fix: squish passkeys

2025-11-16 17:51:49 +10:00 · 2024-03-17 14:20:20 +08:00
parent 5033799724
commit cb020cc7d0
26 changed files with 1686 additions and 29 deletions
--- a/packages/prisma/migrations/20240306060259_add_passkeys/migration.sql
+++ b/packages/prisma/migrations/20240306060259_add_passkeys/migration.sql
@ -0,0 +1,49 @@
+-- AlterEnum
+-- This migration adds more than one value to an enum.
+-- With PostgreSQL versions 11 and earlier, this is not possible
+-- in a single migration. This can be worked around by creating
+-- multiple migrations, each migration adding only one value to
+-- the enum.
+
+
+ALTER TYPE "UserSecurityAuditLogType" ADD VALUE 'PASSKEY_CREATED';
+ALTER TYPE "UserSecurityAuditLogType" ADD VALUE 'PASSKEY_DELETED';
+ALTER TYPE "UserSecurityAuditLogType" ADD VALUE 'PASSKEY_UPDATED';
+ALTER TYPE "UserSecurityAuditLogType" ADD VALUE 'SIGN_IN_PASSKEY_FAIL';
+
+-- CreateTable
+CREATE TABLE "Passkey" (
+    "id" TEXT NOT NULL,
+    "userId" INTEGER NOT NULL,
+    "name" TEXT NOT NULL,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "lastUsedAt" TIMESTAMP(3),
+    "credentialId" BYTEA NOT NULL,
+    "credentialPublicKey" BYTEA NOT NULL,
+    "counter" BIGINT NOT NULL,
+    "credentialDeviceType" TEXT NOT NULL,
+    "credentialBackedUp" BOOLEAN NOT NULL,
+    "transports" TEXT[],
+
+    CONSTRAINT "Passkey_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "AnonymousVerificationToken" (
+    "id" TEXT NOT NULL,
+    "token" TEXT NOT NULL,
+    "expiresAt" TIMESTAMP(3) NOT NULL,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "AnonymousVerificationToken_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "AnonymousVerificationToken_id_key" ON "AnonymousVerificationToken"("id");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "AnonymousVerificationToken_token_key" ON "AnonymousVerificationToken"("token");
+
+-- AddForeignKey
+ALTER TABLE "Passkey" ADD CONSTRAINT "Passkey_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User"("id") ON DELETE CASCADE ON UPDATE CASCADE;
--- a/packages/prisma/schema.prisma
+++ b/packages/prisma/schema.prisma
@ -52,6 +52,7 @@ model User {
  securityAuditLogs UserSecurityAuditLog[]
  Webhooks          Webhook[]
  siteSettings      SiteSettings[]
+  passkeys          Passkey[]

  @@index([email])
 }
@ -68,12 +69,16 @@ enum UserSecurityAuditLogType {
  ACCOUNT_SSO_LINK
  AUTH_2FA_DISABLE
  AUTH_2FA_ENABLE
+  PASSKEY_CREATED
+  PASSKEY_DELETED
+  PASSKEY_UPDATED
  PASSWORD_RESET
  PASSWORD_UPDATE
  SIGN_OUT
  SIGN_IN
  SIGN_IN_FAIL
  SIGN_IN_2FA_FAIL
+  SIGN_IN_PASSKEY_FAIL
 }

 model UserSecurityAuditLog {
@ -96,6 +101,30 @@ model PasswordResetToken {
  User      User     @relation(fields: [userId], references: [id])
 }

+model Passkey {
+  id                   String    @id @default(cuid())
+  userId               Int
+  name                 String
+  createdAt            DateTime  @default(now())
+  updatedAt            DateTime  @default(now())
+  lastUsedAt           DateTime?
+  credentialId         Bytes
+  credentialPublicKey  Bytes
+  counter              BigInt
+  credentialDeviceType String
+  credentialBackedUp   Boolean
+  transports           String[]
+
+  User User @relation(fields: [userId], references: [id], onDelete: Cascade)
+}
+
+model AnonymousVerificationToken {
+  id        String   @id @unique @default(cuid())
+  token     String   @unique
+  expiresAt DateTime
+  createdAt DateTime @default(now())
+}
+
 model VerificationToken {
  id         Int      @id @default(autoincrement())
  identifier String