mirror of
https://github.com/shuaiplus/nodewarden.git
synced 2026-06-20 21:00:41 +00:00
shuaiplus
cdbe87aac2
- Added TOTP support for two-factor authentication in user profiles and login flows. - Introduced device management endpoints to handle known devices and their registration. - Enhanced database schema to include devices and trusted two-factor tokens. - Updated response handling to include two-factor token in successful login responses. - Modified registration and login pages to guide users through enabling TOTP. - Improved device identification and management utilities for better user experience.
126 lines
3.6 KiB
SQL
126 lines
3.6 KiB
SQL
PRAGMA foreign_keys = ON;
|
|
|
|
-- IMPORTANT:
|
|
-- Keep this file in sync with src/services/storage.ts (SCHEMA_STATEMENTS).
|
|
-- Any new table/column/index must be added to both places together.
|
|
|
|
CREATE TABLE IF NOT EXISTS config (
|
|
key TEXT PRIMARY KEY,
|
|
value TEXT NOT NULL
|
|
);
|
|
|
|
CREATE TABLE IF NOT EXISTS users (
|
|
id TEXT PRIMARY KEY,
|
|
email TEXT NOT NULL UNIQUE,
|
|
name TEXT,
|
|
master_password_hash TEXT NOT NULL,
|
|
key TEXT NOT NULL,
|
|
private_key TEXT,
|
|
public_key TEXT,
|
|
kdf_type INTEGER NOT NULL,
|
|
kdf_iterations INTEGER NOT NULL,
|
|
kdf_memory INTEGER,
|
|
kdf_parallelism INTEGER,
|
|
security_stamp TEXT NOT NULL,
|
|
created_at TEXT NOT NULL,
|
|
updated_at TEXT NOT NULL
|
|
);
|
|
|
|
-- Per-user sync revision date
|
|
CREATE TABLE IF NOT EXISTS user_revisions (
|
|
user_id TEXT PRIMARY KEY,
|
|
revision_date TEXT NOT NULL,
|
|
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
|
|
);
|
|
|
|
CREATE TABLE IF NOT EXISTS ciphers (
|
|
id TEXT PRIMARY KEY,
|
|
user_id TEXT NOT NULL,
|
|
type INTEGER NOT NULL,
|
|
folder_id TEXT,
|
|
name TEXT,
|
|
notes TEXT,
|
|
favorite INTEGER NOT NULL DEFAULT 0,
|
|
data TEXT NOT NULL,
|
|
reprompt INTEGER,
|
|
key TEXT,
|
|
created_at TEXT NOT NULL,
|
|
updated_at TEXT NOT NULL,
|
|
deleted_at TEXT,
|
|
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
|
|
);
|
|
CREATE INDEX IF NOT EXISTS idx_ciphers_user_updated ON ciphers(user_id, updated_at);
|
|
CREATE INDEX IF NOT EXISTS idx_ciphers_user_deleted ON ciphers(user_id, deleted_at);
|
|
|
|
CREATE TABLE IF NOT EXISTS folders (
|
|
id TEXT PRIMARY KEY,
|
|
user_id TEXT NOT NULL,
|
|
name TEXT NOT NULL,
|
|
created_at TEXT NOT NULL,
|
|
updated_at TEXT NOT NULL,
|
|
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
|
|
);
|
|
CREATE INDEX IF NOT EXISTS idx_folders_user_updated ON folders(user_id, updated_at);
|
|
|
|
CREATE TABLE IF NOT EXISTS attachments (
|
|
id TEXT PRIMARY KEY,
|
|
cipher_id TEXT NOT NULL,
|
|
file_name TEXT NOT NULL,
|
|
size INTEGER NOT NULL,
|
|
size_name TEXT NOT NULL,
|
|
key TEXT,
|
|
FOREIGN KEY (cipher_id) REFERENCES ciphers(id) ON DELETE CASCADE
|
|
);
|
|
CREATE INDEX IF NOT EXISTS idx_attachments_cipher ON attachments(cipher_id);
|
|
|
|
CREATE TABLE IF NOT EXISTS refresh_tokens (
|
|
token TEXT PRIMARY KEY,
|
|
user_id TEXT NOT NULL,
|
|
expires_at INTEGER NOT NULL,
|
|
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
|
|
);
|
|
CREATE INDEX IF NOT EXISTS idx_refresh_tokens_user ON refresh_tokens(user_id);
|
|
|
|
CREATE TABLE IF NOT EXISTS devices (
|
|
user_id TEXT NOT NULL,
|
|
device_identifier TEXT NOT NULL,
|
|
name TEXT NOT NULL,
|
|
type INTEGER NOT NULL,
|
|
created_at TEXT NOT NULL,
|
|
updated_at TEXT NOT NULL,
|
|
PRIMARY KEY (user_id, device_identifier),
|
|
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
|
|
);
|
|
CREATE INDEX IF NOT EXISTS idx_devices_user_updated ON devices(user_id, updated_at);
|
|
|
|
CREATE TABLE IF NOT EXISTS trusted_two_factor_device_tokens (
|
|
token TEXT PRIMARY KEY,
|
|
user_id TEXT NOT NULL,
|
|
device_identifier TEXT NOT NULL,
|
|
expires_at INTEGER NOT NULL,
|
|
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
|
|
);
|
|
CREATE INDEX IF NOT EXISTS idx_trusted_two_factor_device_tokens_user_device
|
|
ON trusted_two_factor_device_tokens(user_id, device_identifier);
|
|
|
|
-- Rate limiting
|
|
CREATE TABLE IF NOT EXISTS login_attempts_ip (
|
|
ip TEXT PRIMARY KEY,
|
|
attempts INTEGER NOT NULL,
|
|
locked_until INTEGER,
|
|
updated_at INTEGER NOT NULL
|
|
);
|
|
|
|
CREATE TABLE IF NOT EXISTS api_rate_limits (
|
|
identifier TEXT NOT NULL,
|
|
window_start INTEGER NOT NULL,
|
|
count INTEGER NOT NULL,
|
|
PRIMARY KEY (identifier, window_start)
|
|
);
|
|
CREATE INDEX IF NOT EXISTS idx_api_rate_window ON api_rate_limits(window_start);
|
|
|
|
CREATE TABLE IF NOT EXISTS used_attachment_download_tokens (
|
|
jti TEXT PRIMARY KEY,
|
|
expires_at INTEGER NOT NULL
|
|
);
|