: e.sourceId,
error: e.error.message,
})),
})
}
async function handleGetContext(c: Context<Env>) {
const keyParam = c.req.query("key")
if (!keyParam) {
return c.json({ error: 'Invalid or missing "key" parameter: must be a JSON array' }, 400)
}
let parsed: unknown
try {
parsed = JSON.parse(keyParam)
} catch {
return c.json({ error: 'Invalid or missing "key" parameter: must be a JSON array' }, 400)
}
if (!Array.isArray(parsed) || parsed.length === 0 || !parsed.every(isContextKeyPart)) {
return c.json({ error: 'Invalid or missing "key" parameter: must be a JSON array' }, 400)
}
const matchParam = c.req.query("match")
if (matchParam !== undefined && matchParam !== "exact" && matchParam !== "prefix") {
return c.json({ error: 'Invalid "match" parameter: must be "exact" or "prefix"' }, 400)
}
const user = c.get("user")!
const sessionManager = c.get("sessionManager")
let session
try {
session = await sessionManager.getOrCreate(user.id)
} catch (err) {
console.error("[handleGetContext] Failed to create session:", err)
return c.json({ error: "Service unavailable" }, 503)
}
const context = session.engine.currentContext()
const key = contextKey(...parsed)
if (matchParam === "exact") {
const value = context.get(key)
if (value === undefined) {
return c.json({ error: "Context key not found" }, 404)
}
return c.json({ match: "exact", value })
}
if (matchParam === "prefix") {
const entries = context.find(key)
if (entries.length === 0) {
return c.json({ error: "Context key not found" }, 404)
}
return c.json({ match: "prefix", entries })
}
// Default: single find() covers both exact and prefix matches
const entries = context.find(key)
if (entries.length === 0) {
return c.json({ error: "Context key not found" }, 404)
}
// If exactly one result with the same key length, treat as exact match
if (entries.length === 1 && entries[0]!.key.length === parsed.length) {
return c.json({ match: "exact", value: entries[0]!.value })
}
return c.json({ match: "prefix", entries })
}
/** Validates that a value is a valid ContextKeyPart (string, number, or plain object of primitives). */
function isContextKeyPart(value: unknown): boolean {
if (typeof value === "string" || typeof value === "number") {
return true
}
if (typeof value === "object" && value !== null && !Array.isArray(value)) {
return Object.values(value).every(
(v) => typeof v === "string" || typeof v === "number" || typeof v === "boolean",
)
}
return false
}

49
apps/freya-backend/src/enhancement/enhance-feed.ts Normal file
View File

@@ -0,0 +1,49 @@
import type { FeedItem } from "@freya/core"
import type { LlmClient } from "./llm-client.ts"
import { mergeEnhancement } from "./merge.ts"
import { buildPrompt, hasUnfilledSlots } from "./prompt-builder.ts"
/** Takes feed items, returns enhanced feed items. */
export type FeedEnhancer = (items: FeedItem[]) => Promise<FeedItem[]>
export interface FeedEnhancerConfig {
client: LlmClient
/** Defaults to Date.now — override for testing */
clock?: () => Date
}
/**
* Creates a FeedEnhancer that uses the provided LlmClient.
*
* Skips the LLM call when no items have unfilled slots.
* Returns items unchanged on LLM failure.
*/
export function createFeedEnhancer(config: FeedEnhancerConfig): FeedEnhancer {
const { client } = config
const clock = config.clock ?? (() => new Date())
return async function enhanceFeed(items) {
if (!hasUnfilledSlots(items)) {
return items
}
const currentTime = clock()
const { systemPrompt, userMessage } = buildPrompt(items, currentTime)
let result
try {
result = await client.enhance({ systemPrompt, userMessage })
} catch (err) {
console.error("[enhancement] LLM call failed:", err)
result = null
}
if (!result) {
return items
}
return mergeEnhancement(items, result, currentTime)
}
}

73
apps/freya-backend/src/enhancement/llm-client.ts Normal file
View File

@@ -0,0 +1,73 @@
import { OpenRouter } from "@openrouter/sdk"
import type { EnhancementResult } from "./schema.ts"
import { enhancementResultJsonSchema, parseEnhancementResult } from "./schema.ts"
const DEFAULT_MODEL = "z-ai/glm-4.7-flash"
const DEFAULT_TIMEOUT_MS = 30_000
export interface LlmClientConfig {
apiKey: string
model?: string
timeoutMs?: number
}
export interface LlmClientRequest {
systemPrompt: string
userMessage: string
}
export interface LlmClient {
enhance(request: LlmClientRequest): Promise<EnhancementResult | null>
}
/**
* Creates a reusable LLM client backed by OpenRouter.
* The OpenRouter SDK instance is created once and reused across calls.
*/
export function createLlmClient(config: LlmClientConfig): LlmClient {
const client = new OpenRouter({
apiKey: config.apiKey,
timeoutMs: config.timeoutMs ?? DEFAULT_TIMEOUT_MS,
})
const model = config.model ?? DEFAULT_MODEL
return {
async enhance(request) {
const response = await client.chat.send({
chatGenerationParams: {
model,
messages: [
{ role: "system" as const, content: request.systemPrompt },
{ role: "user" as const, content: request.userMessage },
],
responseFormat: {
type: "json_schema" as const,
jsonSchema: {
name: "enhancement_result",
strict: false,
schema: enhancementResultJsonSchema,
},
},
reasoning: { effort: "none" },
stream: false,
},
})
const message = response.choices?.[0]?.message
const content = message?.content ?? message?.reasoning
if (typeof content !== "string") {
console.warn("[enhancement] LLM returned no content in response")
return null
}
const result = parseEnhancementResult(content)
if (!result) {
console.warn("[enhancement] Failed to parse LLM response:", content)
}
return result
},
}
}

151
apps/freya-backend/src/enhancement/merge.test.ts Normal file
View File

@@ -0,0 +1,151 @@
import type { FeedItem } from "@freya/core"
import { describe, expect, test } from "bun:test"
import type { EnhancementResult } from "./schema.ts"
import { mergeEnhancement } from "./merge.ts"
function makeItem(overrides: Partial<FeedItem> = {}): FeedItem {
return {
id: "item-1",
sourceId: "test",
type: "test",
timestamp: new Date("2025-01-01T00:00:00Z"),
data: { value: 42 },
...overrides,
}
}
const now = new Date("2025-06-01T12:00:00Z")
describe("mergeEnhancement", () => {
test("fills matching slots", () => {
const item = makeItem({
slots: {
insight: { description: "Weather insight", content: null },
},
})
const result: EnhancementResult = {
slotFills: {
"item-1": { insight: "Rain after 3pm" },
},
syntheticItems: [],
}
const merged = mergeEnhancement([item], result, now)
expect(merged).toHaveLength(1)
expect(merged[0]!.slots!.insight!.content).toBe("Rain after 3pm")
// Description preserved
expect(merged[0]!.slots!.insight!.description).toBe("Weather insight")
})
test("does not mutate original items", () => {
const item = makeItem({
slots: {
insight: { description: "test", content: null },
},
})
const result: EnhancementResult = {
slotFills: { "item-1": { insight: "filled" } },
syntheticItems: [],
}
mergeEnhancement([item], result, now)
expect(item.slots!.insight!.content).toBeNull()
})
test("ignores fills for non-existent items", () => {
const item = makeItem()
const result: EnhancementResult = {
slotFills: { "non-existent": { insight: "text" } },
syntheticItems: [],
}
const merged = mergeEnhancement([item], result, now)
expect(merged).toHaveLength(1)
expect(merged[0]!.id).toBe("item-1")
})
test("ignores fills for non-existent slots", () => {
const item = makeItem({
slots: {
insight: { description: "test", content: null },
},
})
const result: EnhancementResult = {
slotFills: { "item-1": { "non-existent-slot": "text" } },
syntheticItems: [],
}
const merged = mergeEnhancement([item], result, now)
expect(merged[0]!.slots!.insight!.content).toBeNull()
})
test("skips null fills", () => {
const item = makeItem({
slots: {
insight: { description: "test", content: null },
},
})
const result: EnhancementResult = {
slotFills: { "item-1": { insight: null } },
syntheticItems: [],
}
const merged = mergeEnhancement([item], result, now)
expect(merged[0]!.slots!.insight!.content).toBeNull()
})
test("passes through items without slots unchanged", () => {
const item = makeItem()
const result: EnhancementResult = {
slotFills: {},
syntheticItems: [],
}
const merged = mergeEnhancement([item], result, now)
expect(merged[0]).toBe(item)
})
test("appends synthetic items with backfilled fields", () => {
const item = makeItem()
const result: EnhancementResult = {
slotFills: {},
syntheticItems: [
{
id: "briefing-morning",
type: "briefing",
text: "Light afternoon ahead.",
},
],
}
const merged = mergeEnhancement([item], result, now)
expect(merged).toHaveLength(2)
expect(merged[1]!.id).toBe("briefing-morning")
expect(merged[1]!.type).toBe("briefing")
expect(merged[1]!.timestamp).toEqual(now)
expect(merged[1]!.data).toEqual({ text: "Light afternoon ahead." })
})
test("handles empty enhancement result", () => {
const item = makeItem()
const result: EnhancementResult = {
slotFills: {},
syntheticItems: [],
}
const merged = mergeEnhancement([item], result, now)
expect(merged).toHaveLength(1)
expect(merged[0]).toBe(item)
})
})

48
apps/freya-backend/src/enhancement/merge.ts Normal file
View File

@@ -0,0 +1,48 @@
import type { FeedItem } from "@freya/core"
import type { EnhancementResult } from "./schema.ts"
const ENHANCEMENT_SOURCE_ID = "freya.enhancement"
/**
* Merges an EnhancementResult into feed items.
*
* - Writes slot content from slotFills into matching items
* - Appends synthetic items to the list
* - Returns a new array (no mutation)
* - Ignores fills for items/slots that don't exist
*/
export function mergeEnhancement(
items: FeedItem[],
result: EnhancementResult,
currentTime: Date,
): FeedItem[] {
const merged = items.map((item) => {
const fills = result.slotFills[item.id]
if (!fills || !item.slots) return item
const mergedSlots = { ...item.slots }
let changed = false
for (const [slotName, content] of Object.entries(fills)) {
if (slotName in mergedSlots && content !== null) {
mergedSlots[slotName] = { ...mergedSlots[slotName]!, content }
changed = true
}
}
return changed ? { ...item, slots: mergedSlots } : item
})
for (const synthetic of result.syntheticItems) {
merged.push({
id: synthetic.id,
sourceId: ENHANCEMENT_SOURCE_ID,
type: synthetic.type,
timestamp: currentTime,
data: { text: synthetic.text },
})
}
return merged
}

170
apps/freya-backend/src/enhancement/prompt-builder.test.ts Normal file
View File

@@ -0,0 +1,170 @@
import type { FeedItem } from "@freya/core"
import { describe, expect, test } from "bun:test"
import { buildPrompt, hasUnfilledSlots } from "./prompt-builder.ts"
function makeItem(overrides: Partial<FeedItem> = {}): FeedItem {
return {
id: "item-1",
sourceId: "test",
type: "test",
timestamp: new Date("2025-01-01T00:00:00Z"),
data: { value: 42 },
...overrides,
}
}
function parseUserMessage(userMessage: string): Record<string, unknown> {
return JSON.parse(userMessage)
}
describe("hasUnfilledSlots", () => {
test("returns false for items without slots", () => {
expect(hasUnfilledSlots([makeItem()])).toBe(false)
})
test("returns false for items with all slots filled", () => {
const item = makeItem({
slots: {
insight: { description: "test", content: "filled" },
},
})
expect(hasUnfilledSlots([item])).toBe(false)
})
test("returns true when at least one slot is unfilled", () => {
const item = makeItem({
slots: {
insight: { description: "test", content: null },
},
})
expect(hasUnfilledSlots([item])).toBe(true)
})
test("returns false for empty array", () => {
expect(hasUnfilledSlots([])).toBe(false)
})
})
describe("buildPrompt", () => {
test("puts items with unfilled slots in items", () => {
const item = makeItem({
slots: {
insight: { description: "Weather insight", content: null },
filled: { description: "Already done", content: "done" },
},
})
const { userMessage } = buildPrompt([item], new Date("2025-06-01T12:00:00Z"))
const parsed = parseUserMessage(userMessage)
expect(parsed.items).toHaveLength(1)
expect((parsed.items as Array<Record<string, unknown>>)[0]!.id).toBe("item-1")
expect((parsed.items as Array<Record<string, unknown>>)[0]!.slots).toEqual({
insight: "Weather insight",
})
expect((parsed.items as Array<Record<string, unknown>>)[0]!.type).toBeUndefined()
expect(parsed.context).toHaveLength(0)
})
test("puts slotless items in context", () => {
const withSlots = makeItem({
id: "with-slots",
slots: { insight: { description: "test", content: null } },
})
const withoutSlots = makeItem({ id: "no-slots" })
const { userMessage } = buildPrompt([withSlots, withoutSlots], new Date("2025-06-01T12:00:00Z"))
const parsed = parseUserMessage(userMessage)
expect(parsed.items).toHaveLength(1)
expect((parsed.items as Array<Record<string, unknown>>)[0]!.id).toBe("with-slots")
expect(parsed.context).toHaveLength(1)
expect((parsed.context as Array<Record<string, unknown>>)[0]!.id).toBe("no-slots")
})
test("includes time in ISO format", () => {
const { userMessage } = buildPrompt([], new Date("2025-06-01T12:00:00Z"))
const parsed = parseUserMessage(userMessage)
expect(parsed.time).toBe("2025-06-01T12:00:00.000Z")
})
test("system prompt is non-empty", () => {
const { systemPrompt } = buildPrompt([], new Date())
expect(systemPrompt.length).toBeGreaterThan(0)
})
test("includes schedule in system prompt", () => {
const calEvent = makeItem({
id: "cal-1",
type: "caldav-event",
data: {
title: "Team standup",
startDate: "2025-06-01T10:00:00Z",
endDate: "2025-06-01T10:30:00Z",
isAllDay: false,
location: null,
},
slots: {
insight: { description: "test", content: null },
},
})
const { systemPrompt } = buildPrompt([calEvent], new Date("2025-06-01T12:00:00Z"))
expect(systemPrompt).toContain("Schedule:\n")
expect(systemPrompt).toContain("Team standup")
expect(systemPrompt).toContain("10:00")
})
test("includes location in schedule", () => {
const calEvent = makeItem({
id: "cal-1",
type: "caldav-event",
data: {
title: "Therapy",
startDate: "2025-06-02T18:00:00Z",
endDate: "2025-06-02T19:00:00Z",
isAllDay: false,
location: "92 Tooley Street, London",
},
})
const { systemPrompt } = buildPrompt([calEvent], new Date("2025-06-01T12:00:00Z"))
expect(systemPrompt).toContain("Therapy @ 92 Tooley Street, London")
})
test("includes week calendar but omits schedule when no calendar items", () => {
const weatherItem = makeItem({
type: "weather-current",
data: { temperature: 14 },
})
const { systemPrompt } = buildPrompt([weatherItem], new Date("2025-06-01T12:00:00Z"))
expect(systemPrompt).toContain("Week:")
expect(systemPrompt).not.toContain("Schedule:")
})
test("user message is pure JSON", () => {
const calEvent = makeItem({
id: "cal-1",
type: "caldav-event",
data: {
title: "Budget Review",
startTime: "2025-06-01T14:00:00Z",
endTime: "2025-06-01T15:00:00Z",
isAllDay: false,
location: "https://meet.google.com/abc",
},
})
const { userMessage } = buildPrompt([calEvent], new Date("2025-06-01T12:00:00Z"))
expect(userMessage.startsWith("{")).toBe(true)
expect(() => JSON.parse(userMessage)).not.toThrow()
})
})

