🏗️ refactor: Extract DB layers to data-schemas for shared use (#7650)

* refactor: move model definitions and database-related methods to packages/data-schemas * ci: update tests due to new DB structure fix: disable mocking `librechat-data-provider` feat: Add schema exports to data-schemas package - Introduced a new schema module that exports various schemas including action, agent, and user schemas. - Updated index.ts to include the new schema exports for better modularity and organization. ci: fix appleStrategy tests fix: Agent.spec.js ci: refactor handleTools tests to use MongoMemoryServer for in-memory database fix: getLogStores imports ci: update banViolation tests to use MongoMemoryServer and improve session mocking test: refactor samlStrategy tests to improve mock configurations and user handling ci: fix crypto mock in handleText tests for improved accuracy ci: refactor spendTokens tests to improve model imports and setup ci: refactor Message model tests to use MongoMemoryServer and improve database interactions * refactor: streamline IMessage interface and move feedback properties to types/message.ts * refactor: use exported initializeRoles from `data-schemas`, remove api workspace version (this serves as an example of future migrations that still need to happen) * refactor: update model imports to use destructuring from `~/db/models` for consistency and clarity * refactor: remove unused mongoose imports from model files for cleaner code * refactor: remove unused mongoose imports from Share, Prompt, and Transaction model files for cleaner code * refactor: remove unused import in Transaction model for cleaner code * ci: update deploy workflow to reference new Docker Dev Branch Images Build and add new workflow for building Docker images on dev branch * chore: cleanup imports
2025-12-21 10:50:14 +01:00 · 2025-05-30 22:18:13 -04:00 · 2025-05-30 22:18:13 -04:00 · a2fc7d312a
commit a2fc7d312a
parent 4cbab86b45
161 changed files with 2998 additions and 2088 deletions
--- a/packages/data-schemas/src/methods/index.ts
+++ b/packages/data-schemas/src/methods/index.ts
@ -0,0 +1,18 @@
+import { createUserMethods, type UserMethods } from './user';
+import { createSessionMethods, type SessionMethods } from './session';
+import { createTokenMethods, type TokenMethods } from './token';
+import { createRoleMethods, type RoleMethods } from './role';
+
+/**
+ * Creates all database methods for all collections
+ */
+export function createMethods(mongoose: typeof import('mongoose')) {
+  return {
+    ...createUserMethods(mongoose),
+    ...createSessionMethods(mongoose),
+    ...createTokenMethods(mongoose),
+    ...createRoleMethods(mongoose),
+  };
+}
+
+export type AllMethods = UserMethods & SessionMethods & TokenMethods & RoleMethods;
--- a/packages/data-schemas/src/methods/role.ts
+++ b/packages/data-schemas/src/methods/role.ts
@ -0,0 +1,50 @@
+import { roleDefaults, SystemRoles } from 'librechat-data-provider';
+
+// Factory function that takes mongoose instance and returns the methods
+export function createRoleMethods(mongoose: typeof import('mongoose')) {
+  /**
+   * Initialize default roles in the system.
+   * Creates the default roles (ADMIN, USER) if they don't exist in the database.
+   * Updates existing roles with new permission types if they're missing.
+   */
+  async function initializeRoles() {
+    const Role = mongoose.models.Role;
+
+    for (const roleName of [SystemRoles.ADMIN, SystemRoles.USER]) {
+      let role = await Role.findOne({ name: roleName });
+      const defaultPerms = roleDefaults[roleName].permissions;
+
+      if (!role) {
+        // Create new role if it doesn't exist.
+        role = new Role(roleDefaults[roleName]);
+      } else {
+        // Ensure role.permissions is defined.
+        role.permissions = role.permissions || {};
+        // For each permission type in defaults, add it if missing.
