feat: add argon2, jsonwebtoken, and update uuid dependencies

use ref of transaction
Add debug and BadRequest error
2025-12-07 21:35:50 +08:00 · 2025-12-07 21:35:10 +08:00 · 2025-12-07 21:33:01 +08:00 · 2025-12-07 19:09:37 +08:00 · 2025-12-07 19:08:22 +08:00 · 2025-12-07 14:40:11 +08:00
18 changed files with 448 additions and 42 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -93,6 +93,18 @@ dependencies = [
 "windows-sys 0.60.2",
 ]

+[[package]]
+name = "argon2"
+version = "0.5.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3c3610892ee6e0cbce8ae2700349fcf8f98adb0dbfbee85aec3c9179d29cc072"
+dependencies = [
+ "base64ct",
+ "blake2",
+ "cpufeatures",
+ "password-hash",
+]
+
 [[package]]
 name = "arraydeque"
 version = "0.5.1"
@@ -282,6 +294,15 @@ dependencies = [
 "wyz",
 ]

+[[package]]
+name = "blake2"
+version = "0.10.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "46502ad458c9a52b69d4d4d32775c788b7a1b85e8bc9d482d92250fc0e3f8efe"
+dependencies = [
+ "digest",
+]
+
 [[package]]
 name = "block-buffer"
 version = "0.10.4"
@@ -1612,6 +1633,22 @@ dependencies = [
 "serde",
 ]

+[[package]]
+name = "jsonwebtoken"
+version = "10.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c76e1c7d7df3e34443b3621b459b066a7b79644f059fc8b2db7070c825fd417e"
+dependencies = [
+ "base64 0.22.1",
+ "getrandom 0.2.16",
+ "js-sys",
+ "pem",
+ "serde",
+ "serde_json",
+ "signature",
+ "simple_asn1",
+]
+
 [[package]]
 name = "lazy_static"
 version = "1.5.0"
@@ -1797,7 +1834,7 @@ dependencies = [
 "num-integer",
 "num-iter",
 "num-traits",
- "rand",
+ "rand 0.8.5",
 "smallvec",
 "zeroize",
 ]
@@ -1991,6 +2028,17 @@ dependencies = [
 "syn 2.0.110",
 ]

+[[package]]
+name = "password-hash"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "346f04948ba92c43e8469c1ee6736c7563d71012b17d40745260fe106aac2166"
+dependencies = [
+ "base64ct",
+ "rand_core 0.6.4",
+ "subtle",
+]
+
 [[package]]
 name = "path-clean"
 version = "1.0.1"
@@ -2003,6 +2051,16 @@ version = "0.2.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "df94ce210e5bc13cb6651479fa48d14f601d9858cfe0467f43ae157023b938d3"

+[[package]]
+name = "pem"
+version = "3.0.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1d30c53c26bc5b31a98cd02d20f25a7c8567146caf63ed593a9d87b2775291be"
+dependencies = [
+ "base64 0.22.1",
+ "serde_core",
+]
+
 [[package]]
 name = "pem-rfc7468"
 version = "0.7.0"
@@ -2254,8 +2312,18 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
 dependencies = [
 "libc",
- "rand_chacha",
- "rand_core",
+ "rand_chacha 0.3.1",
+ "rand_core 0.6.4",
+]
+
+[[package]]
+name = "rand"
+version = "0.9.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6db2770f06117d490610c7488547d543617b21bfa07796d7a12f6f1bd53850d1"
+dependencies = [
+ "rand_chacha 0.9.0",
+ "rand_core 0.9.3",
 ]

 [[package]]
@@ -2265,7 +2333,17 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88"
 dependencies = [
 "ppv-lite86",
- "rand_core",
+ "rand_core 0.6.4",
+]
+
+[[package]]
+name = "rand_chacha"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d3022b5f1df60f26e1ffddd6c66e8aa15de382ae63b3a0c1bfc0e4d3e3f325cb"
+dependencies = [
+ "ppv-lite86",
+ "rand_core 0.9.3",
 ]