232
apps/freya-backend/src/enhancement/prompt-builder.ts Normal file
View File

@@ -0,0 +1,232 @@
import type { FeedItem } from "@freya/core"
import { CalDavFeedItemType } from "@freya/source-caldav"
import { CalendarFeedItemType } from "@freya/source-google-calendar"
import systemPromptBase from "./prompts/system.txt"
const CALENDAR_ITEM_TYPES = new Set<string>([
CalDavFeedItemType.Event,
CalendarFeedItemType.Event,
CalendarFeedItemType.AllDay,
])
/**
* Builds the system prompt and user message for the enhancement harness.
*
* Includes a pre-computed mini calendar so the LLM doesn't have to
* parse timestamps to understand the user's schedule.
*/
export function buildPrompt(
items: FeedItem[],
currentTime: Date,
): { systemPrompt: string; userMessage: string } {
const schedule = buildSchedule(items, currentTime)
const enhanceItems: Array<{
id: string
data: Record<string, unknown>
slots: Record<string, string>
}> = []
const contextItems: Array<{
id: string
type: string
data: Record<string, unknown>
}> = []
for (const item of items) {
const hasUnfilledSlots =
item.slots && Object.values(item.slots).some((slot) => slot.content === null)
if (hasUnfilledSlots) {
enhanceItems.push({
id: item.id,
data: item.data,
slots: Object.fromEntries(
Object.entries(item.slots!)
.filter(([, slot]) => slot.content === null)
.map(([name, slot]) => [name, slot.description]),
),
})
} else {
contextItems.push({
id: item.id,
type: item.type,
data: item.data,
})
}
}
const userMessage = JSON.stringify({
time: currentTime.toISOString(),
items: enhanceItems,
context: contextItems,
})
const weekCalendar = buildWeekCalendar(currentTime)
let systemPrompt = systemPromptBase
systemPrompt += `\n\nWeek:\n${weekCalendar}`
if (schedule) {
systemPrompt += `\n\nSchedule:\n${schedule}`
}
return { systemPrompt, userMessage }
}
/**
* Returns true if any item has at least one unfilled slot.
*/
export function hasUnfilledSlots(items: FeedItem[]): boolean {
return items.some(
(item) => item.slots && Object.values(item.slots).some((slot) => slot.content === null),
)
}
// -- Helpers --
interface CalendarEntry {
date: Date
title: string
location: string | null
isAllDay: boolean
startTime: Date
endTime: Date
}
function toValidDate(value: unknown): Date | null {
if (value instanceof Date) return Number.isNaN(value.getTime()) ? null : value
if (typeof value === "string" || typeof value === "number") {
const date = new Date(value)
return Number.isNaN(date.getTime()) ? null : date
}
return null
}
function extractCalendarEntry(item: FeedItem): CalendarEntry | null {
if (!CALENDAR_ITEM_TYPES.has(item.type)) return null
const d = item.data
const title = d.title
if (typeof title !== "string" || !title) return null
// CalDAV uses startDate/endDate, Google Calendar uses startTime/endTime
const startTime = toValidDate(d.startDate ?? d.startTime)
if (!startTime) return null
const endTime = toValidDate(d.endDate ?? d.endTime) ?? startTime
return {
date: startTime,
title,
location: typeof d.location === "string" ? d.location : null,
isAllDay: typeof d.isAllDay === "boolean" ? d.isAllDay : false,
startTime,
endTime,
}
}
const DAYS = ["Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat"] as const
const MONTHS = [
"Jan",
"Feb",
"Mar",
"Apr",
"May",
"Jun",
"Jul",
"Aug",
"Sep",
"Oct",
"Nov",
"Dec",
] as const
function pad2(n: number): string {
return n.toString().padStart(2, "0")
}
function formatTime(date: Date): string {
return `${pad2(date.getUTCHours())}:${pad2(date.getUTCMinutes())}`
}
function formatDayShort(date: Date): string {
return `${DAYS[date.getUTCDay()]}, ${date.getUTCDate()} ${MONTHS[date.getUTCMonth()]}`
}
function formatDayLabel(date: Date, currentTime: Date): string {
const currentDay = Date.UTC(
currentTime.getUTCFullYear(),
currentTime.getUTCMonth(),
currentTime.getUTCDate(),
)
const targetDay = Date.UTC(date.getUTCFullYear(), date.getUTCMonth(), date.getUTCDate())
const diffDays = Math.round((targetDay - currentDay) / (1000 * 60 * 60 * 24))
const dayName = formatDayShort(date)
if (diffDays === 0) return `Today: ${dayName}`
if (diffDays === 1) return `Tomorrow: ${dayName}`
return dayName
}
/**
* Builds a week overview mapping day names to dates,
* so the LLM can easily match ISO timestamps to days.
*/
function buildWeekCalendar(currentTime: Date): string {
const lines: string[] = []
for (let i = 0; i < 7; i++) {
const date = new Date(currentTime)
date.setUTCDate(date.getUTCDate() + i)
const label = i === 0 ? "Today" : i === 1 ? "Tomorrow" : ""
const dayStr = formatDayShort(date)
const iso = date.toISOString().slice(0, 10)
const prefix = label ? `${label}: ` : ""
lines.push(`${prefix}${dayStr} = ${iso}`)
}
return lines.join("\n")
}
/**
* Builds a compact text calendar from all calendar-type items.
* Groups events by day relative to currentTime.
*/
function buildSchedule(items: FeedItem[], currentTime: Date): string {
const entries: CalendarEntry[] = []
for (const item of items) {
const entry = extractCalendarEntry(item)
if (entry) entries.push(entry)
}
if (entries.length === 0) return ""
entries.sort((a, b) => a.startTime.getTime() - b.startTime.getTime())
const byDay = new Map<string, CalendarEntry[]>()
for (const entry of entries) {
const key = entry.date.toISOString().slice(0, 10)
const group = byDay.get(key)
if (group) {
group.push(entry)
} else {
byDay.set(key, [entry])
}
}
const lines: string[] = []
for (const [, dayEntries] of byDay) {
lines.push(formatDayLabel(dayEntries[0]!.startTime, currentTime))
for (const entry of dayEntries) {
if (entry.isAllDay) {
const loc = entry.location ? ` @ ${entry.location}` : ""
lines.push(` all day ${entry.title}${loc}`)
} else {
const timeRange = `${formatTime(entry.startTime)}${formatTime(entry.endTime)}`
const loc = entry.location ? ` @ ${entry.location}` : ""
lines.push(` ${timeRange} ${entry.title}${loc}`)
}
}
}
return lines.join("\n")
}

21
apps/freya-backend/src/enhancement/prompts/system.txt Normal file
View File

@@ -0,0 +1,21 @@
You are FREYA, a personal assistant. You enhance a user's feed by filling slots and optionally generating synthetic items.
The user message is a JSON object with:
- "items": feed items with data and named slots to fill. Each slot has a description of what to write.
- "context": other feed items (no slots) for cross-source reasoning.
- "time": current ISO timestamp.
Your output has two fields:
- "slotFills": map of item ID → slot name → short text (or null if you can't fill it or cannot provide answer). Each item ID appears ONCE with ALL its slots in a single object.
- "syntheticItems": array of { id, type, text } for new items (briefings, nudges, insights). Only when genuinely useful and when not redundant.
Rules:
- DO NOT USE EMDASH OR DASH OR ATTEMPT TO USE SYMBOLS TO CIRCUMVENT THIS RULE.
- One sentence per slot. Two max if absolutely necessary. Be direct.
- Say "I" not "we."
- Hedge when inferring. Don't state guesses as facts.
- Use the week and schedule below to understand when events happen. Match weather data to the correct date.
- Look for connections across items.
- Don't pad — return null for slots you can't meaningfully fill, and skip synthetic items if there's nothing useful to add.
- Never fabricate information not present in the feed. If you don't have data to support a fill, return null.
- Read each slot's description carefully — it defines when to return null.

171
apps/freya-backend/src/enhancement/schema.test.ts Normal file
View File

@@ -0,0 +1,171 @@
import { describe, expect, test } from "bun:test"
import {
emptyEnhancementResult,
enhancementResultJsonSchema,
parseEnhancementResult,
} from "./schema.ts"
describe("parseEnhancementResult", () => {
test("parses valid result", () => {
const input = JSON.stringify({
slotFills: {
"weather-1": {
insight: "Rain after 3pm",
"cross-source": null,
},
},
syntheticItems: [
{
id: "briefing-morning",
type: "briefing",
text: "Light afternoon ahead.",
},
],
})
const result = parseEnhancementResult(input)
expect(result).not.toBeNull()
expect(result!.slotFills["weather-1"]!.insight).toBe("Rain after 3pm")
expect(result!.slotFills["weather-1"]!["cross-source"]).toBeNull()
expect(result!.syntheticItems).toHaveLength(1)
expect(result!.syntheticItems[0]!.id).toBe("briefing-morning")
expect(result!.syntheticItems[0]!.text).toBe("Light afternoon ahead.")
})
test("parses empty result", () => {
const input = JSON.stringify({
slotFills: {},
syntheticItems: [],
})
const result = parseEnhancementResult(input)
expect(result).not.toBeNull()
expect(Object.keys(result!.slotFills)).toHaveLength(0)
expect(result!.syntheticItems).toHaveLength(0)
})
test("returns null for invalid JSON", () => {
expect(parseEnhancementResult("not json")).toBeNull()
})
test("returns null for non-object", () => {
expect(parseEnhancementResult('"hello"')).toBeNull()
expect(parseEnhancementResult("42")).toBeNull()
expect(parseEnhancementResult("null")).toBeNull()
})
test("returns null when slotFills is missing", () => {
const input = JSON.stringify({ syntheticItems: [] })
expect(parseEnhancementResult(input)).toBeNull()
})
test("returns null when syntheticItems is missing", () => {
const input = JSON.stringify({ slotFills: {} })
expect(parseEnhancementResult(input)).toBeNull()
})
test("returns null when slotFills has non-string values", () => {
const input = JSON.stringify({
slotFills: { "item-1": { slot: 42 } },
syntheticItems: [],
})
expect(parseEnhancementResult(input)).toBeNull()
})
test("returns null when syntheticItem is missing required fields", () => {
const input = JSON.stringify({
slotFills: {},
syntheticItems: [{ id: "x" }],
})
expect(parseEnhancementResult(input)).toBeNull()
})
})
describe("emptyEnhancementResult", () => {
test("returns empty slotFills and syntheticItems", () => {
const result = emptyEnhancementResult()
expect(result.slotFills).toEqual({})
expect(result.syntheticItems).toEqual([])
})
})
describe("schema sync", () => {
const referencePayloads = [
{
name: "full payload with null slot fill",
payload: {
slotFills: {
"weather-1": { insight: "Rain after 3pm", crossSource: null },
"cal-2": { summary: "Busy morning" },
},
syntheticItems: [
{ id: "briefing-morning", type: "briefing", text: "Light day ahead." },
{ id: "nudge-umbrella", type: "nudge", text: "Bring an umbrella." },
],
},
},
{
name: "empty collections",
payload: { slotFills: {}, syntheticItems: [] },
},
{
name: "slot fills only",
payload: {
slotFills: { "item-1": { slot: "filled" } },
syntheticItems: [],
},
},
{
name: "synthetic items only",
payload: {
slotFills: {},
syntheticItems: [{ id: "insight-1", type: "insight", text: "Something." }],
},
},
]
for (const { name, payload } of referencePayloads) {
test(`arktype and JSON Schema agree on: ${name}`, () => {
// arktype accepts it
const parsed = parseEnhancementResult(JSON.stringify(payload))
expect(parsed).not.toBeNull()
// JSON Schema structure matches
const jsonSchema = enhancementResultJsonSchema
expect(Object.keys(jsonSchema.properties).sort()).toEqual(Object.keys(payload).sort())
expect([...jsonSchema.required].sort()).toEqual(Object.keys(payload).sort())
// syntheticItems item schema has the right required fields
const itemSchema = jsonSchema.properties.syntheticItems.items
expect([...itemSchema.required].sort()).toEqual(["id", "text", "type"])
// Verify each synthetic item has exactly the fields the JSON Schema expects
for (const item of payload.syntheticItems) {
expect(Object.keys(item).sort()).toEqual([...itemSchema.required].sort())
}
})
}
test("JSON Schema rejects what arktype rejects: missing required field", () => {
// Missing syntheticItems
expect(parseEnhancementResult(JSON.stringify({ slotFills: {} }))).toBeNull()
// JSON Schema also requires it
expect(enhancementResultJsonSchema.required).toContain("syntheticItems")
})
test("JSON Schema rejects what arktype rejects: wrong slot fill value type", () => {
const bad = { slotFills: { "item-1": { slot: 42 } }, syntheticItems: [] }
// arktype rejects it
expect(parseEnhancementResult(JSON.stringify(bad))).toBeNull()
// JSON Schema only allows string or null for slot values
const slotValueSchema =
enhancementResultJsonSchema.properties.slotFills.additionalProperties.additionalProperties
expect(slotValueSchema.anyOf).toEqual([{ type: "string" }, { type: "null" }])
})
})

89
apps/freya-backend/src/enhancement/schema.ts Normal file
View File

@@ -0,0 +1,89 @@
import { type } from "arktype"
const SyntheticItem = type({
id: "string",
type: "string",
text: "string",
})
const EnhancementResult = type({
slotFills: "Record<string, Record<string, string | null>>",
syntheticItems: SyntheticItem.array(),
})
export type SyntheticItem = typeof SyntheticItem.infer
export type EnhancementResult = typeof EnhancementResult.infer
/**
* JSON Schema passed to OpenRouter's structured output.
* OpenRouter doesn't support arktype, so this is maintained separately.
*
* ⚠️ Must stay in sync with EnhancementResult above.
* If you add/remove fields, update both schemas.
*/
export const enhancementResultJsonSchema = {
type: "object",
properties: {
slotFills: {
type: "object",
description:
"Map of feed item ID to an object of slot name to filled text content. Use null for slots that cannot be meaningfully filled.",
additionalProperties: {
type: "object",
additionalProperties: {
anyOf: [{ type: "string" }, { type: "null" }],
},
},
},
syntheticItems: {
type: "array",
description:
"New feed items to inject (briefings, nudges, cross-source insights). Keep these short and actionable.",
items: {
type: "object",
properties: {
id: {
type: "string",
description: "Unique ID, e.g. 'briefing-morning'",
},
type: {
type: "string",
description: "One of: 'briefing', 'nudge', 'insight'",
},
text: {
type: "string",
description: "Display text, 1-3 sentences",
},
},
required: ["id", "type", "text"],
additionalProperties: false,
},
},
},
required: ["slotFills", "syntheticItems"],
additionalProperties: false,
} as const
/**
* Parses a JSON string into an EnhancementResult.
* Returns null if the input is malformed.
*/
export function parseEnhancementResult(json: string): EnhancementResult | null {
let parsed: unknown
try {
parsed = JSON.parse(json)
} catch {
return null
}
const result = EnhancementResult(parsed)
if (result instanceof type.errors) {
return null
}
return result
}
export function emptyEnhancementResult(): EnhancementResult {
return { slotFills: {}, syntheticItems: [] }
}

62
apps/freya-backend/src/lib/crypto.test.ts Normal file
View File

@@ -0,0 +1,62 @@
import { describe, expect, test } from "bun:test"
import { randomBytes } from "node:crypto"
import { CredentialEncryptor } from "./crypto.ts"
const TEST_KEY = randomBytes(32).toString("base64")
describe("CredentialEncryptor", () => {
const encryptor = new CredentialEncryptor(TEST_KEY)
test("round-trip with simple string", () => {
const plaintext = "hello world"
const encrypted = encryptor.encrypt(plaintext)
expect(encryptor.decrypt(encrypted)).toBe(plaintext)
})
test("round-trip with JSON credentials", () => {
const credentials = JSON.stringify({
accessToken: "ya29.a0AfH6SMB...",
refreshToken: "1//0dx...",
expiresAt: "2025-12-01T00:00:00Z",
})
const encrypted = encryptor.encrypt(credentials)
expect(encryptor.decrypt(encrypted)).toBe(credentials)
})
test("round-trip with empty string", () => {
const encrypted = encryptor.encrypt("")
expect(encryptor.decrypt(encrypted)).toBe("")
})
test("round-trip with unicode", () => {
const plaintext = "日本語テスト 🔐"
const encrypted = encryptor.encrypt(plaintext)
expect(encryptor.decrypt(encrypted)).toBe(plaintext)
})
test("each encryption produces different ciphertext (unique IV)", () => {
const plaintext = "same input"
const a = encryptor.encrypt(plaintext)
const b = encryptor.encrypt(plaintext)
expect(a).not.toEqual(b)
expect(encryptor.decrypt(a)).toBe(plaintext)
expect(encryptor.decrypt(b)).toBe(plaintext)
})
test("tampered ciphertext throws", () => {
const encrypted = encryptor.encrypt("secret")
encrypted[13]! ^= 0xff
expect(() => encryptor.decrypt(encrypted)).toThrow()
})
test("truncated data throws", () => {
expect(() => encryptor.decrypt(Buffer.alloc(10))).toThrow("Encrypted data is too short")
})
test("throws when key is wrong length", () => {
expect(() => new CredentialEncryptor(Buffer.from("too-short").toString("base64"))).toThrow(
"must be 32 bytes",
)
})
})