+        for (const permType of Object.keys(defaultPerms)) {
+          if (role.permissions[permType] == null) {
+            role.permissions[permType] = defaultPerms[permType as keyof typeof defaultPerms];
+          }
+        }
+      }
+      await role.save();
+    }
+  }
+
+  /**
+   * List all roles in the system (for testing purposes)
+   * Returns an array of all roles with their names and permissions
+   */
+  async function listRoles() {
+    const Role = mongoose.models.Role;
+    return await Role.find({}).select('name permissions').lean();
+  }
+
+  // Return all methods you want to expose
+  return {
+    listRoles,
+    initializeRoles,
+  };
+}
+
+export type RoleMethods = ReturnType<typeof createRoleMethods>;
--- a/packages/data-schemas/src/methods/session.ts
+++ b/packages/data-schemas/src/methods/session.ts
@ -0,0 +1,264 @@
+import type * as t from '~/types/session';
+import { signPayload, hashToken } from '~/crypto';
+import logger from '~/config/winston';
+
+export class SessionError extends Error {
+  public code: string;
+
+  constructor(message: string, code: string = 'SESSION_ERROR') {
+    super(message);
+    this.name = 'SessionError';
+    this.code = code;
+  }
+}
+
+const { REFRESH_TOKEN_EXPIRY } = process.env ?? {};
+const expires = eval(REFRESH_TOKEN_EXPIRY ?? '0') ?? 1000 * 60 * 60 * 24 * 7; // 7 days default
+
+// Factory function that takes mongoose instance and returns the methods
+export function createSessionMethods(mongoose: typeof import('mongoose')) {
+  const Session = mongoose.models.Session;
+
+  /**
+   * Creates a new session for a user
+   */
+  async function createSession(
+    userId: string,
+    options: t.CreateSessionOptions = {},
+  ): Promise<t.SessionResult> {
+    if (!userId) {
+      throw new SessionError('User ID is required', 'INVALID_USER_ID');
+    }
+
+    try {
+      const session = new Session({
+        user: userId,
+        expiration: options.expiration || new Date(Date.now() + expires),
+      });
+      const refreshToken = await generateRefreshToken(session);
+
+      return { session, refreshToken };
+    } catch (error) {
+      logger.error('[createSession] Error creating session:', error);
+      throw new SessionError('Failed to create session', 'CREATE_SESSION_FAILED');
+    }
+  }
+
+  /**
+   * Finds a session by various parameters
+   */
+  async function findSession(
+    params: t.SessionSearchParams,
+    options: t.SessionQueryOptions = { lean: true },
+  ): Promise<t.ISession | null> {
+    try {
+      const query: Record<string, unknown> = {};
+
+      if (!params.refreshToken && !params.userId && !params.sessionId) {
+        throw new SessionError(
+          'At least one search parameter is required',
+          'INVALID_SEARCH_PARAMS',
+        );
+      }
+
+      if (params.refreshToken) {
+        const tokenHash = await hashToken(params.refreshToken);
+        query.refreshTokenHash = tokenHash;
+      }
+
+      if (params.userId) {
+        query.user = params.userId;
+      }
+
+      if (params.sessionId) {
+        const sessionId =
+          typeof params.sessionId === 'object' &&
+          params.sessionId !== null &&
+          'sessionId' in params.sessionId
+            ? (params.sessionId as { sessionId: string }).sessionId
+            : (params.sessionId as string);
+        if (!mongoose.Types.ObjectId.isValid(sessionId)) {
+          throw new SessionError('Invalid session ID format', 'INVALID_SESSION_ID');
+        }
+        query._id = sessionId;
+      }
+
+      // Add expiration check to only return valid sessions
+      query.expiration = { $gt: new Date() };
+
+      const sessionQuery = Session.findOne(query);
+
+      if (options.lean) {
+        return (await sessionQuery.lean()) as t.ISession | null;
+      }
+
+      return await sessionQuery.exec();
+    } catch (error) {
+      logger.error('[findSession] Error finding session:', error);
+      throw new SessionError('Failed to find session', 'FIND_SESSION_FAILED');
+    }
+  }
+
+  /**
+   * Updates session expiration
+   */
+  async function updateExpiration(
+    session: t.ISession | string,
+    newExpiration?: Date,
+  ): Promise<t.ISession> {
+    try {
+      const sessionDoc = typeof session === 'string' ? await Session.findById(session) : session;
+
+      if (!sessionDoc) {
+        throw new SessionError('Session not found', 'SESSION_NOT_FOUND');
+      }
+
+      sessionDoc.expiration = newExpiration || new Date(Date.now() + expires);
+      return await sessionDoc.save();
+    } catch (error) {
+      logger.error('[updateExpiration] Error updating session:', error);
+      throw new SessionError('Failed to update session expiration', 'UPDATE_EXPIRATION_FAILED');
+    }
+  }