 [[package]]
@@ -2277,6 +2355,15 @@ dependencies = [
 "getrandom 0.2.16",
 ]

+[[package]]
+name = "rand_core"
+version = "0.9.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "99d9a13982dcf210057a8a78572b2217b667c3beacbf3a0d8b454f6f82837d38"
+dependencies = [
+ "getrandom 0.3.4",
+]
+
 [[package]]
 name = "redox_syscall"
 version = "0.3.5"
@@ -2423,7 +2510,7 @@ dependencies = [
 "num-traits",
 "pkcs1",
 "pkcs8",
- "rand_core",
+ "rand_core 0.6.4",
 "signature",
 "spki",
 "subtle",
@@ -2450,7 +2537,7 @@ dependencies = [
 "borsh",
 "bytes",
 "num-traits",
- "rand",
+ "rand 0.8.5",
 "rkyv",
 "serde",
 "serde_json",
@@ -2987,7 +3074,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de"
 dependencies = [
 "digest",
- "rand_core",
+ "rand_core 0.6.4",
 ]

 [[package]]
@@ -2996,6 +3083,18 @@ version = "0.1.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e3a9fe34e3e7a50316060351f37187a3f546bce95496156754b601a5fa71b76e"

+[[package]]
+name = "simple_asn1"
+version = "0.6.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "297f631f50729c8c99b84667867963997ec0b50f32b2a7dbcab828ef0541e8bb"
+dependencies = [
+ "num-bigint",
+ "num-traits",
+ "thiserror",
+ "time",
+]
+
 [[package]]
 name = "slab"
 version = "0.4.11"
@@ -3164,7 +3263,7 @@ dependencies = [
 "memchr",
 "once_cell",
 "percent-encoding",
- "rand",
+ "rand 0.8.5",
 "rsa",
 "rust_decimal",
 "serde",
@@ -3208,7 +3307,7 @@ dependencies = [
 "memchr",
 "num-bigint",
 "once_cell",
- "rand",
+ "rand 0.8.5",
 "rust_decimal",
 "serde",
 "serde_json",
@@ -3847,12 +3946,14 @@ dependencies = [

 [[package]]
 name = "uuid"
-version = "1.18.1"
+version = "1.19.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2f87b8aa10b915a06587d0dec516c282ff295b475d94abf425d62b57710070a2"
+checksum = "e2e054861b4bd027cd373e18e8d8d8e6548085000e41290d95ce0c373a654b4a"
 dependencies = [
+ "getrandom 0.3.4",
 "js-sys",
- "serde",
+ "rand 0.9.2",
+ "serde_core",
 "wasm-bindgen",
 ]

@@ -4350,6 +4451,7 @@ checksum = "cfe53a6657fd280eaa890a3bc59152892ffa3e30101319d168b781ed6529b049"
 name = "yet-another-nginx-proxy-manager"
 version = "0.1.0"
 dependencies = [
+ "argon2",
 "async-trait",
 "axum",
 "chrono",
@@ -4357,6 +4459,7 @@ dependencies = [
 "config",
 "database",
 "include_dir",
+ "jsonwebtoken",
 "migration",
 "mime_guess",
 "once_cell",
@@ -4368,6 +4471,7 @@ dependencies = [
 "tracing",
 "tracing-subscriber",
 "utoipa",
+ "uuid",
 ]

 [[package]]
--- a/apps/api/Cargo.toml
+++ b/apps/api/Cargo.toml
@@ -23,3 +23,6 @@ mime_guess = { version = "2.0.5" }
 utoipa = { version = "5.4.0", features = ["macros", "axum_extras", "chrono", "decimal", "uuid", "time", "openapi_extensions"] }
 clap = { version = "4.5.53" }
 once_cell = { version = "1.21.3" }
+argon2 = { version = "0.5.3", features = ["std"] }
+jsonwebtoken = { version = "10.2.0" }
+uuid = { version = "1.19.0", features = ["v4", "serde", "fast-rng"] }
--- a/apps/api/src/errors/service_error.rs
+++ b/apps/api/src/errors/service_error.rs
@@ -1,15 +1,25 @@
-pub type ServiceError = Box<dyn std::error::Error + Send + Sync>;
+use sea_orm::DbErr;

