Implement new JWT auth

2025-07-14 03:15:03 +02:00 · 2025-06-29 17:22:58 -05:00 · 2025-06-29 17:22:58 -05:00 · 4f5123e842
commit 4f5123e842
parent e384863148
21 changed files with 739 additions and 56 deletions
--- a/server/migrations/v2.26.0-create-sessions-table.js
+++ b/server/migrations/v2.26.0-create-sessions-table.js
@ -0,0 +1,153 @@
+/**
+ * @typedef MigrationContext
+ * @property {import('sequelize').QueryInterface} queryInterface - a suquelize QueryInterface object.
+ * @property {import('../Logger')} logger - a Logger object.
+ *
+ * @typedef MigrationOptions
+ * @property {MigrationContext} context - an object containing the migration context.
+ */
+
+const migrationVersion = '2.26.0'
+const migrationName = `${migrationVersion}-create-sessions-table`
+const loggerPrefix = `[${migrationVersion} migration]`
+
+/**
+ * This upward migration creates a sessions table and apiTokens table.
+ *
+ * @param {MigrationOptions} options - an object containing the migration context.
+ * @returns {Promise<void>} - A promise that resolves when the migration is complete.
+ */
+async function up({ context: { queryInterface, logger } }) {
+  // Upwards migration script
+  logger.info(`${loggerPrefix} UPGRADE BEGIN: ${migrationName}`)
+
+  // Check if table exists
+  if (await queryInterface.tableExists('sessions')) {
+    logger.info(`${loggerPrefix} table "sessions" already exists`)
+  } else {
+    // Create table
+    logger.info(`${loggerPrefix} creating table "sessions"`)
+    const DataTypes = queryInterface.sequelize.Sequelize.DataTypes
+    await queryInterface.createTable('sessions', {
+      id: {
+        type: DataTypes.UUID,
+        defaultValue: DataTypes.UUIDV4,
+        primaryKey: true
+      },
+      ipAddress: DataTypes.STRING,
+      userAgent: DataTypes.STRING,
+      refreshToken: {
+        type: DataTypes.STRING,
+        allowNull: false
+      },
+      expiresAt: {
+        type: DataTypes.DATE,
+        allowNull: false
+      },
+      createdAt: {
+        type: DataTypes.DATE,
+        allowNull: false
+      },
+      updatedAt: {
+        type: DataTypes.DATE,
+        allowNull: false
+      },
+      userId: {
+        type: DataTypes.UUID,
+        references: {
+          model: {
+            tableName: 'users'
+          },
+          key: 'id'
+        },
+        allowNull: false,
+        onDelete: 'CASCADE'
+      }
+    })
+    logger.info(`${loggerPrefix} created table "sessions"`)
+  }
+
+  // Check if table exists
+  if (await queryInterface.tableExists('apiTokens')) {
+    logger.info(`${loggerPrefix} table "apiTokens" already exists`)
+  } else {
+    // Create table
+    logger.info(`${loggerPrefix} creating table "apiTokens"`)
+    const DataTypes = queryInterface.sequelize.Sequelize.DataTypes
+    await queryInterface.createTable('apiTokens', {
+      id: {
+        type: DataTypes.UUID,
+        defaultValue: DataTypes.UUIDV4,
+        primaryKey: true
+      },
+      name: DataTypes.STRING,
+      tokenHash: {
+        type: DataTypes.STRING,
+        allowNull: false
+      },
+      expiresAt: DataTypes.DATE,
+      lastUsedAt: DataTypes.DATE,
+      isActive: {
+        type: DataTypes.BOOLEAN,
+        allowNull: false,
+        defaultValue: false
+      },
+      permissions: DataTypes.JSON,
+      createdAt: {
+        type: DataTypes.DATE,
+        allowNull: false
+      },
+      updatedAt: {
+        type: DataTypes.DATE,
+        allowNull: false
+      },
+      userId: {
+        type: DataTypes.UUID,
+        references: {
+          model: {
+            tableName: 'users'
+          },
+          key: 'id'
+        },
+        allowNull: false,
+        onDelete: 'CASCADE'
+      }
+    })
+    logger.info(`${loggerPrefix} created table "apiTokens"`)
+  }
+
+  logger.info(`${loggerPrefix} UPGRADE END: ${migrationName}`)
+}
+
+/**
+ * This downward migration script removes the sessions table and apiTokens table.
+ *
+ * @param {MigrationOptions} options - an object containing the migration context.
+ * @returns {Promise<void>} - A promise that resolves when the migration is complete.
+ */
+async function down({ context: { queryInterface, logger } }) {
+  // Downward migration script
+  logger.info(`${loggerPrefix} DOWNGRADE BEGIN: ${migrationName}`)
+
+  // Check if table exists
+  if (await queryInterface.tableExists('sessions')) {
+    logger.info(`${loggerPrefix} dropping table "sessions"`)
+    // Drop table
+    await queryInterface.dropTable('sessions')
+    logger.info(`${loggerPrefix} dropped table "sessions"`)
+  } else {
+    logger.info(`${loggerPrefix} table "sessions" does not exist`)
+  }
+
+  if (await queryInterface.tableExists('apiTokens')) {
+    logger.info(`${loggerPrefix} dropping table "apiTokens"`)
+    await queryInterface.dropTable('apiTokens')
+    logger.info(`${loggerPrefix} dropped table "apiTokens"`)
+  } else {
+    logger.info(`${loggerPrefix} table "apiTokens" does not exist`)
+  }
+
+  logger.info(`${loggerPrefix} DOWNGRADE END: ${migrationName}`)
+}
+
+module.exports = { up, down }