+
+  /**
+   * Deletes a session by refresh token or session ID
+   */
+  async function deleteSession(params: t.DeleteSessionParams): Promise<{ deletedCount?: number }> {
+    try {
+      if (!params.refreshToken && !params.sessionId) {
+        throw new SessionError(
+          'Either refreshToken or sessionId is required',
+          'INVALID_DELETE_PARAMS',
+        );
+      }
+
+      const query: Record<string, unknown> = {};
+
+      if (params.refreshToken) {
+        query.refreshTokenHash = await hashToken(params.refreshToken);
+      }
+
+      if (params.sessionId) {
+        query._id = params.sessionId;
+      }
+
+      const result = await Session.deleteOne(query);
+
+      if (result.deletedCount === 0) {
+        logger.warn('[deleteSession] No session found to delete');
+      }
+
+      return result;
+    } catch (error) {
+      logger.error('[deleteSession] Error deleting session:', error);
+      throw new SessionError('Failed to delete session', 'DELETE_SESSION_FAILED');
+    }
+  }
+
+  /**
+   * Deletes all sessions for a user
+   */
+  async function deleteAllUserSessions(
+    userId: string | { userId: string },
+    options: t.DeleteAllSessionsOptions = {},
+  ): Promise<{ deletedCount?: number }> {
+    try {
+      if (!userId) {
+        throw new SessionError('User ID is required', 'INVALID_USER_ID');
+      }
+
+      const userIdString =
+        typeof userId === 'object' && userId !== null ? userId.userId : (userId as string);
+
+      if (!mongoose.Types.ObjectId.isValid(userIdString)) {
+        throw new SessionError('Invalid user ID format', 'INVALID_USER_ID_FORMAT');
+      }
+
+      const query: Record<string, unknown> = { user: userIdString };
+
+      if (options.excludeCurrentSession && options.currentSessionId) {
+        query._id = { $ne: options.currentSessionId };
+      }
+
+      const result = await Session.deleteMany(query);
+
+      if (result.deletedCount && result.deletedCount > 0) {
+        logger.debug(
+          `[deleteAllUserSessions] Deleted ${result.deletedCount} sessions for user ${userIdString}.`,
+        );
+      }
+
+      return result;
+    } catch (error) {
+      logger.error('[deleteAllUserSessions] Error deleting user sessions:', error);
+      throw new SessionError('Failed to delete user sessions', 'DELETE_ALL_SESSIONS_FAILED');
+    }
+  }
+
+  /**
+   * Generates a refresh token for a session
+   */
+  async function generateRefreshToken(session: t.ISession): Promise<string> {
+    if (!session || !session.user) {
+      throw new SessionError('Invalid session object', 'INVALID_SESSION');
+    }
+
+    try {
+      const expiresIn = session.expiration ? session.expiration.getTime() : Date.now() + expires;
+
+      if (!session.expiration) {
+        session.expiration = new Date(expiresIn);
+      }
+
+      const refreshToken = await signPayload({
+        payload: {
+          id: session.user,
+          sessionId: session._id,
+        },
+        secret: process.env.JWT_REFRESH_SECRET!,
+        expirationTime: Math.floor((expiresIn - Date.now()) / 1000),
+      });
+
+      session.refreshTokenHash = await hashToken(refreshToken);
+      await session.save();
+
+      return refreshToken;
+    } catch (error) {
+      logger.error('[generateRefreshToken] Error generating refresh token:', error);
+      throw new SessionError('Failed to generate refresh token', 'GENERATE_TOKEN_FAILED');
+    }
+  }
+
+  /**
+   * Counts active sessions for a user
+   */
+  async function countActiveSessions(userId: string): Promise<number> {
+    try {
+      if (!userId) {
+        throw new SessionError('User ID is required', 'INVALID_USER_ID');
+      }
+
+      return await Session.countDocuments({
+        user: userId,
+        expiration: { $gt: new Date() },
+      });
+    } catch (error) {
+      logger.error('[countActiveSessions] Error counting active sessions:', error);
+      throw new SessionError('Failed to count active sessions', 'COUNT_SESSIONS_FAILED');
+    }
+  }
+
+  return {
+    findSession,
+    SessionError,
+    deleteSession,
+    createSession,
+    updateExpiration,
+    countActiveSessions,
+    generateRefreshToken,
+    deleteAllUserSessions,
+  };
+}
+
+export type SessionMethods = ReturnType<typeof createSessionMethods>;
--- a/packages/data-schemas/src/methods/token.ts
+++ b/packages/data-schemas/src/methods/token.ts
@ -0,0 +1,105 @@
+import { IToken, TokenCreateData, TokenQuery, TokenUpdateData, TokenDeleteResult } from '~/types';
+import logger from '~/config/winston';
+
+// Factory function that takes mongoose instance and returns the methods
+export function createTokenMethods(mongoose: typeof import('mongoose')) {
+  /**
+   * Creates a new Token instance.