-#[allow(dead_code)] // TODO: remove when used
-pub trait IntoServiceError {
-    fn into_service_error(self) -> ServiceError;
+#[derive(Debug)]
+pub enum ServiceError {
+    NotFound(String),
+    DatabaseError(String),
+    Unauthorized(String),
+    InternalError(String),
+    BadRequest(String),
 }

-impl<T> IntoServiceError for T
-where
-    T: std::error::Error + Send + Sync + 'static,
-{
-    fn into_service_error(self) -> ServiceError {
-        Box::new(self)
+impl From<Box<dyn std::error::Error + Send + Sync + 'static>> for ServiceError {
+    fn from(err: Box<dyn std::error::Error + Send + Sync + 'static>) -> Self {
+        ServiceError::InternalError(err.to_string())
+    }
+}
+
+impl From<DbErr> for ServiceError {
+    fn from(err: DbErr) -> Self {
+        match err {
+            DbErr::RecordNotFound(msg) => ServiceError::NotFound(msg),
+            _ => ServiceError::DatabaseError(err.to_string()),
+        }
    }
 }
--- a/apps/api/src/helpers.rs
+++ b/apps/api/src/helpers.rs
@@ -0,0 +1 @@
+pub mod database;
--- a/apps/api/src/helpers/database.rs
+++ b/apps/api/src/helpers/database.rs
@@ -0,0 +1,13 @@
+#[macro_export]
+macro_rules! with_conn {
+    // Usage: with_conn!(&connection, tx_option, ident, |conn|-> { ... })
+    ($conn:expr, $tx:expr, $ident:ident, $body:block) => {{
+        if let Some(t) = &$tx {
+            let $ident = t;
+            $body
+        } else {
+            let $ident = &$conn;
+            $body
+        }
+    }};
+}
--- a/apps/api/src/main.rs
+++ b/apps/api/src/main.rs
@@ -1,6 +1,7 @@
 mod cmd;
 mod configs;
 mod errors;
+mod helpers;
 mod log;
 mod middlewares;
 mod routes;
--- a/apps/api/src/services/settings.rs
+++ b/apps/api/src/services/settings.rs
@@ -7,7 +7,7 @@ use sea_orm::{
    IntoActiveModel, QueryFilter,
 };

-use crate::errors::service_error::{IntoServiceError, ServiceError};
+use crate::errors::service_error::ServiceError;

 #[async_trait::async_trait]
 pub trait SettingsStore: Send + Sync {
@@ -37,11 +37,11 @@ impl SettingsStore for SettingsService {
            .await;

        match setting {
-            Err(err) => Err(err.into_service_error()),
-            Ok(None) => Err(
-                DbErr::RecordNotFound(format!("Setting with key '{}' not found", key))
-                    .into_service_error(),
-            ),
+            Err(err) => Err(ServiceError::from(err)),
+            Ok(None) => Err(ServiceError::from(DbErr::RecordNotFound(format!(
+                "Setting with key '{}' not found",
+                key
+            )))),
            Ok(Some(record)) => Ok(record.value),
        }
    }
@@ -62,7 +62,7 @@ impl SettingsStore for SettingsService {
            new_record
                .insert(&*self.connection)
                .await
-                .map_err(|err| err.into_service_error())
+                .map_err(ServiceError::from)
        };

        match existing {
@@ -71,7 +71,7 @@ impl SettingsStore for SettingsService {
                    handle_not_found(key.to_string(), value).await?;
                }
                _ => {
-                    return Err(Box::new(err));
+                    return Err(ServiceError::from(err));
                }
            },
            Ok(None) => {
@@ -83,7 +83,7 @@ impl SettingsStore for SettingsService {
                    .into_active_model()
                    .update(&*self.connection)
                    .await
-                    .map_err(|err| err.into_service_error())?;
+                    .map_err(ServiceError::from)?;
            }
        }

