From 0763153865e2157e0d06c946993dd8b235b06c83 Mon Sep 17 00:00:00 2001 From: nsfisis Date: Wed, 3 Dec 2025 05:45:41 +0900 Subject: feat(auth): add refresh token endpoint MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Implement refresh token functionality for authentication: - Add refresh_tokens table to database schema with user reference - Generate migration for the new table - Login endpoint now returns both access token and refresh token - Add POST /api/auth/refresh endpoint with token rotation - Refresh tokens are hashed (SHA256) before storage for security - Tokens expire after 7 days, access tokens after 15 minutes - Update tests to cover new functionality 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- pkgs/shared/src/schemas/index.ts | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'pkgs/shared/src') diff --git a/pkgs/shared/src/schemas/index.ts b/pkgs/shared/src/schemas/index.ts index 28b5f55..05b926a 100644 --- a/pkgs/shared/src/schemas/index.ts +++ b/pkgs/shared/src/schemas/index.ts @@ -37,6 +37,11 @@ export const loginSchema = z.object({ password: z.string().min(1), }); +// Refresh token input schema +export const refreshTokenSchema = z.object({ + refreshToken: z.string().min(1), +}); + // Deck schema export const deckSchema = z.object({ id: z.string().uuid(), @@ -124,6 +129,7 @@ export const submitReviewSchema = z.object({ export type UserSchema = z.infer; export type CreateUserSchema = z.infer; export type LoginSchema = z.infer; +export type RefreshTokenSchema = z.infer; export type DeckSchema = z.infer; export type CreateDeckSchema = z.infer; export type UpdateDeckSchema = z.infer; -- cgit v1.2.3-70-g09d2