diff options
| author | nsfisis <nsfisis@gmail.com> | 2025-12-03 05:45:41 +0900 |
|---|---|---|
| committer | nsfisis <nsfisis@gmail.com> | 2025-12-04 23:26:30 +0900 |
| commit | 0763153865e2157e0d06c946993dd8b235b06c83 (patch) | |
| tree | 8da68ed2e9c16bf121d59eae02e19b99f7f11fdc /pkgs/server/src/db | |
| parent | f44390286378860b535e37ad045cb374a07aff5c (diff) | |
| download | kioku-0763153865e2157e0d06c946993dd8b235b06c83.tar.gz kioku-0763153865e2157e0d06c946993dd8b235b06c83.tar.zst kioku-0763153865e2157e0d06c946993dd8b235b06c83.zip | |
feat(auth): add refresh token endpoint
Implement refresh token functionality for authentication:
- Add refresh_tokens table to database schema with user reference
- Generate migration for the new table
- Login endpoint now returns both access token and refresh token
- Add POST /api/auth/refresh endpoint with token rotation
- Refresh tokens are hashed (SHA256) before storage for security
- Tokens expire after 7 days, access tokens after 15 minutes
- Update tests to cover new functionality
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Diffstat (limited to 'pkgs/server/src/db')
| -rw-r--r-- | pkgs/server/src/db/schema.ts | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/pkgs/server/src/db/schema.ts b/pkgs/server/src/db/schema.ts index 23f19d1..4b9631f 100644 --- a/pkgs/server/src/db/schema.ts +++ b/pkgs/server/src/db/schema.ts @@ -37,6 +37,18 @@ export const users = pgTable("users", { .defaultNow(), }); +export const refreshTokens = pgTable("refresh_tokens", { + id: uuid("id").primaryKey().defaultRandom(), + userId: uuid("user_id") + .notNull() + .references(() => users.id, { onDelete: "cascade" }), + tokenHash: varchar("token_hash", { length: 255 }).notNull(), + expiresAt: timestamp("expires_at", { withTimezone: true }).notNull(), + createdAt: timestamp("created_at", { withTimezone: true }) + .notNull() + .defaultNow(), +}); + export const decks = pgTable("decks", { id: uuid("id").primaryKey().defaultRandom(), userId: uuid("user_id") |