--- a/public/database/src/generated/entities/mod.rs
+++ b/public/database/src/generated/entities/mod.rs
@@ -3,4 +3,6 @@
 pub mod prelude;

 pub mod config;
+pub mod session;
 pub mod user;
+pub mod user_identity;
--- a/public/database/src/generated/entities/prelude.rs
+++ b/public/database/src/generated/entities/prelude.rs
@@ -1,4 +1,6 @@
 //! `SeaORM` Entity, @generated by sea-orm-codegen 2.0.0-rc.18

 pub use super::config::Entity as Config;
+pub use super::session::Entity as Session;
 pub use super::user::Entity as User;
+pub use super::user_identity::Entity as UserIdentity;
--- a/public/database/src/generated/entities/session.rs
+++ b/public/database/src/generated/entities/session.rs
@@ -0,0 +1,29 @@
+//! `SeaORM` Entity, @generated by sea-orm-codegen 2.0.0-rc.18
+
+use sea_orm::entity::prelude::*;
+use serde::{Deserialize, Serialize};
+
+#[sea_orm::model]
+#[derive(Clone, Debug, PartialEq, Eq, DeriveEntityModel, Serialize, Deserialize)]
+#[sea_orm(table_name = "session")]
+pub struct Model {
+    #[sea_orm(primary_key, auto_increment = false)]
+    pub id: Uuid,
+    pub user_id: Uuid,
+    #[sea_orm(unique)]
+    pub refresh_token_hash: Option<String>,
+    pub expires_at: DateTimeUtc,
+    pub revoked_at: Option<DateTimeUtc>,
+    pub created_at: DateTimeUtc,
+    pub updated_at: DateTimeUtc,
+    #[sea_orm(
+        belongs_to,
+        from = "user_id",
+        to = "id",
+        on_update = "Cascade",
+        on_delete = "Cascade"
+    )]
+    pub user: HasOne<super::user::Entity>,
+}
+
+impl ActiveModelBehavior for ActiveModel {}
--- a/public/database/src/generated/entities/user.rs
+++ b/public/database/src/generated/entities/user.rs
@@ -12,10 +12,15 @@ pub struct Model {
    #[sea_orm(unique)]
    pub name: String,
    pub is_admin: bool,
-    pub password_hash: String,
-    pub salt: String,
+    pub is_active: bool,
    pub created_at: DateTimeUtc,
    pub updated_at: DateTimeUtc,
+    pub last_login_at: Option<DateTimeUtc>,
+    pub deleted_at: Option<DateTimeUtc>,
+    #[sea_orm(has_many)]
+    pub sessions: HasMany<super::session::Entity>,
+    #[sea_orm(has_many)]
+    pub user_identities: HasMany<super::user_identity::Entity>,
 }

