Add ability to replace a FeedSourceProvider at runtime and propagate
the new source to all active (and pending) user sessions, invalidating
their feed caches.
Co-authored-by: Ona <no-reply@ona.com>
* feat(backend): add admin plugin and create-admin script
Add Better Auth admin plugin for role-based user management.
Includes a CLI script to create admin accounts.
Co-authored-by: Ona <no-reply@ona.com>
* fix(backend): guard against missing BETTER_AUTH_SECRET
Co-authored-by: Ona <no-reply@ona.com>
---------
Co-authored-by: Ona <no-reply@ona.com>
* feat(backend): add DB persistence layer
Replace raw pg Pool with Drizzle ORM backed by Bun.sql.
Add per-user source configuration table (user_sources).
Migrate Better Auth to drizzle-adapter.
Add AES-256-GCM credential encryption.
Co-authored-by: Ona <no-reply@ona.com>
* fix(backend): set updatedAt explicitly in all mutations
onConflictDoUpdate bypasses Drizzle's $onUpdate hook.
Set updatedAt explicitly in all mutation methods.
Co-authored-by: Ona <no-reply@ona.com>
* fix(backend): add composite index on user_sources
Add (user_id, enabled) index for the enabled() query path.
Co-authored-by: Ona <no-reply@ona.com>
---------
Co-authored-by: Ona <no-reply@ona.com>
* feat(backend): make FeedSourceProvider async
Make feedSourceForUser and FeedSourceProviderFn return promises.
Use Promise.allSettled to tolerate partial provider failures.
Guard concurrent getOrCreate calls with in-flight promise dedup.
Return 503 from HTTP handlers when session creation fails.
Co-authored-by: Ona <no-reply@ona.com>
* fix(backend): handle remove() during in-flight session creation
Cancel pending getOrCreate when remove() is called mid-flight.
Destroy the resulting session to prevent it from leaking.
Co-authored-by: Ona <no-reply@ona.com>
---------
Co-authored-by: Ona <no-reply@ona.com>
Each FeedSource implementation now sets sourceId on items
it produces, allowing consumers to trace items back to
their originating source.
Co-authored-by: Ona <no-reply@ona.com>
* feat(backend): add GET /api/context endpoint
Query context values by key with exact/prefix match
support. Default mode tries exact first, falls back
to prefix.
Co-authored-by: Ona <no-reply@ona.com>
* fix(backend): validate context key element types
Reject booleans, nulls, and nested arrays in the key
param. Only string, number, and plain objects with
primitive values are accepted.
Co-authored-by: Ona <no-reply@ona.com>
---------
Co-authored-by: Ona <no-reply@ona.com>
Use mockAuthSessionMiddleware with a fully populated dev
user when NODE_ENV is not production. Auth handlers are
only registered in production.
Co-authored-by: Ona <no-reply@ona.com>
Rename all references across the codebase: package names,
imports, source IDs, directory names, docs, and configs.
Co-authored-by: Ona <no-reply@ona.com>