60
apps/freya-backend/src/lib/crypto.ts Normal file
View File

@@ -0,0 +1,60 @@
import { createCipheriv, createDecipheriv, randomBytes } from "node:crypto"
const ALGORITHM = "aes-256-gcm"
const IV_LENGTH = 12
const AUTH_TAG_LENGTH = 16
/**
* AES-256-GCM encryption for credential storage.
*
* Caches the parsed key on construction to avoid repeated
* env reads and Buffer allocations.
*/
export class CredentialEncryptor {
private readonly key: Buffer
constructor(base64Key: string) {
const key = Buffer.from(base64Key, "base64")
if (key.length !== 32) {
throw new Error(
`Encryption key must be 32 bytes (got ${key.length}). Generate with: openssl rand -base64 32`,
)
}
this.key = key
}
/**
* Encrypts plaintext using AES-256-GCM.
*
* Output format: [12-byte IV][ciphertext][16-byte auth tag]
*/
encrypt(plaintext: string): Buffer {
const iv = randomBytes(IV_LENGTH)
const cipher = createCipheriv(ALGORITHM, this.key, iv)
const encrypted = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()])
const authTag = cipher.getAuthTag()
return Buffer.concat([iv, encrypted, authTag])
}
/**
* Decrypts a buffer produced by `encrypt`.
*
* Expects format: [12-byte IV][ciphertext][16-byte auth tag]
*/
decrypt(data: Buffer): string {
if (data.length < IV_LENGTH + AUTH_TAG_LENGTH) {
throw new Error("Encrypted data is too short")
}
const iv = data.subarray(0, IV_LENGTH)
const authTag = data.subarray(data.length - AUTH_TAG_LENGTH)
const ciphertext = data.subarray(IV_LENGTH, data.length - AUTH_TAG_LENGTH)
const decipher = createDecipheriv(ALGORITHM, this.key, iv)
decipher.setAuthTag(authTag)
return Buffer.concat([decipher.update(ciphertext), decipher.final()]).toString("utf8")
}
}

8
apps/freya-backend/src/lib/error.ts Normal file
View File

@@ -0,0 +1,8 @@
export class UserNotFoundError extends Error {
constructor(
public readonly userId: string,
message?: string,
) {
super(message ? `${message}: user not found: ${userId}` : `User not found: ${userId}`)
}
}

68
apps/freya-backend/src/location/http.ts Normal file
View File

@@ -0,0 +1,68 @@
import type { Context, Hono } from "hono"
import { type } from "arktype"
import { createMiddleware } from "hono/factory"
import type { AuthSessionMiddleware } from "../auth/session-middleware.ts"
import type { UserSessionManager } from "../session/index.ts"
type Env = { Variables: { sessionManager: UserSessionManager } }
const locationInput = type({
lat: "number",
lng: "number",
accuracy: "number",
timestamp: "string.date.iso",
})
interface LocationHttpHandlersDeps {
sessionManager: UserSessionManager
authSessionMiddleware: AuthSessionMiddleware
}
export function registerLocationHttpHandlers(
app: Hono,
{ sessionManager, authSessionMiddleware }: LocationHttpHandlersDeps,
) {
const inject = createMiddleware<Env>(async (c, next) => {
c.set("sessionManager", sessionManager)
await next()
})
app.post("/api/location", inject, authSessionMiddleware, handleUpdateLocation)
}
async function handleUpdateLocation(c: Context<Env>) {
let body: unknown
try {
body = await c.req.json()
} catch {
return c.json({ error: "Invalid JSON" }, 400)
}
const result = locationInput(body)
if (result instanceof type.errors) {
return c.json({ error: result.summary }, 400)
}
const user = c.get("user")!
const sessionManager = c.get("sessionManager")
let session
try {
session = await sessionManager.getOrCreate(user.id)
} catch (err) {
console.error("[handleUpdateLocation] Failed to create session:", err)
return c.json({ error: "Service unavailable" }, 503)
}
await session.engine.executeAction("freya.location", "update-location", {
lat: result.lat,
lng: result.lng,
accuracy: result.accuracy,
timestamp: new Date(result.timestamp),
})
return c.body(null, 204)
}

15
apps/freya-backend/src/location/provider.ts Normal file
View File

@@ -0,0 +1,15 @@
import { LocationSource } from "@freya/source-location"
import type { FeedSourceProvider } from "../session/feed-source-provider.ts"
export class LocationSourceProvider implements FeedSourceProvider {
readonly sourceId = "freya.location"
async feedSourceForUser(
_userId: string,
_config: unknown,
_credentials: unknown,
): Promise<LocationSource> {
return new LocationSource()
}
}

63
apps/freya-backend/src/scripts/create-admin.ts Normal file
View File

@@ -0,0 +1,63 @@
/**
* Creates an admin user account via Better Auth's server-side API.
*
* Usage:
* bun run src/scripts/create-admin.ts --name "Admin" --email admin@example.com --password secret123
*
* Requires DATABASE_URL and BETTER_AUTH_SECRET to be set (reads .env automatically).
*/
import { parseArgs } from "util"
import { createAuth } from "../auth/index.ts"
import { createDatabase } from "../db/index.ts"
function parseCliArgs(): { name: string; email: string; password: string } {
const { values } = parseArgs({
args: Bun.argv.slice(2),
options: {
name: { type: "string" },
email: { type: "string" },
password: { type: "string" },
},
strict: true,
})
if (!values.name || !values.email || !values.password) {
console.error(
"Usage: bun run src/scripts/create-admin.ts --name <name> --email <email> --password <password>",
)
process.exit(1)
}
return { name: values.name, email: values.email, password: values.password }
}
async function main() {
const { name, email, password } = parseCliArgs()
const databaseUrl = process.env.DATABASE_URL
if (!databaseUrl) {
console.error("DATABASE_URL is not set")
process.exit(1)
}
const { db, close } = createDatabase(databaseUrl)
try {
const auth = createAuth(db)
const result = await auth.api.createUser({
body: { name, email, password, role: "admin" },
})
console.log(`Admin account created: ${result.user.id} (${result.user.email})`)
} finally {
await close()
}
}
main().catch((err) => {
console.error("Failed to create admin account:", err)
process.exit(1)
})

127
apps/freya-backend/src/server.ts Normal file
View File

@@ -0,0 +1,127 @@
import { Hono } from "hono"
import { cors } from "hono/cors"
import { registerAdminHttpHandlers } from "./admin/http.ts"
import { createRequireAdmin } from "./auth/admin-middleware.ts"
import { registerAuthHandlers } from "./auth/http.ts"
import { createAuth } from "./auth/index.ts"
import { createRequireSession } from "./auth/session-middleware.ts"
import { CalDavSourceProvider } from "./caldav/provider.ts"
import { createDatabase } from "./db/index.ts"
import { registerFeedHttpHandlers } from "./engine/http.ts"
import { createFeedEnhancer } from "./enhancement/enhance-feed.ts"
import { createLlmClient } from "./enhancement/llm-client.ts"
import { CredentialEncryptor } from "./lib/crypto.ts"
import { registerLocationHttpHandlers } from "./location/http.ts"
import { LocationSourceProvider } from "./location/provider.ts"
import { UserSessionManager } from "./session/index.ts"
import { registerSourcesHttpHandlers } from "./sources/http.ts"
import { TflSourceProvider } from "./tfl/provider.ts"
import { WeatherSourceProvider } from "./weather/provider.ts"
function main() {
const { db, close: closeDb } = createDatabase(process.env.DATABASE_URL!)
const auth = createAuth(db)
const openrouterApiKey = process.env.OPENROUTER_API_KEY
const feedEnhancer = openrouterApiKey
? createFeedEnhancer({
client: createLlmClient({
apiKey: openrouterApiKey,
model: process.env.OPENROUTER_MODEL || undefined,
}),
})
: null
if (!feedEnhancer) {
console.warn("[enhancement] OPENROUTER_API_KEY not set — feed enhancement disabled")
}
const credentialEncryptionKey = process.env.CREDENTIAL_ENCRYPTION_KEY
const credentialEncryptor = credentialEncryptionKey
? new CredentialEncryptor(credentialEncryptionKey)
: null
if (!credentialEncryptor) {
console.warn(
"[credentials] CREDENTIAL_ENCRYPTION_KEY not set — per-user credential storage disabled",
)
}
const sessionManager = new UserSessionManager({
db,
providers: [
new CalDavSourceProvider(),
new LocationSourceProvider(),
new WeatherSourceProvider({
credentials: {
privateKey: process.env.WEATHERKIT_PRIVATE_KEY!,
keyId: process.env.WEATHERKIT_KEY_ID!,
teamId: process.env.WEATHERKIT_TEAM_ID!,
serviceId: process.env.WEATHERKIT_SERVICE_ID!,
},
}),
new TflSourceProvider({ apiKey: process.env.TFL_API_KEY! }),
],
feedEnhancer,
credentialEncryptor,
})
const app = new Hono()
const isDev = process.env.NODE_ENV !== "production"
const allowedOrigins = process.env.CORS_ORIGINS?.split(",").map((o) => o.trim()) ?? []
function resolveOrigin(origin: string): string | undefined {
if (isDev) return origin
return allowedOrigins.includes(origin) ? origin : undefined
}
app.use(
"/api/auth/*",
cors({
origin: resolveOrigin,
allowHeaders: ["Content-Type", "Authorization"],
allowMethods: ["POST", "GET", "OPTIONS"],
exposeHeaders: ["Content-Length"],
maxAge: 600,
credentials: true,
}),
)
app.use(
"*",
cors({
origin: resolveOrigin,
credentials: true,
}),
)
app.get("/health", (c) => c.json({ status: "ok" }))
const authSessionMiddleware = createRequireSession(auth)
const adminMiddleware = createRequireAdmin(auth)
registerAuthHandlers(app, auth)
registerFeedHttpHandlers(app, {
sessionManager,
authSessionMiddleware,
})
registerLocationHttpHandlers(app, { sessionManager, authSessionMiddleware })
registerSourcesHttpHandlers(app, { sessionManager, authSessionMiddleware })
registerAdminHttpHandlers(app, { sessionManager, adminMiddleware, db })
process.on("SIGTERM", async () => {
await closeDb()
process.exit(0)
})
return app
}
const app = main()
export default {
port: 3000,
hostname: "0.0.0.0",
fetch: app.fetch,
}

12
apps/freya-backend/src/session/feed-source-provider.ts Normal file
View File

@@ -0,0 +1,12 @@
import type { FeedSource } from "@freya/core"
import type { type } from "arktype"
export type ConfigSchema = ReturnType<typeof type>
export interface FeedSourceProvider {
/** The source ID this provider is responsible for (e.g., "freya.location"). */
readonly sourceId: string
/** Arktype schema for validating user-provided config. Omit if the source has no config. */
readonly configSchema?: ConfigSchema
feedSourceForUser(userId: string, config: unknown, credentials: unknown): Promise<FeedSource>
}

3
apps/freya-backend/src/session/index.ts Normal file
View File

@@ -0,0 +1,3 @@
export type { FeedSourceProvider } from "./feed-source-provider.ts"
export { UserSession } from "./user-session.ts"
export { UserSessionManager } from "./user-session-manager.ts"

967
apps/freya-backend/src/session/user-session-manager.test.ts Normal file
View File