+   */
+  async function createToken(tokenData: TokenCreateData): Promise<IToken> {
+    try {
+      const Token = mongoose.models.Token;
+      const currentTime = new Date();
+      const expiresAt = new Date(currentTime.getTime() + tokenData.expiresIn * 1000);
+
+      const newTokenData = {
+        ...tokenData,
+        createdAt: currentTime,
+        expiresAt,
+      };
+
+      return await Token.create(newTokenData);
+    } catch (error) {
+      logger.debug('An error occurred while creating token:', error);
+      throw error;
+    }
+  }
+
+  /**
+   * Updates a Token document that matches the provided query.
+   */
+  async function updateToken(
+    query: TokenQuery,
+    updateData: TokenUpdateData,
+  ): Promise<IToken | null> {
+    try {
+      const Token = mongoose.models.Token;
+      return await Token.findOneAndUpdate(query, updateData, { new: true });
+    } catch (error) {
+      logger.debug('An error occurred while updating token:', error);
+      throw error;
+    }
+  }
+
+  /**
+   * Deletes all Token documents that match the provided token, user ID, or email.
+   */
+  async function deleteTokens(query: TokenQuery): Promise<TokenDeleteResult> {
+    try {
+      const Token = mongoose.models.Token;
+      return await Token.deleteMany({
+        $or: [
+          { userId: query.userId },
+          { token: query.token },
+          { email: query.email },
+          { identifier: query.identifier },
+        ],
+      });
+    } catch (error) {
+      logger.debug('An error occurred while deleting tokens:', error);
+      throw error;
+    }
+  }
+
+  /**
+   * Finds a Token document that matches the provided query.
+   */
+  async function findToken(query: TokenQuery): Promise<IToken | null> {
+    try {
+      const Token = mongoose.models.Token;
+      const conditions = [];
+
+      if (query.userId) {
+        conditions.push({ userId: query.userId });
+      }
+      if (query.token) {
+        conditions.push({ token: query.token });
+      }
+      if (query.email) {
+        conditions.push({ email: query.email });
+      }
+      if (query.identifier) {
+        conditions.push({ identifier: query.identifier });
+      }
+
+      const token = await Token.findOne({
+        $and: conditions,
+      }).lean();
+
+      return token as IToken | null;
+    } catch (error) {
+      logger.debug('An error occurred while finding token:', error);
+      throw error;
+    }
+  }
+
+  // Return all methods
+  return {
+    findToken,
+    createToken,
+    updateToken,
+    deleteTokens,
+  };
+}
+
+export type TokenMethods = ReturnType<typeof createTokenMethods>;
--- a/packages/data-schemas/src/methods/user.ts
+++ b/packages/data-schemas/src/methods/user.ts
@ -0,0 +1,174 @@
+import mongoose, { FilterQuery } from 'mongoose';
+import type { IUser, BalanceConfig, UserCreateData, UserUpdateResult } from '~/types';
+import { signPayload } from '~/crypto';
+
+/** Factory function that takes mongoose instance and returns the methods */
+export function createUserMethods(mongoose: typeof import('mongoose')) {
+  /**
+   * Search for a single user based on partial data and return matching user document as plain object.
+   */
+  async function findUser(
+    searchCriteria: FilterQuery<IUser>,
+    fieldsToSelect?: string | string[] | null,
+  ): Promise<IUser | null> {
+    const User = mongoose.models.User;
+    const query = User.findOne(searchCriteria);
+    if (fieldsToSelect) {
+      query.select(fieldsToSelect);
+    }
+    return (await query.lean()) as IUser | null;
+  }
+
+  /**
+   * Count the number of user documents in the collection based on the provided filter.
+   */
+  async function countUsers(filter: FilterQuery<IUser> = {}): Promise<number> {
+    const User = mongoose.models.User;
+    return await User.countDocuments(filter);
+  }
+
+  /**
+   * Creates a new user, optionally with a TTL of 1 week.