 impl ActiveModelBehavior for ActiveModel {}
--- a/public/database/src/generated/entities/user_identity.rs
+++ b/public/database/src/generated/entities/user_identity.rs
@@ -0,0 +1,35 @@
+//! `SeaORM` Entity, @generated by sea-orm-codegen 2.0.0-rc.18
+
+use sea_orm::entity::prelude::*;
+use serde::{Deserialize, Serialize};
+
+#[sea_orm::model]
+#[derive(Clone, Debug, PartialEq, Eq, DeriveEntityModel, Serialize, Deserialize)]
+#[sea_orm(table_name = "user_identity")]
+pub struct Model {
+    #[sea_orm(primary_key, auto_increment = false)]
+    pub id: Uuid,
+    #[sea_orm(unique_key = "provider")]
+    pub user_id: Uuid,
+    #[sea_orm(unique_key = "provider")]
+    pub provider: String,
+    pub email: Option<String>,
+    pub password_hash: Option<String>,
+    pub is_revoked: bool,
+    #[sea_orm(column_type = "JsonBinary", nullable)]
+    pub metadata: Option<Json>,
+    pub password_changed_at: Option<DateTimeUtc>,
+    pub revoked_at: Option<DateTimeUtc>,
+    pub created_at: DateTimeUtc,
+    pub updated_at: DateTimeUtc,
+    #[sea_orm(
+        belongs_to,
+        from = "user_id",
+        to = "id",
+        on_update = "Cascade",
+        on_delete = "Cascade"
+    )]
+    pub user: HasOne<super::user::Entity>,
+}
+
+impl ActiveModelBehavior for ActiveModel {}
--- a/public/migration/src/lib.rs
+++ b/public/migration/src/lib.rs
@@ -10,8 +10,10 @@ pub struct Migrator;
 impl MigratorTrait for Migrator {
    fn migrations() -> Vec<Box<dyn MigrationTrait>> {
        vec![
-            Box::new(m20251011_000001_create_user_table::Migration),
-            Box::new(m20251011_000002_create_config_table::Migration),
+            Box::new(m20251011_000001_create_config_table::Migration),
+            Box::new(m20251011_000002_create_user_table::Migration),
+            Box::new(m20251011_000003_create_user_identity_table::Migration),
+            Box::new(m20251011_000004_create_session_table::Migration),
        ]
    }
 }
--- a/public/migration/src/migrations.rs
+++ b/public/migration/src/migrations.rs
@@ -1,2 +1,4 @@
-pub mod m20251011_000001_create_user_table;
-pub mod m20251011_000002_create_config_table;
+pub mod m20251011_000001_create_config_table;
+pub mod m20251011_000002_create_user_table;
+pub mod m20251011_000003_create_user_identity_table;
+pub mod m20251011_000004_create_session_table;
--- a/public/migration/src/migrations/m20251011_000001_create_config_table.rs
+++ b/public/migration/src/migrations/m20251011_000001_create_config_table.rs
--- a/public/migration/src/migrations/m20251011_000002_create_user_table.rs
+++ b/public/migration/src/migrations/m20251011_000002_create_user_table.rs
@@ -3,16 +3,19 @@ use sea_orm_migration::{prelude::*, schema::*};
 #[derive(DeriveMigrationName)]
 pub struct Migration;