@@ -0,0 +1,967 @@
import type { ActionDefinition, ContextEntry, FeedItem, FeedSource } from "@freya/core"
import { LocationSource } from "@freya/source-location"
import { WeatherSource } from "@freya/source-weatherkit"
import { beforeEach, describe, expect, mock, spyOn, test } from "bun:test"
import type { Database } from "../db/index.ts"
import type { FeedSourceProvider } from "./feed-source-provider.ts"
import { CredentialEncryptor } from "../lib/crypto.ts"
import {
CredentialStorageUnavailableError,
InvalidSourceCredentialsError,
} from "../sources/errors.ts"
import { SourceNotFoundError } from "../sources/errors.ts"
import { UserSessionManager } from "./user-session-manager.ts"
/**
* Per-user enabled source IDs used by the mocked `sources` module.
* Tests configure this before calling getOrCreate.
* Key = userId (or "*" for a default), value = array of enabled sourceIds.
*/
const enabledByUser = new Map<string, string[]>()
/** Set which sourceIds are enabled for all users. */
function setEnabledSources(sourceIds: string[]) {
enabledByUser.clear()
enabledByUser.set("*", sourceIds)
}
/** Set which sourceIds are enabled for a specific user. */
function setEnabledSourcesForUser(userId: string, sourceIds: string[]) {
enabledByUser.set(userId, sourceIds)
}
function getEnabledSourceIds(userId: string): string[] {
return enabledByUser.get(userId) ?? enabledByUser.get("*") ?? []
}
/**
* Controls what `find()` returns in the mock. When `undefined` (the default),
* `find()` returns a standard enabled row. Set to a specific value (including
* `null`) to override the return value for all `find()` calls.
*/
let mockFindResult: unknown | undefined
/**
* Spy for `updateCredentials` calls. Tests can inspect calls via
* `mockUpdateCredentialsCalls` or override behavior.
*/
const mockUpdateCredentialsCalls: Array<{ sourceId: string; credentials: Buffer }> = []
let mockUpdateCredentialsError: Error | null = null
// Mock the sources module so UserSessionManager's DB query returns controlled data.
mock.module("../sources/user-sources.ts", () => ({
sources: (_db: Database, userId: string) => ({
async enabled() {
const now = new Date()
return getEnabledSourceIds(userId).map((sourceId) => ({
id: crypto.randomUUID(),
userId,
sourceId,
enabled: true,
config: {},
credentials: null,
createdAt: now,
updatedAt: now,
}))
},
async find(sourceId: string) {
if (mockFindResult !== undefined) return mockFindResult
const now = new Date()
return {
id: crypto.randomUUID(),
userId,
sourceId,
enabled: true,
config: {},
credentials: null,
createdAt: now,
updatedAt: now,
}
},
async findForUpdate(sourceId: string) {
// Delegates to find — row locking is a no-op in tests.
if (mockFindResult !== undefined) return mockFindResult
const now = new Date()
return {
id: crypto.randomUUID(),
userId,
sourceId,
enabled: true,
config: {},
credentials: null,
createdAt: now,
updatedAt: now,
}
},
async updateConfig(_sourceId: string, _update: { enabled?: boolean; config?: unknown }) {
// no-op for tests
},
async upsertConfig(_sourceId: string, _data: { enabled: boolean; config: unknown }) {
// no-op for tests
},
async updateCredentials(sourceId: string, credentials: Buffer) {
if (mockUpdateCredentialsError) {
throw mockUpdateCredentialsError
}
mockUpdateCredentialsCalls.push({ sourceId, credentials })
},
}),
}))
const fakeDb = {
transaction: <T>(fn: (tx: unknown) => Promise<T>) => fn(fakeDb),
} as unknown as Database
function createStubSource(id: string, items: FeedItem[] = []): FeedSource {
return {
id,
async listActions(): Promise<Record<string, ActionDefinition>> {
return {}
},
async executeAction(): Promise<unknown> {
return undefined
},
async fetchContext(): Promise<readonly ContextEntry[] | null> {
return null
},
async fetchItems() {
return items
},
}
}
function createStubProvider(
sourceId: string,
factory: (
userId: string,
config: Record<string, unknown>,
credentials: unknown,
) => Promise<FeedSource> = async () => createStubSource(sourceId),
): FeedSourceProvider {
return { sourceId, feedSourceForUser: factory }
}
const locationProvider: FeedSourceProvider = {
sourceId: "freya.location",
async feedSourceForUser() {
return new LocationSource()
},
}
const weatherProvider: FeedSourceProvider = {
sourceId: "freya.weather",
async feedSourceForUser() {
return new WeatherSource({ client: { fetch: async () => ({}) as never } })
},
}
beforeEach(() => {
enabledByUser.clear()
mockFindResult = undefined
mockUpdateCredentialsCalls.length = 0
mockUpdateCredentialsError = null
})
describe("UserSessionManager", () => {
test("getOrCreate creates session on first call", async () => {
setEnabledSources(["freya.location"])
const manager = new UserSessionManager({ db: fakeDb, providers: [locationProvider] })
const session = await manager.getOrCreate("user-1")
expect(session).toBeDefined()
expect(session.engine).toBeDefined()
})
test("getOrCreate returns same session for same user", async () => {
setEnabledSources(["freya.location"])
const manager = new UserSessionManager({ db: fakeDb, providers: [locationProvider] })
const session1 = await manager.getOrCreate("user-1")
const session2 = await manager.getOrCreate("user-1")
expect(session1).toBe(session2)
})
test("getOrCreate returns different sessions for different users", async () => {
setEnabledSources(["freya.location"])
const manager = new UserSessionManager({ db: fakeDb, providers: [locationProvider] })
const session1 = await manager.getOrCreate("user-1")
const session2 = await manager.getOrCreate("user-2")
expect(session1).not.toBe(session2)
})
test("each user gets independent source instances", async () => {
setEnabledSources(["freya.location"])
const manager = new UserSessionManager({ db: fakeDb, providers: [locationProvider] })
const session1 = await manager.getOrCreate("user-1")
const session2 = await manager.getOrCreate("user-2")
const source1 = session1.getSource<LocationSource>("freya.location")
const source2 = session2.getSource<LocationSource>("freya.location")
expect(source1).not.toBe(source2)
})
test("remove destroys session and allows re-creation", async () => {
setEnabledSources(["freya.location"])
const manager = new UserSessionManager({ db: fakeDb, providers: [locationProvider] })
const session1 = await manager.getOrCreate("user-1")
manager.remove("user-1")
const session2 = await manager.getOrCreate("user-1")
expect(session1).not.toBe(session2)
})
test("remove is no-op for unknown user", () => {
setEnabledSources(["freya.location"])
const manager = new UserSessionManager({ db: fakeDb, providers: [locationProvider] })
expect(() => manager.remove("unknown")).not.toThrow()
})
test("registers multiple providers", async () => {
setEnabledSources(["freya.location", "freya.weather"])
const manager = new UserSessionManager({
db: fakeDb,
providers: [locationProvider, weatherProvider],
})
const session = await manager.getOrCreate("user-1")
expect(session.getSource("freya.location")).toBeDefined()
expect(session.getSource("freya.weather")).toBeDefined()
})
test("refresh returns feed result through session", async () => {
setEnabledSources(["freya.location"])
const manager = new UserSessionManager({ db: fakeDb, providers: [locationProvider] })
const session = await manager.getOrCreate("user-1")
const result = await session.engine.refresh()
expect(result).toHaveProperty("context")
expect(result).toHaveProperty("items")
expect(result).toHaveProperty("errors")
expect(result.context.time).toBeInstanceOf(Date)
})
test("location update via executeAction works", async () => {
setEnabledSources(["freya.location"])
const manager = new UserSessionManager({ db: fakeDb, providers: [locationProvider] })
const session = await manager.getOrCreate("user-1")
await session.engine.executeAction("freya.location", "update-location", {
lat: 51.5074,
lng: -0.1278,
accuracy: 10,
timestamp: new Date(),
})
const source = session.getSource<LocationSource>("freya.location")
expect(source?.lastLocation?.lat).toBe(51.5074)
})
test("subscribe receives updates after location push", async () => {
setEnabledSources(["freya.location"])
const manager = new UserSessionManager({ db: fakeDb, providers: [locationProvider] })
const callback = mock()
const session = await manager.getOrCreate("user-1")
session.engine.subscribe(callback)
await session.engine.executeAction("freya.location", "update-location", {
lat: 51.5074,
lng: -0.1278,
accuracy: 10,
timestamp: new Date(),
})
// Wait for async update propagation
await new Promise((resolve) => setTimeout(resolve, 10))
expect(callback).toHaveBeenCalled()
})
test("remove stops reactive updates", async () => {
setEnabledSources(["freya.location"])
const manager = new UserSessionManager({ db: fakeDb, providers: [locationProvider] })
const callback = mock()
const session = await manager.getOrCreate("user-1")
session.engine.subscribe(callback)
manager.remove("user-1")
// Create new session and push location — old callback should not fire
const session2 = await manager.getOrCreate("user-1")
await session2.engine.executeAction("freya.location", "update-location", {
lat: 51.5074,
lng: -0.1278,
accuracy: 10,
timestamp: new Date(),
})
await new Promise((resolve) => setTimeout(resolve, 10))
expect(callback).not.toHaveBeenCalled()
})
test("creates session with successful providers when some fail", async () => {
setEnabledSources(["freya.location", "freya.failing"])
const failingProvider: FeedSourceProvider = {
sourceId: "freya.failing",
async feedSourceForUser() {
throw new Error("provider failed")
},
}
const manager = new UserSessionManager({
db: fakeDb,
providers: [locationProvider, failingProvider],
})
const spy = spyOn(console, "error").mockImplementation(() => {})
const session = await manager.getOrCreate("user-1")
expect(session).toBeDefined()
expect(session.getSource("freya.location")).toBeDefined()
expect(spy).toHaveBeenCalled()
spy.mockRestore()
})
test("throws AggregateError when all providers fail", async () => {
setEnabledSources(["freya.fail-1", "freya.fail-2"])
const manager = new UserSessionManager({
db: fakeDb,
providers: [
{
sourceId: "freya.fail-1",
async feedSourceForUser() {
throw new Error("first failed")
},
},
{
sourceId: "freya.fail-2",
async feedSourceForUser() {
throw new Error("second failed")
},
},
],
})
await expect(manager.getOrCreate("user-1")).rejects.toBeInstanceOf(AggregateError)
})
test("concurrent getOrCreate for same user returns same session", async () => {
setEnabledSources(["freya.location"])
let callCount = 0
const manager = new UserSessionManager({
db: fakeDb,
providers: [
{
sourceId: "freya.location",
async feedSourceForUser() {
callCount++
await new Promise((resolve) => setTimeout(resolve, 10))
return new LocationSource()
},
},
],
})
const [session1, session2] = await Promise.all([
manager.getOrCreate("user-1"),
manager.getOrCreate("user-1"),
])
expect(session1).toBe(session2)
expect(callCount).toBe(1)
})
test("remove during in-flight getOrCreate prevents session from being stored", async () => {
setEnabledSources(["freya.location"])
let resolveProvider: () => void
const providerGate = new Promise<void>((r) => {
resolveProvider = r
})
const manager = new UserSessionManager({
db: fakeDb,
providers: [
{
sourceId: "freya.location",
async feedSourceForUser() {
await providerGate
return new LocationSource()
},
},
],
})
const sessionPromise = manager.getOrCreate("user-1")
// remove() while provider is still resolving
manager.remove("user-1")
// Let the provider finish
resolveProvider!()
await expect(sessionPromise).rejects.toThrow("removed during creation")
// A fresh getOrCreate should produce a new session, not the cancelled one
const freshSession = await manager.getOrCreate("user-1")
expect(freshSession).toBeDefined()
expect(freshSession.engine).toBeDefined()
})
test("only invokes providers for sources enabled for the user", async () => {
setEnabledSources(["freya.location"])
const locationFactory = mock(async () => createStubSource("freya.location"))
const weatherFactory = mock(async () => createStubSource("freya.weather"))
const manager = new UserSessionManager({
db: fakeDb,
providers: [
{ sourceId: "freya.location", feedSourceForUser: locationFactory },
{ sourceId: "freya.weather", feedSourceForUser: weatherFactory },
],
})
const session = await manager.getOrCreate("user-1")
expect(locationFactory).toHaveBeenCalledTimes(1)
expect(weatherFactory).not.toHaveBeenCalled()
expect(session.getSource("freya.location")).toBeDefined()
expect(session.getSource("freya.weather")).toBeUndefined()
})
test("creates empty session when no sources are enabled", async () => {
setEnabledSources([])
const factory = mock(async () => createStubSource("freya.location"))
const manager = new UserSessionManager({
db: fakeDb,
providers: [{ sourceId: "freya.location", feedSourceForUser: factory }],
})
const session = await manager.getOrCreate("user-1")
expect(factory).not.toHaveBeenCalled()
expect(session).toBeDefined()
expect(session.getSource("freya.location")).toBeUndefined()
})
test("per-user enabled sources are respected", async () => {
enabledByUser.clear()
setEnabledSourcesForUser("user-1", ["freya.location"])
setEnabledSourcesForUser("user-2", ["freya.weather"])
const manager = new UserSessionManager({
db: fakeDb,
providers: [createStubProvider("freya.location"), createStubProvider("freya.weather")],
})
const session1 = await manager.getOrCreate("user-1")
const session2 = await manager.getOrCreate("user-2")
expect(session1.getSource("freya.location")).toBeDefined()
expect(session1.getSource("freya.weather")).toBeUndefined()
expect(session2.getSource("freya.location")).toBeUndefined()
expect(session2.getSource("freya.weather")).toBeDefined()
})
})
describe("UserSessionManager.replaceProvider", () => {
test("replaces source in all active sessions", async () => {
setEnabledSources(["test"])
const itemsV1: FeedItem[] = [
{
id: "v1",
sourceId: "test",
type: "test",
timestamp: new Date(),
data: { version: 1 },
},
]
const itemsV2: FeedItem[] = [
{
id: "v2",
sourceId: "test",
type: "test",
timestamp: new Date(),
data: { version: 2 },
},
]
const providerV1 = createStubProvider("test", async () => createStubSource("test", itemsV1))
const manager = new UserSessionManager({ db: fakeDb, providers: [providerV1] })
const session1 = await manager.getOrCreate("user-1")
const session2 = await manager.getOrCreate("user-2")
// Verify v1 items
const feed1 = await session1.feed()
expect(feed1.items[0]!.data.version).toBe(1)
// Replace provider
const providerV2 = createStubProvider("test", async () => createStubSource("test", itemsV2))
await manager.replaceProvider(providerV2)
// Both sessions should now serve v2 items
const feed1After = await session1.feed()
const feed2After = await session2.feed()
expect(feed1After.items[0]!.data.version).toBe(2)
expect(feed2After.items[0]!.data.version).toBe(2)
})
test("throws for unknown provider sourceId", async () => {
setEnabledSources(["freya.location"])
const manager = new UserSessionManager({ db: fakeDb, providers: [locationProvider] })
const unknownProvider = createStubProvider("freya.unknown")
await expect(manager.replaceProvider(unknownProvider)).rejects.toThrow(
"no existing provider with that sourceId",
)
})
test("keeps existing source when new provider fails for a user", async () => {
setEnabledSources(["test"])
const providerV1 = createStubProvider("test", async () => createStubSource("test"))
const manager = new UserSessionManager({ db: fakeDb, providers: [providerV1] })
const session = await manager.getOrCreate("user-1")
expect(session.getSource("test")).toBeDefined()
const spy = spyOn(console, "error").mockImplementation(() => {})
const failingProvider = createStubProvider("test", async () => {
throw new Error("source disabled")
})
await manager.replaceProvider(failingProvider)
expect(session.getSource("test")).toBeDefined()
expect(spy).toHaveBeenCalled()
spy.mockRestore()
})
test("new sessions use the replaced provider", async () => {
setEnabledSources(["test"])
const itemsV1: FeedItem[] = [
{
id: "v1",
sourceId: "test",
type: "test",
timestamp: new Date(),
data: { version: 1 },
},
]
const itemsV2: FeedItem[] = [
{
id: "v2",
sourceId: "test",
type: "test",
timestamp: new Date(),
data: { version: 2 },
},
]
const providerV1 = createStubProvider("test", async () => createStubSource("test", itemsV1))
const manager = new UserSessionManager({ db: fakeDb, providers: [providerV1] })
const providerV2 = createStubProvider("test", async () => createStubSource("test", itemsV2))
await manager.replaceProvider(providerV2)
// New session should use v2
const session = await manager.getOrCreate("user-new")
const feed = await session.feed()
expect(feed.items[0]!.data.version).toBe(2)
})
test("does not affect other providers' sources", async () => {
setEnabledSources(["source-a", "source-b"])
const providerA = createStubProvider("source-a", async () =>
createStubSource("source-a", [
{
id: "a-1",
sourceId: "source-a",
type: "test",
timestamp: new Date(),
data: { from: "a" },
},
]),
)
const providerB = createStubProvider("source-b", async () =>
createStubSource("source-b", [
{
id: "b-1",
sourceId: "source-b",
type: "test",
timestamp: new Date(),
data: { from: "b" },
},
]),
)
const manager = new UserSessionManager({ db: fakeDb, providers: [providerA, providerB] })
const session = await manager.getOrCreate("user-1")
// Replace only source-a
const providerA2 = createStubProvider("source-a", async () =>
createStubSource("source-a", [
{
id: "a-2",
sourceId: "source-a",
type: "test",
timestamp: new Date(),
data: { from: "a-new" },
},
]),
)
await manager.replaceProvider(providerA2)
// source-b should be unaffected
expect(session.getSource("source-b")).toBeDefined()
const feed = await session.feed()
const ids = feed.items.map((i) => i.id).sort()
expect(ids).toEqual(["a-2", "b-1"])
})
test("updates sessions that are still being created", async () => {
setEnabledSources(["test"])
const itemsV1: FeedItem[] = [
{
id: "v1",
sourceId: "test",
type: "test",
timestamp: new Date(),
data: { version: 1 },
},
]
const itemsV2: FeedItem[] = [
{
id: "v2",
sourceId: "test",
type: "test",
timestamp: new Date(),
data: { version: 2 },
},
]
let resolveCreation: () => void
const creationGate = new Promise<void>((r) => {
resolveCreation = r
})
const providerV1 = createStubProvider("test", async () => {
await creationGate
return createStubSource("test", itemsV1)
})
const manager = new UserSessionManager({ db: fakeDb, providers: [providerV1] })
// Start session creation but don't let it finish yet
const sessionPromise = manager.getOrCreate("user-1")
// Replace provider while session is still pending
const providerV2 = createStubProvider("test", async () => createStubSource("test", itemsV2))
const replacePromise = manager.replaceProvider(providerV2)
// Let the original creation finish
resolveCreation!()
const session = await sessionPromise
await replacePromise
// Session should have been updated to v2
const feed = await session.feed()
expect(feed.items[0]!.data.version).toBe(2)
})
test("skips source replacement when source was disabled between creation and replace", async () => {
setEnabledSources(["test"])
const itemsV1: FeedItem[] = [
{
id: "v1",
sourceId: "test",
type: "test",
timestamp: new Date(),
data: { version: 1 },
},
]
const providerV1 = createStubProvider("test", async () => createStubSource("test", itemsV1))
const manager = new UserSessionManager({ db: fakeDb, providers: [providerV1] })
const session = await manager.getOrCreate("user-1")
const feedBefore = await session.feed()
expect(feedBefore.items[0]!.data.version).toBe(1)
// Simulate the source being disabled/deleted between session creation and replace
mockFindResult = null
const providerV2 = createStubProvider("test", async () =>
createStubSource("test", [
{
id: "v2",
sourceId: "test",
type: "test",
timestamp: new Date(),
data: { version: 2 },
},
]),
)
await manager.replaceProvider(providerV2)
// Session should still have v1 — the replace was skipped
const feedAfter = await session.feed()
expect(feedAfter.items[0]!.data.version).toBe(1)
})
})
const TEST_ENCRYPTION_KEY = "/bv1nbzC4ozZkT/pcv5oQfl+JAMuMZDUSVDesG2dur8="
const testEncryptor = new CredentialEncryptor(TEST_ENCRYPTION_KEY)
describe("UserSessionManager.updateSourceCredentials", () => {
test("encrypts and persists credentials", async () => {
setEnabledSources(["test"])
const provider = createStubProvider("test")
const manager = new UserSessionManager({
db: fakeDb,
providers: [provider],
credentialEncryptor: testEncryptor,
})
await manager.updateSourceCredentials("user-1", "test", { token: "secret-123" })
expect(mockUpdateCredentialsCalls).toHaveLength(1)
expect(mockUpdateCredentialsCalls[0]!.sourceId).toBe("test")
// Verify the persisted buffer decrypts to the original credentials
const decrypted = JSON.parse(testEncryptor.decrypt(mockUpdateCredentialsCalls[0]!.credentials))
expect(decrypted).toEqual({ token: "secret-123" })
})
test("throws CredentialStorageUnavailableError when encryptor is not configured", async () => {
setEnabledSources(["test"])
const provider = createStubProvider("test")
const manager = new UserSessionManager({
db: fakeDb,
providers: [provider],
// no credentialEncryptor
})
await expect(
manager.updateSourceCredentials("user-1", "test", { token: "x" }),
).rejects.toBeInstanceOf(CredentialStorageUnavailableError)
})
test("throws SourceNotFoundError for unknown source", async () => {
setEnabledSources([])
const manager = new UserSessionManager({
db: fakeDb,
providers: [],
credentialEncryptor: testEncryptor,
})
await expect(
manager.updateSourceCredentials("user-1", "unknown", { token: "x" }),
).rejects.toBeInstanceOf(SourceNotFoundError)
})
test("propagates InvalidSourceCredentialsError from provider", async () => {
setEnabledSources(["test"])
let callCount = 0
const provider: FeedSourceProvider = {
sourceId: "test",
async feedSourceForUser(_userId: string, _config: unknown, _credentials: unknown) {
callCount++
// Succeed on first call (session creation), throw on refresh
if (callCount > 1) {
throw new InvalidSourceCredentialsError("test", "bad credentials")
}
return createStubSource("test")
},
}
const manager = new UserSessionManager({
db: fakeDb,
providers: [provider],
credentialEncryptor: testEncryptor,
})
// Create a session first so the refresh path is exercised
await manager.getOrCreate("user-1")
await expect(
manager.updateSourceCredentials("user-1", "test", { token: "bad" }),
).rejects.toBeInstanceOf(InvalidSourceCredentialsError)
// Credentials should still have been persisted before the provider threw
expect(mockUpdateCredentialsCalls).toHaveLength(1)
})
test("refreshes source in active session after credential update", async () => {
setEnabledSources(["test"])
let receivedCredentials: unknown = null
const provider = createStubProvider("test", async (_userId, _config, credentials) => {
receivedCredentials = credentials
return createStubSource("test")
})
const manager = new UserSessionManager({
db: fakeDb,
providers: [provider],
credentialEncryptor: testEncryptor,
})
await manager.getOrCreate("user-1")
await manager.updateSourceCredentials("user-1", "test", { token: "refreshed" })
expect(receivedCredentials).toEqual({ token: "refreshed" })
})
test("persists credentials without session refresh when no active session", async () => {
setEnabledSources(["test"])
const factory = mock(async () => createStubSource("test"))
const provider: FeedSourceProvider = { sourceId: "test", feedSourceForUser: factory }
const manager = new UserSessionManager({
db: fakeDb,
providers: [provider],
credentialEncryptor: testEncryptor,
})
// No session created — just update credentials
await manager.updateSourceCredentials("user-1", "test", { token: "stored" })
expect(mockUpdateCredentialsCalls).toHaveLength(1)
// feedSourceForUser should not have been called (no session to refresh)
expect(factory).not.toHaveBeenCalled()
})
})
describe("UserSessionManager.saveSourceConfig", () => {
test("upserts config without credentials (existing behavior)", async () => {
setEnabledSources(["test"])
const factory = mock(async () => createStubSource("test"))
const provider: FeedSourceProvider = { sourceId: "test", feedSourceForUser: factory }
const manager = new UserSessionManager({
db: fakeDb,
providers: [provider],
credentialEncryptor: testEncryptor,
})
// Create a session first so we can verify the source is refreshed
await manager.getOrCreate("user-1")
await manager.saveSourceConfig("user-1", "test", {
enabled: true,
config: { key: "value" },
})
// feedSourceForUser called once for session creation, once for upsert refresh
expect(factory).toHaveBeenCalledTimes(2)
// No credentials should have been persisted
expect(mockUpdateCredentialsCalls).toHaveLength(0)
})
test("upserts config with credentials — persists both and passes credentials to source", async () => {
setEnabledSources(["test"])
let receivedCredentials: unknown = null
const factory = mock(async (_userId: string, _config: unknown, creds: unknown) => {
receivedCredentials = creds
return createStubSource("test")
})
const provider: FeedSourceProvider = { sourceId: "test", feedSourceForUser: factory }
const manager = new UserSessionManager({
db: fakeDb,
providers: [provider],
credentialEncryptor: testEncryptor,
})
// Create a session so the source refresh path runs
await manager.getOrCreate("user-1")
const creds = { username: "alice", password: "s3cret" }
await manager.saveSourceConfig("user-1", "test", {
enabled: true,
config: { serverUrl: "https://example.com" },
credentials: creds,
})
// Credentials were encrypted and persisted
expect(mockUpdateCredentialsCalls).toHaveLength(1)
const decrypted = JSON.parse(testEncryptor.decrypt(mockUpdateCredentialsCalls[0]!.credentials))
expect(decrypted).toEqual(creds)
// feedSourceForUser received the provided credentials (not null)
expect(receivedCredentials).toEqual(creds)
})
test("upserts config with credentials adds source to session when not already present", async () => {
// Start with no enabled sources so the session is empty
setEnabledSources([])
const factory = mock(async () => createStubSource("test"))
const provider: FeedSourceProvider = { sourceId: "test", feedSourceForUser: factory }
const manager = new UserSessionManager({
db: fakeDb,
providers: [provider],
credentialEncryptor: testEncryptor,
})
const session = await manager.getOrCreate("user-1")
expect(session.hasSource("test")).toBe(false)
// Set mockFindResult to undefined so find() returns a row (simulating the row was just created by upsertConfig)
await manager.saveSourceConfig("user-1", "test", {
enabled: true,
config: {},
credentials: { token: "abc" },
})
// Source should now be in the session
expect(session.hasSource("test")).toBe(true)
expect(mockUpdateCredentialsCalls).toHaveLength(1)
})
test("throws CredentialStorageUnavailableError when credentials provided without encryptor", async () => {
setEnabledSources(["test"])
const provider = createStubProvider("test")
const manager = new UserSessionManager({
db: fakeDb,
providers: [provider],
// No credentialEncryptor
})
await expect(
manager.saveSourceConfig("user-1", "test", {
enabled: true,
config: {},
credentials: { token: "abc" },
}),
).rejects.toBeInstanceOf(CredentialStorageUnavailableError)
})
test("throws SourceNotFoundError for unknown provider", async () => {
const manager = new UserSessionManager({
db: fakeDb,
providers: [],
credentialEncryptor: testEncryptor,
})
await expect(
manager.saveSourceConfig("user-1", "unknown", {
enabled: true,
config: {},
}),
).rejects.toBeInstanceOf(SourceNotFoundError)
})
})