+   */
+  async function createUser(
+    data: UserCreateData,
+    balanceConfig?: BalanceConfig,
+    disableTTL: boolean = true,
+    returnUser: boolean = false,
+  ): Promise<mongoose.Types.ObjectId | Partial<IUser>> {
+    const User = mongoose.models.User;
+    const Balance = mongoose.models.Balance;
+
+    const userData: Partial<IUser> = {
+      ...data,
+      expiresAt: disableTTL ? undefined : new Date(Date.now() + 604800 * 1000), // 1 week in milliseconds
+    };
+
+    if (disableTTL) {
+      delete userData.expiresAt;
+    }
+
+    const user = await User.create(userData);
+
+    // If balance is enabled, create or update a balance record for the user
+    if (balanceConfig?.enabled && balanceConfig?.startBalance) {
+      const update: {
+        $inc: { tokenCredits: number };
+        $set?: {
+          autoRefillEnabled: boolean;
+          refillIntervalValue: number;
+          refillIntervalUnit: string;
+          refillAmount: number;
+        };
+      } = {
+        $inc: { tokenCredits: balanceConfig.startBalance },
+      };
+
+      if (
+        balanceConfig.autoRefillEnabled &&
+        balanceConfig.refillIntervalValue != null &&
+        balanceConfig.refillIntervalUnit != null &&
+        balanceConfig.refillAmount != null
+      ) {
+        update.$set = {
+          autoRefillEnabled: true,
+          refillIntervalValue: balanceConfig.refillIntervalValue,
+          refillIntervalUnit: balanceConfig.refillIntervalUnit,
+          refillAmount: balanceConfig.refillAmount,
+        };
+      }
+
+      await Balance.findOneAndUpdate({ user: user._id }, update, {
+        upsert: true,
+        new: true,
+      }).lean();
+    }
+
+    if (returnUser) {
+      return user.toObject() as Partial<IUser>;
+    }
+    return user._id as mongoose.Types.ObjectId;
+  }
+
+  /**
+   * Update a user with new data without overwriting existing properties.
+   */
+  async function updateUser(userId: string, updateData: Partial<IUser>): Promise<IUser | null> {
+    const User = mongoose.models.User;
+    const updateOperation = {
+      $set: updateData,
+      $unset: { expiresAt: '' }, // Remove the expiresAt field to prevent TTL
+    };
+    return (await User.findByIdAndUpdate(userId, updateOperation, {
+      new: true,
+      runValidators: true,
+    }).lean()) as IUser | null;
+  }
+
+  /**
+   * Retrieve a user by ID and convert the found user document to a plain object.
+   */
+  async function getUserById(
+    userId: string,
+    fieldsToSelect?: string | string[] | null,
+  ): Promise<IUser | null> {
+    const User = mongoose.models.User;
+    const query = User.findById(userId);
+    if (fieldsToSelect) {
+      query.select(fieldsToSelect);
+    }
+    return (await query.lean()) as IUser | null;
+  }
+
+  /**
+   * Delete a user by their unique ID.
+   */
+  async function deleteUserById(userId: string): Promise<UserUpdateResult> {
+    try {
+      const User = mongoose.models.User;
+      const result = await User.deleteOne({ _id: userId });
+      if (result.deletedCount === 0) {
+        return { deletedCount: 0, message: 'No user found with that ID.' };
+      }
+      return { deletedCount: result.deletedCount, message: 'User was deleted successfully.' };
+    } catch (error: unknown) {
+      const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+      throw new Error('Error deleting user: ' + errorMessage);
+    }
+  }
+
+  /**
+   * Generates a JWT token for a given user.
+   */
+  async function generateToken(user: IUser): Promise<string> {
+    if (!user) {
+      throw new Error('No user provided');
+    }
+
+    const expires = eval(process.env.SESSION_EXPIRY ?? '0') ?? 1000 * 60 * 15;
+
+    return await signPayload({
+      payload: {
+        id: user._id,
+        username: user.username,
+        provider: user.provider,
+        email: user.email,
+      },
+      secret: process.env.JWT_SECRET,
+      expirationTime: expires / 1000,
+    });
+  }
+
+  // Return all methods
+  return {
+    findUser,
+    countUsers,
+    createUser,
+    updateUser,
+    getUserById,
+    deleteUserById,
+    generateToken,
+  };
+}
+
+export type UserMethods = ReturnType<typeof createUserMethods>;