+#[forbid(dead_code)]
 #[derive(DeriveIden)]
-enum User {
+pub enum User {
    Table,
    Id,
    //
    Name,
    IsAdmin,
-    PasswordHash,
-    Salt,
+    IsActive,
    //
+    LastLoginAt,
+    //
+    DeletedAt,
    CreatedAt,
    UpdatedAt,
 }
@@ -33,8 +36,12 @@ impl MigrationTrait for Migration {
                            .default(false)
                            .not_null(),
                    )
-                    .col(ColumnDef::new(User::PasswordHash).string().not_null())
-                    .col(ColumnDef::new(User::Salt).string().not_null())
+                    .col(
+                        ColumnDef::new(User::IsActive)
+                            .boolean()
+                            .default(true)
+                            .not_null(),
+                    )
                    .col(
                        ColumnDef::new(User::CreatedAt)
                            .timestamp()
@@ -47,6 +54,8 @@ impl MigrationTrait for Migration {
                            .default(SimpleExpr::Keyword(Keyword::CurrentTimestamp))
                            .not_null(),
                    )
+                    .col(ColumnDef::new(User::LastLoginAt).timestamp().null())
+                    .col(ColumnDef::new(User::DeletedAt).timestamp().null())
                    .to_owned(),
            )
            .await
--- a/public/migration/src/migrations/m20251011_000003_create_user_identity_table.rs
+++ b/public/migration/src/migrations/m20251011_000003_create_user_identity_table.rs
@@ -0,0 +1,102 @@
+use sea_orm_migration::{prelude::*, schema::*};
+
+#[derive(DeriveMigrationName)]
+pub struct Migration;
+
+#[forbid(dead_code)]
+#[derive(DeriveIden)]
+pub enum UserIdentity {
+    Table,
+    Id,
+    UserId,
+    Provider, // e.g. "password". Extensible for plugins like OAuth in the future
+    //
+    Email,        // optional
+    PasswordHash, // optional for non-password providers
+    IsRevoked,    // default false
+    //
+    Metadata, // for custom provider metadata
+    //
+    PasswordChangedAt,
+    RevokedAt,
+    //
+    CreatedAt,
+    UpdatedAt,
+}
+
+#[async_trait::async_trait]
+impl MigrationTrait for Migration {
+    async fn up(&self, manager: &SchemaManager) -> Result<(), DbErr> {
+        let _ = manager
+            .create_table(
+                Table::create()
+                    .table(UserIdentity::Table)
+                    .if_not_exists()
+                    .col(pk_uuid(UserIdentity::Id))
+                    //
+                    .col(ColumnDef::new(UserIdentity::UserId).uuid().not_null())
+                    .foreign_key(
+                        ForeignKey::create()
+                            .name("fk-user-identity-user-id")
+                            .from(UserIdentity::Table, UserIdentity::UserId)
+                            .to(
+                                super::m20251011_000002_create_user_table::User::Table,
+                                super::m20251011_000002_create_user_table::User::Id,
+                            )
+                            .on_delete(ForeignKeyAction::Cascade)
+                            .on_update(ForeignKeyAction::Cascade),
+                    )
+                    .col(ColumnDef::new(UserIdentity::Provider).string().not_null())
+                    //
+                    .col(ColumnDef::new(UserIdentity::Email).string().null())
+                    .col(ColumnDef::new(UserIdentity::PasswordHash).string().null())
+                    .col(
+                        ColumnDef::new(UserIdentity::IsRevoked)
+                            .boolean()
+                            .default(false)
+                            .not_null(),
+                    )
+                    .col(ColumnDef::new(UserIdentity::Metadata).json_binary().null())
+                    //
+                    .col(
+                        ColumnDef::new(UserIdentity::PasswordChangedAt)
+                            .timestamp()
+                            .null(),
+                    )
+                    .col(ColumnDef::new(UserIdentity::RevokedAt).timestamp().null())
+                    //
+                    .col(
+                        ColumnDef::new(UserIdentity::CreatedAt)
+                            .timestamp()
+                            .default(SimpleExpr::Keyword(Keyword::CurrentTimestamp))
+                            .not_null(),
+                    )
+                    .col(
+                        ColumnDef::new(UserIdentity::UpdatedAt)
+                            .timestamp()
+                            .default(SimpleExpr::Keyword(Keyword::CurrentTimestamp))
+                            .not_null(),
+                    )
+                    .to_owned(),
+            )
+            .await;
+
+        manager
+            .create_index(
+                Index::create()