406
apps/freya-backend/src/session/user-session-manager.ts Normal file
View File

@@ -0,0 +1,406 @@
import type { FeedSource } from "@freya/core"
import { type } from "arktype"
import merge from "lodash.merge"
import type { Database } from "../db/index.ts"
import type { FeedEnhancer } from "../enhancement/enhance-feed.ts"
import type { CredentialEncryptor } from "../lib/crypto.ts"
import type { FeedSourceProvider } from "./feed-source-provider.ts"
import {
CredentialStorageUnavailableError,
InvalidSourceConfigError,
SourceNotFoundError,
} from "../sources/errors.ts"
import { sources } from "../sources/user-sources.ts"
import { UserSession } from "./user-session.ts"
export interface UserSessionManagerConfig {
db: Database
providers: FeedSourceProvider[]
feedEnhancer?: FeedEnhancer | null
credentialEncryptor?: CredentialEncryptor | null
}
export class UserSessionManager {
private sessions = new Map<string, UserSession>()
private pending = new Map<string, Promise<UserSession>>()
private readonly db: Database
private readonly providers = new Map<string, FeedSourceProvider>()
private readonly feedEnhancer: FeedEnhancer | null
private readonly encryptor: CredentialEncryptor | null
constructor(config: UserSessionManagerConfig) {
this.db = config.db
for (const provider of config.providers) {
this.providers.set(provider.sourceId, provider)
}
this.feedEnhancer = config.feedEnhancer ?? null
this.encryptor = config.credentialEncryptor ?? null
}
getProvider(sourceId: string): FeedSourceProvider | undefined {
return this.providers.get(sourceId)
}
/**
* Returns the user's config for a source, or defaults if no row exists.
*
* @throws {SourceNotFoundError} if the sourceId has no registered provider
*/
async fetchSourceConfig(
userId: string,
sourceId: string,
): Promise<{ enabled: boolean; config: unknown }> {
const provider = this.providers.get(sourceId)
if (!provider) {
throw new SourceNotFoundError(sourceId, userId)
}
const row = await sources(this.db, userId).find(sourceId)
return {
enabled: row?.enabled ?? false,
config: row?.config ?? {},
}
}
async getOrCreate(userId: string): Promise<UserSession> {
const existing = this.sessions.get(userId)
if (existing) return existing
const inflight = this.pending.get(userId)
if (inflight) return inflight
const promise = this.createSession(userId)
this.pending.set(userId, promise)
try {
const session = await promise
// If remove() was called while we were awaiting, it clears the
// pending entry. Detect that and destroy the session immediately.
if (!this.pending.has(userId)) {
session.destroy()
throw new Error(`Session for user ${userId} was removed during creation`)
}
this.sessions.set(userId, session)
return session
} finally {
this.pending.delete(userId)
}
}
remove(userId: string): void {
const session = this.sessions.get(userId)
if (session) {
session.destroy()
this.sessions.delete(userId)
}
// Cancel any in-flight creation so getOrCreate won't store the session
this.pending.delete(userId)
}
/**
* Merges, validates, and persists a user's source config and/or enabled
* state, then invalidates the cached session.
*
* @throws {SourceNotFoundError} if the source row doesn't exist
* @throws {InvalidSourceConfigError} if the merged config fails schema validation
*/
async updateSourceConfig(
userId: string,
sourceId: string,
update: { enabled?: boolean; config?: unknown },
): Promise<void> {
const provider = this.providers.get(sourceId)
if (!provider) {
throw new SourceNotFoundError(sourceId, userId)
}
// Nothing to update
if (update.enabled === undefined && update.config === undefined) {
// Still validate existence — updateConfig would throw, but
// we can avoid the DB write entirely.
if (!(await sources(this.db, userId).find(sourceId))) {
throw new SourceNotFoundError(sourceId, userId)
}
return
}
// Use a transaction with SELECT FOR UPDATE to prevent lost updates
// when concurrent PATCH requests merge config against the same base.
const { existingRow, mergedConfig } = await this.db.transaction(async (tx) => {
const existingRow = await sources(tx, userId).findForUpdate(sourceId)
let mergedConfig: Record<string, unknown> | undefined
if (update.config !== undefined && provider.configSchema) {
const existingConfig = (existingRow?.config ?? {}) as Record<string, unknown>
mergedConfig = merge({}, existingConfig, update.config)
const validated = provider.configSchema(mergedConfig)
if (validated instanceof type.errors) {
throw new InvalidSourceConfigError(sourceId, validated.summary)
}
}
// Throws SourceNotFoundError if the row doesn't exist
await sources(tx, userId).updateConfig(sourceId, {
enabled: update.enabled,
config: mergedConfig,
})
return { existingRow, mergedConfig }
})
// Refresh the specific source in the active session instead of
// destroying the entire session.
const session = this.sessions.get(userId)
if (session) {
if (update.enabled === false) {
session.removeSource(sourceId)
} else {
const credentials = existingRow?.credentials
? this.decryptCredentials(existingRow.credentials)
: null
const source = await provider.feedSourceForUser(userId, mergedConfig ?? {}, credentials)
session.replaceSource(sourceId, source)
}
}
}
/**
* Validates, persists, and upserts a user's source config, then
* refreshes the cached session. Unlike updateSourceConfig, this
* inserts a new row if one doesn't exist and fully replaces config
* (no merge).
*
* When `credentials` is provided, they are encrypted and persisted
* alongside the config in the same flow, avoiding the race condition
* of separate config + credential requests.
*
* @throws {SourceNotFoundError} if the sourceId has no registered provider
* @throws {InvalidSourceConfigError} if config fails schema validation
* @throws {CredentialStorageUnavailableError} if credentials are provided but no encryptor is configured
*/
async saveSourceConfig(
userId: string,
sourceId: string,
data: { enabled: boolean; config?: unknown; credentials?: unknown },
): Promise<void> {
const provider = this.providers.get(sourceId)
if (!provider) {
throw new SourceNotFoundError(sourceId, userId)
}
if (provider.configSchema && data.config !== undefined) {
const validated = provider.configSchema(data.config)
if (validated instanceof type.errors) {
throw new InvalidSourceConfigError(sourceId, validated.summary)
}
}
if (data.credentials !== undefined && !this.encryptor) {
throw new CredentialStorageUnavailableError()
}
const config = data.config ?? {}
// Run the upsert + credential update atomically so a failure in
// either step doesn't leave the row in an inconsistent state.
const existingRow = await this.db.transaction(async (tx) => {
const existing = await sources(tx, userId).find(sourceId)
await sources(tx, userId).upsertConfig(sourceId, {
enabled: data.enabled,
config,
})
if (data.credentials !== undefined && this.encryptor) {
const encrypted = this.encryptor.encrypt(JSON.stringify(data.credentials))
await sources(tx, userId).updateCredentials(sourceId, encrypted)
}
return existing
})
const session = this.sessions.get(userId)
if (session) {
if (!data.enabled) {
session.removeSource(sourceId)
} else {
// Prefer the just-provided credentials over what was in the DB.
let credentials: unknown = null
if (data.credentials !== undefined) {
credentials = data.credentials
} else if (existingRow?.credentials) {
credentials = this.decryptCredentials(existingRow.credentials)
}
const source = await provider.feedSourceForUser(userId, config, credentials)
if (session.hasSource(sourceId)) {
session.replaceSource(sourceId, source)
} else {
session.addSource(source)
}
}
}
}
/**
* Validates, encrypts, and persists per-user credentials for a source,
* then refreshes the active session.
*
* @throws {SourceNotFoundError} if the source row doesn't exist or has no registered provider
* @throws {CredentialStorageUnavailableError} if no CredentialEncryptor is configured
*/
async updateSourceCredentials(
userId: string,
sourceId: string,
credentials: unknown,
): Promise<void> {
const provider = this.providers.get(sourceId)
if (!provider) {
throw new SourceNotFoundError(sourceId, userId)
}
if (!this.encryptor) {
throw new CredentialStorageUnavailableError()
}
const encrypted = this.encryptor.encrypt(JSON.stringify(credentials))
await sources(this.db, userId).updateCredentials(sourceId, encrypted)
// Refresh the source in the active session.
// If feedSourceForUser throws (e.g. provider rejects the credentials),
// the DB already has the new credentials but the session keeps the old
// source. The next session creation will pick up the persisted credentials.
const session = this.sessions.get(userId)
if (session && session.hasSource(sourceId)) {
const row = await sources(this.db, userId).find(sourceId)
if (row?.enabled) {
const source = await provider.feedSourceForUser(userId, row.config ?? {}, credentials)
session.replaceSource(sourceId, source)
}
}
}
/**
* Replaces a provider and updates all active sessions.
* The new provider must have the same sourceId as an existing one.
* For each active session, queries the user's source config from the DB
* and re-resolves the source. If the provider fails for a user, the
* existing source is kept.
*/
async replaceProvider(provider: FeedSourceProvider): Promise<void> {
if (!this.providers.has(provider.sourceId)) {
throw new Error(
`Cannot replace provider "${provider.sourceId}": no existing provider with that sourceId`,
)
}
this.providers.set(provider.sourceId, provider)
const updates: Promise<void>[] = []
for (const [, session] of this.sessions) {
updates.push(this.refreshSessionSource(session, provider))
}
// Also update sessions that are currently being created so they
// don't land in this.sessions with a stale source.
for (const [, pendingPromise] of this.pending) {
updates.push(
pendingPromise
.then((session) => this.refreshSessionSource(session, provider))
.catch(() => {
// Session creation itself failed — nothing to update.
}),
)
}
await Promise.all(updates)
}
/**
* Re-resolves a single source for a session by querying the user's config
* from the DB and calling the provider. If the provider fails, the existing
* source is kept.
*/
private async refreshSessionSource(
session: UserSession,
provider: FeedSourceProvider,
): Promise<void> {
if (!session.hasSource(provider.sourceId)) return
try {
const row = await sources(this.db, session.userId).find(provider.sourceId)
if (!row?.enabled) return
const credentials = row.credentials ? this.decryptCredentials(row.credentials) : null
const newSource = await provider.feedSourceForUser(
session.userId,
row.config ?? {},
credentials,
)
session.replaceSource(provider.sourceId, newSource)
} catch (err) {
console.error(
`[UserSessionManager] refreshSource("${provider.sourceId}") failed for user ${session.userId}:`,
err,
)
}
}
private async createSession(userId: string): Promise<UserSession> {
const enabledRows = await sources(this.db, userId).enabled()
const promises: Promise<FeedSource>[] = []
for (const row of enabledRows) {
const provider = this.providers.get(row.sourceId)
if (provider) {
const credentials = row.credentials ? this.decryptCredentials(row.credentials) : null
promises.push(provider.feedSourceForUser(userId, row.config ?? {}, credentials))
}
}
if (promises.length === 0) {
return new UserSession(userId, [], this.feedEnhancer)
}
const results = await Promise.allSettled(promises)
const feedSources: FeedSource[] = []
const errors: unknown[] = []
for (const result of results) {
if (result.status === "fulfilled") {
feedSources.push(result.value)
} else {
errors.push(result.reason)
}
}
if (feedSources.length === 0 && errors.length > 0) {
throw new AggregateError(errors, "All feed source providers failed")
}
for (const error of errors) {
console.error("[UserSessionManager] Feed source provider failed:", error)
}
return new UserSession(userId, feedSources, this.feedEnhancer)
}
/**
* Decrypts a credentials buffer from the DB, returning parsed JSON or null.
* Returns null (with a warning) if decryption or parsing fails — e.g. due to
* key rotation, data corruption, or malformed JSON.
*/
private decryptCredentials(credentials: Buffer): unknown {
if (!this.encryptor) return null
try {
return JSON.parse(this.encryptor.decrypt(credentials))
} catch (err) {
console.warn("[UserSessionManager] Failed to decrypt credentials:", err)
return null
}
}
}