+                    .name("idx-user-identity-user-id-provider")
+                    .table(UserIdentity::Table)
+                    .col(UserIdentity::UserId)
+                    .col(UserIdentity::Provider)
+                    .unique()
+                    .to_owned(),
+            )
+            .await
+    }
+
+    async fn down(&self, manager: &SchemaManager) -> Result<(), DbErr> {
+        manager
+            .drop_table(Table::drop().table(UserIdentity::Table).to_owned())
+            .await
+    }
+}
--- a/public/migration/src/migrations/m20251011_000004_create_session_table.rs
+++ b/public/migration/src/migrations/m20251011_000004_create_session_table.rs
@@ -0,0 +1,86 @@
+use sea_orm_migration::{prelude::*, schema::*};
+
+#[derive(DeriveMigrationName)]
+pub struct Migration;
+
+#[forbid(dead_code)]
+#[derive(DeriveIden)]
+pub enum Session {
+    Table,
+    Id,
+    UserId,
+    //
+    RefreshTokenHash,
+    //
+    ExpiresAt,
+    RevokedAt,
+    //
+    CreatedAt,
+    UpdatedAt,
+}
+
+#[async_trait::async_trait]
+impl MigrationTrait for Migration {
+    async fn up(&self, manager: &SchemaManager) -> Result<(), DbErr> {
+        let _ = manager
+            .create_table(
+                Table::create()
+                    .table(Session::Table)
+                    .if_not_exists()
+                    .col(pk_uuid(Session::Id))
+                    //
+                    .col(ColumnDef::new(Session::UserId).uuid().not_null())
+                    .foreign_key(
+                        ForeignKey::create()
+                            .name("fk-session-user-id")
+                            .from(Session::Table, Session::UserId)
+                            .to(
+                                super::m20251011_000002_create_user_table::User::Table,
+                                super::m20251011_000002_create_user_table::User::Id,
+                            )
+                            .on_delete(ForeignKeyAction::Cascade)
+                            .on_update(ForeignKeyAction::Cascade),
+                    )
+                    .col(
+                        ColumnDef::new(Session::RefreshTokenHash)
+                            .string()
+                            .null()
+                            .unique_key(),
+                    )
+                    .col(ColumnDef::new(Session::ExpiresAt).timestamp().not_null())
+                    .col(ColumnDef::new(Session::RevokedAt).timestamp().null())
+                    //
+                    .col(
+                        ColumnDef::new(Session::CreatedAt)
+                            .timestamp()
+                            .default(SimpleExpr::Keyword(Keyword::CurrentTimestamp))
+                            .not_null(),
+                    )
+                    .col(
+                        ColumnDef::new(Session::UpdatedAt)
+                            .timestamp()
+                            .default(SimpleExpr::Keyword(Keyword::CurrentTimestamp))
+                            .not_null(),
+                    )
+                    .to_owned(),
+            )
+            .await;
+
+        manager
+            .create_index(
+                Index::create()
+                    .name("idx-session-user-id-token")
+                    .table(Session::Table)
+                    .col(Session::UserId)
+                    .col(Session::RefreshTokenHash)
+                    .to_owned(),
+            )
+            .await
+    }
+
+    async fn down(&self, manager: &SchemaManager) -> Result<(), DbErr> {
+        manager
+            .drop_table(Table::drop().table(Session::Table).to_owned())
+            .await
+    }
+}
Author	SHA1	Message	Date
GW_MC	9447b64a76	feat: add argon2, jsonwebtoken, and update uuid dependencies	2025-12-07 21:35:50 +08:00
GW_MC	6cd37d6758	use ref of transaction	2025-12-07 21:35:10 +08:00
GW_MC	6a88e401f6	Add debug and BadRequest error	2025-12-07 21:33:01 +08:00
GW_MC	30e500ec44	Added macro for handling both transaction and pooled connection	2025-12-07 19:09:37 +08:00
GW_MC	e758452509	Include user table, identity and session table	2025-12-07 19:08:22 +08:00
GW_MC	9c139d6007	refactor: replace IntoServiceError trait with direct ServiceError conversions	2025-12-07 14:40:11 +08:00
GW_MC	ce404670d6	Merge pull request 'Basic Documentation' (#8 ) from documentation into master All checks were successful Verify / verify-generated-code (push) Successful in 53s Details Verify / verify-openapi-spec (push) Successful in 6s Details Verify / verify-frontend-api-client (push) Successful in 8s Details Test / test-frontend (push) Successful in 21s Details Test / frontend-build (push) Successful in 24s Details Test / lint (push) Successful in 1m9s Details Test / test (push) Successful in 1m14s Details Reviewed-on: #8	2025-12-05 22:50:20 +08:00