394
apps/freya-backend/src/session/user-session.test.ts Normal file
View File

@@ -0,0 +1,394 @@
import type { ActionDefinition, ContextEntry, FeedItem, FeedSource } from "@freya/core"
import { LocationSource } from "@freya/source-location"
import { describe, expect, spyOn, test } from "bun:test"
import { UserSession } from "./user-session.ts"
function createStubSource(id: string, items: FeedItem[] = []): FeedSource {
return {
id,
async listActions(): Promise<Record<string, ActionDefinition>> {
return {}
},
async executeAction(): Promise<unknown> {
return undefined
},
async fetchContext(): Promise<readonly ContextEntry[] | null> {
return null
},
async fetchItems() {
return items
},
}
}
describe("UserSession", () => {
test("registers sources and starts engine", async () => {
const session = new UserSession("test-user", [
createStubSource("test-a"),
createStubSource("test-b"),
])
const result = await session.engine.refresh()
expect(result.errors).toHaveLength(0)
})
test("getSource returns registered source", () => {
const location = new LocationSource()
const session = new UserSession("test-user", [location])
const result = session.getSource<LocationSource>("freya.location")
expect(result).toBe(location)
})
test("getSource returns undefined for unknown source", () => {
const session = new UserSession("test-user", [createStubSource("test")])
expect(session.getSource("unknown")).toBeUndefined()
})
test("destroy stops engine and clears sources", () => {
const session = new UserSession("test-user", [createStubSource("test")])
session.destroy()
expect(session.getSource("test")).toBeUndefined()
})
test("engine.executeAction routes to correct source", async () => {
const location = new LocationSource()
const session = new UserSession("test-user", [location])
await session.engine.executeAction("freya.location", "update-location", {
lat: 51.5,
lng: -0.1,
accuracy: 10,
timestamp: new Date(),
})
expect(location.lastLocation).toBeDefined()
expect(location.lastLocation!.lat).toBe(51.5)
})
})
describe("UserSession.feed", () => {
test("returns feed items without enhancer", async () => {
const items: FeedItem[] = [
{
id: "item-1",
sourceId: "test",
type: "test",
timestamp: new Date("2025-01-01T00:00:00.000Z"),
data: { value: 42 },
},
]
const session = new UserSession("test-user", [createStubSource("test", items)])
const result = await session.feed()
expect(result.items).toHaveLength(1)
expect(result.items[0]!.id).toBe("item-1")
})
test("returns enhanced items when enhancer is provided", async () => {
const items: FeedItem[] = [
{
id: "item-1",
sourceId: "test",
type: "test",
timestamp: new Date("2025-01-01T00:00:00.000Z"),
data: { value: 42 },
},
]
const enhancer = async (feedItems: FeedItem[]) =>
feedItems.map((item) => ({ ...item, data: { ...item.data, enhanced: true } }))
const session = new UserSession("test-user", [createStubSource("test", items)], enhancer)
const result = await session.feed()
expect(result.items).toHaveLength(1)
expect(result.items[0]!.data.enhanced).toBe(true)
})
test("caches enhanced items on subsequent calls", async () => {
const items: FeedItem[] = [
{
id: "item-1",
sourceId: "test",
type: "test",
timestamp: new Date("2025-01-01T00:00:00.000Z"),
data: { value: 42 },
},
]
let enhancerCallCount = 0
const enhancer = async (feedItems: FeedItem[]) => {
enhancerCallCount++
return feedItems.map((item) => ({ ...item, data: { ...item.data, enhanced: true } }))
}
const session = new UserSession("test-user", [createStubSource("test", items)], enhancer)
const result1 = await session.feed()
expect(result1.items[0]!.data.enhanced).toBe(true)
expect(enhancerCallCount).toBe(1)
const result2 = await session.feed()
expect(result2.items[0]!.data.enhanced).toBe(true)
expect(enhancerCallCount).toBe(1)
})
test("re-enhances after engine refresh with new data", async () => {
let currentItems: FeedItem[] = [
{
id: "item-1",
sourceId: "test",
type: "test",
timestamp: new Date("2025-01-01T00:00:00.000Z"),
data: { version: 1 },
},
]
const source = createStubSource("test", currentItems)
// Make fetchItems dynamic so refresh returns new data
source.fetchItems = async () => currentItems
const enhancedVersions: number[] = []
const enhancer = async (feedItems: FeedItem[]) => {
const version = feedItems[0]!.data.version as number
enhancedVersions.push(version)
return feedItems.map((item) => ({
...item,
data: { ...item.data, enhanced: true },
}))
}
const session = new UserSession("test-user", [source], enhancer)
// First feed triggers refresh + enhancement
const result1 = await session.feed()
expect(result1.items[0]!.data.version).toBe(1)
expect(result1.items[0]!.data.enhanced).toBe(true)
// Update source data and trigger engine refresh
currentItems = [
{
id: "item-1",
sourceId: "test",
type: "test",
timestamp: new Date("2025-01-02T00:00:00.000Z"),
data: { version: 2 },
},
]
await session.engine.refresh()
// Wait for subscriber-triggered background enhancement
await new Promise((resolve) => setTimeout(resolve, 10))
// feed() should now serve re-enhanced items with version 2
const result2 = await session.feed()
expect(result2.items[0]!.data.version).toBe(2)
expect(result2.items[0]!.data.enhanced).toBe(true)
expect(enhancedVersions).toEqual([1, 2])
})
test("falls back to unenhanced items when enhancer throws", async () => {
const items: FeedItem[] = [
{
id: "item-1",
sourceId: "test",
type: "test",
timestamp: new Date("2025-01-01T00:00:00.000Z"),
data: { value: 42 },
},
]
const enhancer = async () => {
throw new Error("enhancement exploded")
}
const session = new UserSession("test-user", [createStubSource("test", items)], enhancer)
const result = await session.feed()
expect(result.items).toHaveLength(1)
expect(result.items[0]!.id).toBe("item-1")
expect(result.items[0]!.data.value).toBe(42)
})
})
describe("UserSession.replaceSource", () => {
test("replaces source and invalidates feed cache", async () => {
const itemsA: FeedItem[] = [
{
id: "a-1",
sourceId: "test",
type: "test",
timestamp: new Date("2025-01-01T00:00:00.000Z"),
data: { from: "a" },
},
]
const itemsB: FeedItem[] = [
{
id: "b-1",
sourceId: "test",
type: "test",
timestamp: new Date("2025-01-01T00:00:00.000Z"),
data: { from: "b" },
},
]
const sourceA = createStubSource("test", itemsA)
const session = new UserSession("test-user", [sourceA])
const result1 = await session.feed()
expect(result1.items).toHaveLength(1)
expect(result1.items[0]!.data.from).toBe("a")
const sourceB = createStubSource("test", itemsB)
session.replaceSource("test", sourceB)
const result2 = await session.feed()
expect(result2.items).toHaveLength(1)
expect(result2.items[0]!.data.from).toBe("b")
})
test("getSource returns new source after replace", () => {
const sourceA = createStubSource("test")
const session = new UserSession("test-user", [sourceA])
const sourceB = createStubSource("test")
session.replaceSource("test", sourceB)
expect(session.getSource("test")).toBe(sourceB)
expect(session.getSource("test")).not.toBe(sourceA)
})
test("throws when replacing a source that is not registered", () => {
const session = new UserSession("test-user", [createStubSource("test")])
expect(() => session.replaceSource("nonexistent", createStubSource("other"))).toThrow(
'Cannot replace source "nonexistent": not registered',
)
})
test("other sources are unaffected by replace", async () => {
const sourceA = createStubSource("source-a", [
{
id: "a-1",
sourceId: "source-a",
type: "test",
timestamp: new Date(),
data: { from: "a" },
},
])
const sourceB = createStubSource("source-b", [
{
id: "b-1",
sourceId: "source-b",
type: "test",
timestamp: new Date(),
data: { from: "b" },
},
])
const session = new UserSession("test-user", [sourceA, sourceB])
const replacement = createStubSource("source-a", [
{
id: "a-2",
sourceId: "source-a",
type: "test",
timestamp: new Date(),
data: { from: "a-new" },
},
])
session.replaceSource("source-a", replacement)
const result = await session.feed()
expect(result.items).toHaveLength(2)
const ids = result.items.map((i) => i.id).sort()
expect(ids).toEqual(["a-2", "b-1"])
})
test("invalidates enhancement cache on replace", async () => {
const items: FeedItem[] = [
{
id: "item-1",
sourceId: "test",
type: "test",
timestamp: new Date(),
data: { version: 1 },
},
]
let enhanceCount = 0
const enhancer = async (feedItems: FeedItem[]) => {
enhanceCount++
return feedItems.map((item) => ({ ...item, data: { ...item.data, enhanced: true } }))
}
const session = new UserSession("test-user", [createStubSource("test", items)], enhancer)
await session.feed()
expect(enhanceCount).toBe(1)
const newItems: FeedItem[] = [
{
id: "item-2",
sourceId: "test",
type: "test",
timestamp: new Date(),
data: { version: 2 },
},
]
session.replaceSource("test", createStubSource("test", newItems))
const result = await session.feed()
expect(enhanceCount).toBe(2)
expect(result.items[0]!.id).toBe("item-2")
expect(result.items[0]!.data.enhanced).toBe(true)
})
})
describe("UserSession.removeSource", () => {
test("removes source from engine and sources map", () => {
const session = new UserSession("test-user", [
createStubSource("test-a"),
createStubSource("test-b"),
])
session.removeSource("test-a")
expect(session.getSource("test-a")).toBeUndefined()
expect(session.getSource("test-b")).toBeDefined()
})
test("invalidates feed cache on remove", async () => {
const items: FeedItem[] = [
{
id: "item-1",
sourceId: "test",
type: "test",
timestamp: new Date(),
data: {},
},
]
const session = new UserSession("test-user", [createStubSource("test", items)])
const result1 = await session.feed()
expect(result1.items).toHaveLength(1)
session.removeSource("test")
const result2 = await session.feed()
expect(result2.items).toHaveLength(0)
})
test("is a no-op for unknown source", () => {
const session = new UserSession("test-user", [createStubSource("test")])
expect(() => session.removeSource("unknown")).not.toThrow()
expect(session.getSource("test")).toBeDefined()
})
})

189
apps/freya-backend/src/session/user-session.ts Normal file
View File

@@ -0,0 +1,189 @@
import { FeedEngine, type FeedItem, type FeedResult, type FeedSource } from "@freya/core"
import type { FeedEnhancer } from "../enhancement/enhance-feed.ts"
export class UserSession {
readonly userId: string
readonly engine: FeedEngine
private sources = new Map<string, FeedSource>()
private readonly enhancer: FeedEnhancer | null
private enhancedItems: FeedItem[] | null = null
/** The FeedResult that enhancedItems was derived from. */
private enhancedSource: FeedResult | null = null
private enhancingPromise: Promise<void> | null = null
private unsubscribe: (() => void) | null = null
constructor(userId: string, sources: FeedSource[], enhancer?: FeedEnhancer | null) {
this.userId = userId
this.engine = new FeedEngine()
this.enhancer = enhancer ?? null
for (const source of sources) {
this.sources.set(source.id, source)
this.engine.register(source)
}
if (this.enhancer) {
this.unsubscribe = this.engine.subscribe((result) => {
this.invalidateEnhancement()
this.runEnhancement(result)
})
}
this.engine.start()
}
/**
* Returns the current feed, refreshing if the engine cache expired.
* Enhancement runs eagerly on engine updates; this method awaits
* any in-flight enhancement or triggers one if needed.
*/
async feed(): Promise<FeedResult> {
const cached = this.engine.lastFeed()
const result = cached ?? (await this.engine.refresh())
if (!this.enhancer) {
return result
}
// Wait for any in-flight background enhancement to finish
if (this.enhancingPromise) {
await this.enhancingPromise
}
// Serve cached enhancement only if it matches the current engine result
if (this.enhancedItems && this.enhancedSource === result) {
return { ...result, items: this.enhancedItems }
}
// Stale or missing — re-enhance
await this.runEnhancement(result)
if (this.enhancedItems) {
return { ...result, items: this.enhancedItems }
}
return result
}
getSource<T extends FeedSource>(sourceId: string): T | undefined {
return this.sources.get(sourceId) as T | undefined
}
hasSource(sourceId: string): boolean {
return this.sources.has(sourceId)
}
/**
* Registers a new source in the engine and invalidates all caches.
* Stops and restarts the engine to establish reactive subscriptions.
*/
addSource(source: FeedSource): void {
if (this.sources.has(source.id)) {
throw new Error(`Cannot add source "${source.id}": already registered`)
}
const wasStarted = this.engine.isStarted()
if (wasStarted) {
this.engine.stop()
}
this.engine.register(source)
this.sources.set(source.id, source)
this.invalidateEnhancement()
this.enhancingPromise = null
if (wasStarted) {
this.engine.start()
}
}
/**
* Replaces a source in the engine and invalidates all caches.
* Stops and restarts the engine to re-establish reactive subscriptions.
*/
replaceSource(oldSourceId: string, newSource: FeedSource): void {
if (!this.sources.has(oldSourceId)) {
throw new Error(`Cannot replace source "${oldSourceId}": not registered`)
}
const wasStarted = this.engine.isStarted()
if (wasStarted) {
this.engine.stop()
}
this.engine.unregister(oldSourceId)
this.sources.delete(oldSourceId)
this.engine.register(newSource)
this.sources.set(newSource.id, newSource)
this.invalidateEnhancement()
this.enhancingPromise = null
if (wasStarted) {
this.engine.start()
}
}
/**
* Removes a source from the engine and invalidates all caches.
* Stops and restarts the engine to clean up reactive subscriptions.
*/
removeSource(sourceId: string): void {
if (!this.sources.has(sourceId)) return
const wasStarted = this.engine.isStarted()
if (wasStarted) {
this.engine.stop()
}
this.engine.unregister(sourceId)
this.sources.delete(sourceId)
this.invalidateEnhancement()
this.enhancingPromise = null
if (wasStarted) {
this.engine.start()
}
}
destroy(): void {
this.unsubscribe?.()
this.unsubscribe = null
this.engine.stop()
this.sources.clear()
this.invalidateEnhancement()
this.enhancingPromise = null
}
private invalidateEnhancement(): void {
this.enhancedItems = null
this.enhancedSource = null
}
private runEnhancement(result: FeedResult): Promise<void> {
const promise = this.enhance(result)
this.enhancingPromise = promise
promise.finally(() => {
if (this.enhancingPromise === promise) {
this.enhancingPromise = null
}
})
return promise
}
private async enhance(result: FeedResult): Promise<void> {
try {
this.enhancedItems = await this.enhancer!(result.items)
this.enhancedSource = result
} catch (err) {
console.error("[enhancement] Unexpected error:", err)
this.invalidateEnhancement()
}
}
}

49
apps/freya-backend/src/sources/errors.ts Normal file
View File

@@ -0,0 +1,49 @@
/**
* Thrown when an operation targets a user source that doesn't exist.
*/
export class SourceNotFoundError extends Error {
readonly sourceId: string
readonly userId: string
constructor(sourceId: string, userId: string) {
super(`Source "${sourceId}" not found for user "${userId}"`)
this.name = "SourceNotFoundError"
this.sourceId = sourceId
this.userId = userId
}
}
/**
* Thrown when a source config update fails schema validation.
*/
export class InvalidSourceConfigError extends Error {
readonly sourceId: string
constructor(sourceId: string, summary: string) {
super(summary)
this.sourceId = sourceId
}
}
/**
* Thrown by providers when credentials fail validation.
*/
export class InvalidSourceCredentialsError extends Error {
readonly sourceId: string
constructor(sourceId: string, summary: string) {
super(summary)
this.name = "InvalidSourceCredentialsError"
this.sourceId = sourceId
}
}
/**
* Thrown when credential storage is not configured (missing encryption key).
*/
export class CredentialStorageUnavailableError extends Error {
constructor() {
super("Credential storage is not configured")
this.name = "CredentialStorageUnavailableError"
}
}

865
apps/freya-backend/src/sources/http.test.ts Normal file
View File

@@ -0,0 +1,865 @@
import type { ActionDefinition, ContextEntry, FeedItem, FeedSource } from "@freya/core"
import { describe, expect, mock, spyOn, test } from "bun:test"
import { Hono } from "hono"
import type { Database } from "../db/index.ts"
import type { ConfigSchema, FeedSourceProvider } from "../session/feed-source-provider.ts"
import { mockAuthSessionMiddleware } from "../auth/session-middleware.ts"
import { CredentialEncryptor } from "../lib/crypto.ts"
import { UserSessionManager } from "../session/user-session-manager.ts"
import { tflConfig } from "../tfl/provider.ts"
import { weatherConfig } from "../weather/provider.ts"
import { InvalidSourceCredentialsError, SourceNotFoundError } from "./errors.ts"
import { registerSourcesHttpHandlers } from "./http.ts"
// ---------------------------------------------------------------------------
// Helpers
// ---------------------------------------------------------------------------
function createStubSource(id: string): FeedSource {
return {
id,
async listActions(): Promise<Record<string, ActionDefinition>> {
return {}
},
async executeAction(): Promise<unknown> {
return undefined
},
async fetchContext(): Promise<readonly ContextEntry[] | null> {
return null
},
async fetchItems(): Promise<FeedItem[]> {
return []
},
}
}
function createStubProvider(sourceId: string, configSchema?: ConfigSchema): FeedSourceProvider {
return {
sourceId,
configSchema,
async feedSourceForUser(_userId: string, _config: unknown, _credentials: unknown) {
return createStubSource(sourceId)
},
}
}
const MOCK_USER_ID = "k7Gx2mPqRvNwYs9TdLfA4bHcJeUo1iZn"
type SourceRow = {
userId: string
sourceId: string
enabled: boolean
config: Record<string, unknown>
}
function createInMemoryStore() {
const rows = new Map<string, SourceRow>()
function key(userId: string, sourceId: string) {
return `${userId}:${sourceId}`
}
return {
rows,
seed(userId: string, sourceId: string, data: Partial<SourceRow> = {}) {
rows.set(key(userId, sourceId), {
userId,
sourceId,
enabled: data.enabled ?? true,
config: data.config ?? {},
})
},
forUser(userId: string) {
return {
async enabled() {
return [...rows.values()].filter((r) => r.userId === userId && r.enabled)
},
async find(sourceId: string) {
return rows.get(key(userId, sourceId))
},
async findForUpdate(sourceId: string) {
return rows.get(key(userId, sourceId))
},
async updateConfig(sourceId: string, update: { enabled?: boolean; config?: unknown }) {
const existing = rows.get(key(userId, sourceId))
if (!existing) {
throw new SourceNotFoundError(sourceId, userId)
}
if (update.enabled !== undefined) {
existing.enabled = update.enabled
}
if (update.config !== undefined) {
existing.config = update.config as Record<string, unknown>
}
},
async upsertConfig(sourceId: string, data: { enabled: boolean; config: unknown }) {
const existing = rows.get(key(userId, sourceId))
if (existing) {
existing.enabled = data.enabled
existing.config = data.config as Record<string, unknown>
} else {
rows.set(key(userId, sourceId), {
userId,
sourceId,
enabled: data.enabled,
config: (data.config ?? {}) as Record<string, unknown>,
})
}
},
async updateCredentials(sourceId: string, _credentials: Buffer) {
const existing = rows.get(key(userId, sourceId))
if (!existing) {
throw new SourceNotFoundError(sourceId, userId)
}
},
}
},
}
}
let activeStore: ReturnType<typeof createInMemoryStore>
mock.module("../sources/user-sources.ts", () => ({
sources(_db: unknown, userId: string) {
return activeStore.forUser(userId)
},
}))
const fakeDb = {
transaction: <T>(fn: (tx: unknown) => Promise<T>) => fn(fakeDb),
} as unknown as Database
function createApp(providers: FeedSourceProvider[], userId?: string) {
const sessionManager = new UserSessionManager({ providers, db: fakeDb })
const app = new Hono()
registerSourcesHttpHandlers(app, {
sessionManager,
authSessionMiddleware: mockAuthSessionMiddleware(userId),
})
return { app, sessionManager }
}
function patch(app: Hono, sourceId: string, body: unknown) {
return app.request(`/api/sources/${sourceId}`, {
method: "PATCH",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(body),
})
}
function get(app: Hono, sourceId: string) {
return app.request(`/api/sources/${sourceId}`, { method: "GET" })
}
const TEST_ENCRYPTION_KEY = "/bv1nbzC4ozZkT/pcv5oQfl+JAMuMZDUSVDesG2dur8="
function createAppWithEncryptor(providers: FeedSourceProvider[], userId?: string) {
const sessionManager = new UserSessionManager({
providers,
db: fakeDb,
credentialEncryptor: new CredentialEncryptor(TEST_ENCRYPTION_KEY),
})
const app = new Hono()
registerSourcesHttpHandlers(app, {
sessionManager,
authSessionMiddleware: mockAuthSessionMiddleware(userId),
})
return { app, sessionManager }
}
function putCredentials(app: Hono, sourceId: string, body: unknown) {
return app.request(`/api/sources/${sourceId}/credentials`, {
method: "PUT",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(body),
})
}
function put(app: Hono, sourceId: string, body: unknown) {
return app.request(`/api/sources/${sourceId}`, {
method: "PUT",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(body),
})
}
// ---------------------------------------------------------------------------
// Tests
// ---------------------------------------------------------------------------
describe("GET /api/sources/:sourceId", () => {
test("returns 401 without auth", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)])
const res = await get(app, "freya.weather")
expect(res.status).toBe(401)
})
test("returns 404 for unknown source", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await get(app, "unknown.source")
expect(res.status).toBe(404)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("not found")
})
test("returns enabled and config for existing source", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.weather", {
enabled: true,
config: { units: "metric" },
})
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await get(app, "freya.weather")
expect(res.status).toBe(200)
const body = (await res.json()) as { enabled: boolean; config: unknown }
expect(body.enabled).toBe(true)
expect(body.config).toEqual({ units: "metric" })
})
test("returns defaults when user has no row for source", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await get(app, "freya.weather")
expect(res.status).toBe(200)
const body = (await res.json()) as { enabled: boolean; config: unknown }
expect(body.enabled).toBe(false)
expect(body.config).toEqual({})
})
test("returns disabled source", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.weather", {
enabled: false,
config: { units: "imperial" },
})
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await get(app, "freya.weather")
expect(res.status).toBe(200)
const body = (await res.json()) as { enabled: boolean; config: unknown }
expect(body.enabled).toBe(false)
expect(body.config).toEqual({ units: "imperial" })
})
})
describe("PATCH /api/sources/:sourceId", () => {
test("returns 401 without auth", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)])
const res = await patch(app, "freya.weather", { enabled: true })
expect(res.status).toBe(401)
})
test("returns 404 for unknown source", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await patch(app, "unknown.source", { enabled: true })
expect(res.status).toBe(404)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("not found")
})
test("returns 404 when user has no existing row for source", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await patch(app, "freya.weather", { enabled: true })
expect(res.status).toBe(404)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("not found")
})
test("returns 204 when body is empty object (no-op) on existing source", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.weather")
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await patch(app, "freya.weather", {})
expect(res.status).toBe(204)
})
test("returns 404 when body is empty object on nonexistent user source", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await patch(app, "freya.weather", {})
expect(res.status).toBe(404)
})
test("returns 400 for invalid JSON body", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.weather")
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await app.request("/api/sources/freya.weather", {
method: "PATCH",
headers: { "Content-Type": "application/json" },
body: "not json",
})
expect(res.status).toBe(400)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("Invalid JSON")
})
test("returns 400 when request body contains unknown fields", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.weather")
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await patch(app, "freya.weather", {
enabled: true,
unknownField: "hello",
})
expect(res.status).toBe(400)
})
test("returns 400 when weather config contains unknown fields", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.weather")
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await patch(app, "freya.weather", {
config: { units: "metric", unknownField: "hello" },
})
expect(res.status).toBe(400)
})
test("returns 400 when weather config fails validation", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.weather")
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await patch(app, "freya.weather", {
config: { units: "invalid" },
})
expect(res.status).toBe(400)
})
test("returns 204 and updates enabled", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.weather", {
enabled: true,
config: { units: "metric" },
})
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await patch(app, "freya.weather", { enabled: false })
expect(res.status).toBe(204)
const row = activeStore.rows.get(`${MOCK_USER_ID}:freya.weather`)
expect(row!.enabled).toBe(false)
expect(row!.config).toEqual({ units: "metric" })
})
test("returns 204 and updates config", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.weather", {
config: { units: "metric" },
})
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await patch(app, "freya.weather", {
config: { units: "imperial" },
})
expect(res.status).toBe(204)
const row = activeStore.rows.get(`${MOCK_USER_ID}:freya.weather`)
expect(row!.config).toEqual({ units: "imperial" })
})
test("preserves config when only updating enabled", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.tfl", {
enabled: true,
config: { lines: ["bakerloo"] },
})
const { app } = createApp([createStubProvider("freya.tfl", tflConfig)], MOCK_USER_ID)
const res = await patch(app, "freya.tfl", { enabled: false })
expect(res.status).toBe(204)
const row = activeStore.rows.get(`${MOCK_USER_ID}:freya.tfl`)
expect(row!.enabled).toBe(false)
expect(row!.config).toEqual({ lines: ["bakerloo"] })
})
test("deep-merges config on update", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.weather", {
config: { units: "metric", hourlyLimit: 12 },
})
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await patch(app, "freya.weather", {
config: { dailyLimit: 5 },
})
expect(res.status).toBe(204)
const row = activeStore.rows.get(`${MOCK_USER_ID}:freya.weather`)
expect(row!.config).toEqual({
units: "metric",
hourlyLimit: 12,
dailyLimit: 5,
})
})
test("refreshes source in active session after config update", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.weather", {
config: { units: "metric" },
})
const { app, sessionManager } = createApp(
[createStubProvider("freya.weather", weatherConfig)],
MOCK_USER_ID,
)
const session = await sessionManager.getOrCreate(MOCK_USER_ID)
const replaceSpy = spyOn(session, "replaceSource")
const res = await patch(app, "freya.weather", {
config: { units: "imperial" },
})
expect(res.status).toBe(204)
expect(replaceSpy).toHaveBeenCalled()
replaceSpy.mockRestore()
})
test("removes source from session when disabled", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.weather", {
enabled: true,
config: { units: "metric" },
})
const { app, sessionManager } = createApp(
[createStubProvider("freya.weather", weatherConfig)],
MOCK_USER_ID,
)
const session = await sessionManager.getOrCreate(MOCK_USER_ID)
const removeSpy = spyOn(session, "removeSource")
const res = await patch(app, "freya.weather", { enabled: false })
expect(res.status).toBe(204)
expect(removeSpy).toHaveBeenCalledWith("freya.weather")
removeSpy.mockRestore()
})
test("returns 400 when config is provided for source without schema", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.location")
const { app } = createApp([createStubProvider("freya.location")], MOCK_USER_ID)
const res = await patch(app, "freya.location", {
config: { something: "value" },
})
expect(res.status).toBe(400)
})
test("returns 400 when empty config is provided for source without schema", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.location")
const { app } = createApp([createStubProvider("freya.location")], MOCK_USER_ID)
const res = await patch(app, "freya.location", {
config: {},
})
expect(res.status).toBe(400)
})
test("updates enabled on location source", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.location", { enabled: true })
const { app } = createApp([createStubProvider("freya.location")], MOCK_USER_ID)
const res = await patch(app, "freya.location", { enabled: false })
expect(res.status).toBe(204)
const row = activeStore.rows.get(`${MOCK_USER_ID}:freya.location`)
expect(row!.enabled).toBe(false)
})
})
// ---------------------------------------------------------------------------
// PUT /api/sources/:sourceId
// ---------------------------------------------------------------------------
describe("PUT /api/sources/:sourceId", () => {
test("returns 401 without auth", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)])
const res = await put(app, "freya.weather", { enabled: true, config: {} })
expect(res.status).toBe(401)
})
test("returns 404 for unknown source", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await put(app, "unknown.source", { enabled: true, config: {} })
expect(res.status).toBe(404)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("not found")
})
test("returns 400 for invalid JSON", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await app.request("/api/sources/freya.weather", {
method: "PUT",
headers: { "Content-Type": "application/json" },
body: "not json",
})
expect(res.status).toBe(400)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("Invalid JSON")
})
test("returns 400 when enabled is missing", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await put(app, "freya.weather", { config: {} })
expect(res.status).toBe(400)
})
test("returns 400 when config is missing", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await put(app, "freya.weather", { enabled: true })
expect(res.status).toBe(400)
})
test("returns 400 when request body contains unknown fields", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await put(app, "freya.weather", {
enabled: true,
config: { units: "metric" },
unknownField: "hello",
})
expect(res.status).toBe(400)
})
test("returns 400 when weather config contains unknown fields", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await put(app, "freya.weather", {
enabled: true,
config: { units: "metric", unknownField: "hello" },
})
expect(res.status).toBe(400)
})
test("returns 400 when config fails schema validation", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await put(app, "freya.weather", {
enabled: true,
config: { units: "invalid" },
})
expect(res.status).toBe(400)
})
test("returns 204 and inserts when row does not exist", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await put(app, "freya.weather", {
enabled: true,
config: { units: "metric" },
})
expect(res.status).toBe(204)
const row = activeStore.rows.get(`${MOCK_USER_ID}:freya.weather`)
expect(row).toBeDefined()
expect(row!.enabled).toBe(true)
expect(row!.config).toEqual({ units: "metric" })
})
test("returns 204 and fully replaces existing row", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.weather", {
enabled: true,
config: { units: "metric", hourlyLimit: 12 },
})
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await put(app, "freya.weather", {
enabled: false,
config: { units: "imperial" },
})
expect(res.status).toBe(204)
const row = activeStore.rows.get(`${MOCK_USER_ID}:freya.weather`)
expect(row!.enabled).toBe(false)
// hourlyLimit should be gone — full replace, not merge
expect(row!.config).toEqual({ units: "imperial" })
})
test("refreshes source in active session after upsert", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.weather", {
config: { units: "metric" },
})
const { app, sessionManager } = createApp(
[createStubProvider("freya.weather", weatherConfig)],
MOCK_USER_ID,
)
const session = await sessionManager.getOrCreate(MOCK_USER_ID)
const replaceSpy = spyOn(session, "replaceSource")
const res = await put(app, "freya.weather", {
enabled: true,
config: { units: "imperial" },
})
expect(res.status).toBe(204)
expect(replaceSpy).toHaveBeenCalled()
replaceSpy.mockRestore()
})
test("removes source from session when disabled via upsert", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.weather", {
enabled: true,
config: { units: "metric" },
})
const { app, sessionManager } = createApp(
[createStubProvider("freya.weather", weatherConfig)],
MOCK_USER_ID,
)
const session = await sessionManager.getOrCreate(MOCK_USER_ID)
const removeSpy = spyOn(session, "removeSource")
const res = await put(app, "freya.weather", {
enabled: false,
config: { units: "metric" },
})
expect(res.status).toBe(204)
expect(removeSpy).toHaveBeenCalledWith("freya.weather")
removeSpy.mockRestore()
})
test("adds source to active session when inserting a new source", async () => {
activeStore = createInMemoryStore()
// Seed a different source so the session can be created
activeStore.seed(MOCK_USER_ID, "freya.location", { enabled: true })
const { app, sessionManager } = createApp(
[createStubProvider("freya.location"), createStubProvider("freya.weather", weatherConfig)],
MOCK_USER_ID,
)
// Create session — only has freya.location
const session = await sessionManager.getOrCreate(MOCK_USER_ID)
expect(session.hasSource("freya.weather")).toBe(false)
// PUT a new source that didn't exist before
const res = await put(app, "freya.weather", {
enabled: true,
config: { units: "metric" },
})
expect(res.status).toBe(204)
expect(session.hasSource("freya.weather")).toBe(true)
})
test("returns 400 when config is provided for source without schema", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.location")], MOCK_USER_ID)
const res = await put(app, "freya.location", {
enabled: true,
config: { something: "value" },
})
expect(res.status).toBe(400)
})
test("returns 400 when empty config is provided for source without schema", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.location")], MOCK_USER_ID)
const res = await put(app, "freya.location", {
enabled: true,
config: {},
})
expect(res.status).toBe(400)
})
test("returns 204 without config field for source without schema", async () => {
activeStore = createInMemoryStore()
const { app } = createApp([createStubProvider("freya.location")], MOCK_USER_ID)
const res = await put(app, "freya.location", {
enabled: true,
})
expect(res.status).toBe(204)
})
test("returns 204 when credentials are included alongside config", async () => {
activeStore = createInMemoryStore()
const { app } = createAppWithEncryptor(
[createStubProvider("freya.weather", weatherConfig)],
MOCK_USER_ID,
)
const res = await put(app, "freya.weather", {
enabled: true,
config: { units: "metric" },
credentials: { apiKey: "secret123" },
})
expect(res.status).toBe(204)
const row = activeStore.rows.get(`${MOCK_USER_ID}:freya.weather`)
expect(row).toBeDefined()
expect(row!.enabled).toBe(true)
expect(row!.config).toEqual({ units: "metric" })
})
test("returns 503 when credentials are provided but no encryptor is configured", async () => {
activeStore = createInMemoryStore()
// createApp does NOT configure an encryptor
const { app } = createApp([createStubProvider("freya.weather", weatherConfig)], MOCK_USER_ID)
const res = await put(app, "freya.weather", {
enabled: true,
config: { units: "metric" },
credentials: { apiKey: "secret123" },
})
expect(res.status).toBe(503)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("not configured")
})
})
describe("PUT /api/sources/:sourceId/credentials", () => {
test("returns 401 without auth", async () => {
activeStore = createInMemoryStore()
const { app } = createAppWithEncryptor([createStubProvider("freya.location")])
const res = await putCredentials(app, "freya.location", { token: "x" })
expect(res.status).toBe(401)
})
test("returns 404 for unknown source", async () => {
activeStore = createInMemoryStore()
const { app } = createAppWithEncryptor([createStubProvider("freya.location")], MOCK_USER_ID)
const res = await putCredentials(app, "unknown.source", { token: "x" })
expect(res.status).toBe(404)
})
test("returns 400 for invalid JSON", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.location")
const { app } = createAppWithEncryptor([createStubProvider("freya.location")], MOCK_USER_ID)
const res = await app.request("/api/sources/freya.location/credentials", {
method: "PUT",
headers: { "Content-Type": "application/json" },
body: "not-json",
})
expect(res.status).toBe(400)
const body = (await res.json()) as { error: string }
expect(body.error).toBe("Invalid JSON")
})
test("returns 204 and persists credentials", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.location")
const { app } = createAppWithEncryptor([createStubProvider("freya.location")], MOCK_USER_ID)
const res = await putCredentials(app, "freya.location", { token: "secret" })
expect(res.status).toBe(204)
})
test("returns 400 when provider throws InvalidSourceCredentialsError", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "test.creds")
let callCount = 0
const provider: FeedSourceProvider = {
sourceId: "test.creds",
async feedSourceForUser(_userId: string, _config: unknown, _credentials: unknown) {
callCount++
if (callCount > 1) {
throw new InvalidSourceCredentialsError("test.creds", "invalid token format")
}
return createStubSource("test.creds")
},
}
const { app, sessionManager } = createAppWithEncryptor([provider], MOCK_USER_ID)
await sessionManager.getOrCreate(MOCK_USER_ID)
const res = await putCredentials(app, "test.creds", { token: "bad" })
expect(res.status).toBe(400)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("invalid token format")
})
test("returns 503 when credential encryption is not configured", async () => {
activeStore = createInMemoryStore()
activeStore.seed(MOCK_USER_ID, "freya.location")
const { app } = createApp([createStubProvider("freya.location")], MOCK_USER_ID)
const res = await putCredentials(app, "freya.location", { token: "x" })
expect(res.status).toBe(503)
const body = (await res.json()) as { error: string }
expect(body.error).toContain("not configured")
})
})

230
apps/freya-backend/src/sources/http.ts Normal file
View File

@@ -0,0 +1,230 @@
import type { Context, Hono } from "hono"
import { type } from "arktype"
import { createMiddleware } from "hono/factory"
import type { AuthSessionMiddleware } from "../auth/session-middleware.ts"
import type { UserSessionManager } from "../session/index.ts"
import {
CredentialStorageUnavailableError,
InvalidSourceConfigError,
InvalidSourceCredentialsError,
SourceNotFoundError,
} from "./errors.ts"
type Env = {
Variables: {
sessionManager: UserSessionManager
}
}
interface SourcesHttpHandlersDeps {
sessionManager: UserSessionManager
authSessionMiddleware: AuthSessionMiddleware
}
const UpdateSourceConfigRequestBody = type({
"+": "reject",
"enabled?": "boolean",
"config?": "unknown",
})
const ReplaceSourceConfigRequestBody = type({
"+": "reject",
enabled: "boolean",
config: "unknown",
"credentials?": "unknown",
})
const ReplaceSourceConfigNoConfigRequestBody = type({
"+": "reject",
enabled: "boolean",
"credentials?": "unknown",
})
export function registerSourcesHttpHandlers(
app: Hono,
{ sessionManager, authSessionMiddleware }: SourcesHttpHandlersDeps,
) {
const inject = createMiddleware<Env>(async (c, next) => {
c.set("sessionManager", sessionManager)
await next()
})
app.get("/api/sources/:sourceId", inject, authSessionMiddleware, handleGetSource)
app.patch("/api/sources/:sourceId", inject, authSessionMiddleware, handleUpdateSource)
app.put("/api/sources/:sourceId", inject, authSessionMiddleware, handleReplaceSource)
app.put(
"/api/sources/:sourceId/credentials",
inject,
authSessionMiddleware,
handleUpdateCredentials,
)
}
async function handleGetSource(c: Context<Env>) {
const sourceId = c.req.param("sourceId")
if (!sourceId) {
return c.body(null, 404)
}
const sessionManager = c.get("sessionManager")
const user = c.get("user")!
try {
const result = await sessionManager.fetchSourceConfig(user.id, sourceId)
return c.json(result)
} catch (err) {
if (err instanceof SourceNotFoundError) {
return c.json({ error: err.message }, 404)
}
throw err
}
}
async function handleUpdateSource(c: Context<Env>) {
const sourceId = c.req.param("sourceId")
if (!sourceId) {
return c.body(null, 404)
}
const sessionManager = c.get("sessionManager")
// Validate source exists as a registered provider
const provider = sessionManager.getProvider(sourceId)
if (!provider) {
return c.json({ error: `Source "${sourceId}" not found` }, 404)
}
// Parse request body
let body: unknown
try {
body = await c.req.json()
} catch {
return c.json({ error: "Invalid JSON" }, 400)
}
const parsed = UpdateSourceConfigRequestBody(body)
if (parsed instanceof type.errors) {
return c.json({ error: parsed.summary }, 400)
}
if (!provider.configSchema && "config" in parsed) {
return c.json({ error: `Source "${sourceId}" does not accept config` }, 400)
}
const { enabled, config: newConfig } = parsed
const user = c.get("user")!
try {
await sessionManager.updateSourceConfig(user.id, sourceId, {
enabled,
config: newConfig,
})
} catch (err) {
if (err instanceof SourceNotFoundError) {
return c.json({ error: err.message }, 404)
}
if (err instanceof InvalidSourceConfigError) {
return c.json({ error: err.message }, 400)
}
throw err
}
return c.body(null, 204)
}
async function handleReplaceSource(c: Context<Env>) {
const sourceId = c.req.param("sourceId")
if (!sourceId) {
return c.body(null, 404)
}
const sessionManager = c.get("sessionManager")
const provider = sessionManager.getProvider(sourceId)
if (!provider) {
return c.json({ error: `Source "${sourceId}" not found` }, 404)
}
let body: unknown
try {
body = await c.req.json()
} catch {
return c.json({ error: "Invalid JSON" }, 400)
}
const schema = provider.configSchema
? ReplaceSourceConfigRequestBody
: ReplaceSourceConfigNoConfigRequestBody
const parsed = schema(body)
if (parsed instanceof type.errors) {
return c.json({ error: parsed.summary }, 400)
}
const { enabled, credentials } = parsed
const config = "config" in parsed ? parsed.config : undefined
const user = c.get("user")!
try {
await sessionManager.saveSourceConfig(user.id, sourceId, {
enabled,
config,
credentials,
})
} catch (err) {
if (err instanceof SourceNotFoundError) {
return c.json({ error: err.message }, 404)
}
if (err instanceof InvalidSourceConfigError) {
return c.json({ error: err.message }, 400)
}
if (err instanceof CredentialStorageUnavailableError) {
return c.json({ error: err.message }, 503)
}
throw err
}
return c.body(null, 204)
}
async function handleUpdateCredentials(c: Context<Env>) {
const sourceId = c.req.param("sourceId")
if (!sourceId) {
return c.body(null, 404)
}
const sessionManager = c.get("sessionManager")
const provider = sessionManager.getProvider(sourceId)
if (!provider) {
return c.json({ error: `Source "${sourceId}" not found` }, 404)
}
let body: unknown
try {
body = await c.req.json()
} catch {
return c.json({ error: "Invalid JSON" }, 400)
}
const user = c.get("user")!
try {
await sessionManager.updateSourceCredentials(user.id, sourceId, body)
} catch (err) {
if (err instanceof SourceNotFoundError) {
return c.json({ error: err.message }, 404)
}
if (err instanceof InvalidSourceCredentialsError) {
return c.json({ error: err.message }, 400)
}
if (err instanceof CredentialStorageUnavailableError) {
return c.json({ error: err.message }, 503)
}
throw err
}
return c.body(null, 204)
}

123
apps/freya-backend/src/sources/user-sources.ts Normal file
View File

@@ -0,0 +1,123 @@
import { and, eq } from "drizzle-orm"
import type { Database } from "../db/index.ts"
import { userSources } from "../db/schema.ts"
import { SourceNotFoundError } from "./errors.ts"
export function sources(db: Database, userId: string) {
return {
/** Returns all enabled sources for the user. */
async enabled() {
return db
.select()
.from(userSources)
.where(and(eq(userSources.userId, userId), eq(userSources.enabled, true)))
},
/** Returns a specific source by ID, or undefined. */
async find(sourceId: string) {
const rows = await db
.select()
.from(userSources)
.where(and(eq(userSources.userId, userId), eq(userSources.sourceId, sourceId)))
.limit(1)
return rows[0]
},
/** Like find(), but acquires a row lock to prevent concurrent modifications. Must be called inside a transaction. */
async findForUpdate(sourceId: string) {
const rows = await db
.select()
.from(userSources)
.where(and(eq(userSources.userId, userId), eq(userSources.sourceId, sourceId)))
.limit(1)
.for("update")
return rows[0]
},
/** Enables a source for the user. Throws if the source row doesn't exist. */
async enableSource(sourceId: string) {
const rows = await db
.update(userSources)
.set({ enabled: true, updatedAt: new Date() })
.where(and(eq(userSources.userId, userId), eq(userSources.sourceId, sourceId)))
.returning({ id: userSources.id })
if (rows.length === 0) {
throw new SourceNotFoundError(sourceId, userId)
}
},
/** Disables a source for the user. Throws if the source row doesn't exist. */
async disableSource(sourceId: string) {
const rows = await db
.update(userSources)
.set({ enabled: false, updatedAt: new Date() })
.where(and(eq(userSources.userId, userId), eq(userSources.sourceId, sourceId)))
.returning({ id: userSources.id })
if (rows.length === 0) {
throw new SourceNotFoundError(sourceId, userId)
}
},
/** Updates an existing user source row. Throws if the row doesn't exist. */
async updateConfig(sourceId: string, update: { enabled?: boolean; config?: unknown }) {
const set: Record<string, unknown> = { updatedAt: new Date() }
if (update.enabled !== undefined) {
set.enabled = update.enabled
}
if (update.config !== undefined) {
set.config = update.config
}
const rows = await db
.update(userSources)
.set(set)
.where(and(eq(userSources.userId, userId), eq(userSources.sourceId, sourceId)))
.returning({ id: userSources.id })
if (rows.length === 0) {
throw new SourceNotFoundError(sourceId, userId)
}
},
/** Inserts a new user source row or fully replaces enabled/config on an existing one. */
async upsertConfig(sourceId: string, data: { enabled: boolean; config: unknown }) {
const now = new Date()
await db
.insert(userSources)
.values({
userId,
sourceId,
enabled: data.enabled,
config: data.config,
createdAt: now,
updatedAt: now,
})
.onConflictDoUpdate({
target: [userSources.userId, userSources.sourceId],
set: {
enabled: data.enabled,
config: data.config,
updatedAt: now,
},
})
},
/** Updates the encrypted credentials for a source. Throws if the source row doesn't exist. */
async updateCredentials(sourceId: string, credentials: Buffer) {
const rows = await db
.update(userSources)
.set({ credentials, updatedAt: new Date() })
.where(and(eq(userSources.userId, userId), eq(userSources.sourceId, sourceId)))
.returning({ id: userSources.id })
if (rows.length === 0) {
throw new SourceNotFoundError(sourceId, userId)
}
},
}
}

42
apps/freya-backend/src/tfl/provider.ts Normal file
View File

@@ -0,0 +1,42 @@
import { TflSource, type ITflApi, type TflLineId } from "@freya/source-tfl"
import { type } from "arktype"
import type { FeedSourceProvider } from "../session/feed-source-provider.ts"
export type TflSourceProviderOptions =
| { apiKey: string; client?: never }
| { apiKey?: never; client: ITflApi }
export const tflConfig = type({
"+": "reject",
"lines?": "string[]",
})
export class TflSourceProvider implements FeedSourceProvider {
readonly sourceId = "freya.tfl"
readonly configSchema = tflConfig
private readonly apiKey: string | undefined
private readonly client: ITflApi | undefined
constructor(options: TflSourceProviderOptions) {
this.apiKey = "apiKey" in options ? options.apiKey : undefined
this.client = "client" in options ? options.client : undefined
}
async feedSourceForUser(
_userId: string,
config: unknown,
_credentials: unknown,
): Promise<TflSource> {
const parsed = tflConfig(config)
if (parsed instanceof type.errors) {
throw new Error(`Invalid TFL config: ${parsed.summary}`)
}
return new TflSource({
apiKey: this.apiKey,
client: this.client,
lines: parsed.lines as TflLineId[] | undefined,
})
}
}

47
apps/freya-backend/src/weather/provider.ts Normal file
View File

@@ -0,0 +1,47 @@
import { WeatherSource, type WeatherSourceOptions } from "@freya/source-weatherkit"
import { type } from "arktype"
import type { FeedSourceProvider } from "../session/feed-source-provider.ts"
export interface WeatherSourceProviderOptions {
credentials: WeatherSourceOptions["credentials"]
client?: WeatherSourceOptions["client"]
}
export const weatherConfig = type({
"+": "reject",
"units?": "'metric' | 'imperial'",
"hourlyLimit?": "number",
"dailyLimit?": "number",
})
export class WeatherSourceProvider implements FeedSourceProvider {
readonly sourceId = "freya.weather"
readonly configSchema = weatherConfig
private readonly credentials: WeatherSourceOptions["credentials"]
private readonly client: WeatherSourceOptions["client"]
constructor(options: WeatherSourceProviderOptions) {
this.credentials = options.credentials
this.client = options.client
}
async feedSourceForUser(
_userId: string,
config: unknown,
_credentials: unknown,
): Promise<WeatherSource> {
const parsed = weatherConfig(config)
if (parsed instanceof type.errors) {
throw new Error(`Invalid weather config: ${parsed.summary}`)
}
return new WeatherSource({
credentials: this.credentials,
client: this.client,
units: parsed.units,
hourlyLimit: parsed.hourlyLimit,
dailyLimit: parsed.dailyLimit,
})
}
}

4
apps/freya-backend/tsconfig.json Normal file
View File

@@ -0,0 +1,4 @@
{
"extends": "../../tsconfig.json",
"include": ["src"]
}