7f3e8a8f53
- Auth: register, login, JWT with refresh tokens, blocklist - Projects/Folders/Documents CRUD with soft deletes - Tags CRUD and assignment - FTS5 search with highlights and tag filtering - ADR-001, ADR-002, ADR-003 compliant - Security fixes applied (JWT_SECRET_KEY, exception handler, cookie secure) - 25 tests passing
36 lines
1.5 KiB
Python
36 lines
1.5 KiB
Python
import uuid
|
|
from datetime import datetime
|
|
|
|
from sqlalchemy import Boolean, DateTime, Integer, String, Text
|
|
from sqlalchemy.orm import Mapped, mapped_column
|
|
|
|
from app.database import Base
|
|
|
|
|
|
def generate_uuid() -> str:
|
|
return str(uuid.uuid4())
|
|
|
|
|
|
class RefreshToken(Base):
|
|
__tablename__ = "refresh_tokens"
|
|
|
|
id: Mapped[str] = mapped_column(String(36), primary_key=True, default=generate_uuid)
|
|
user_id: Mapped[str] = mapped_column(String(36), nullable=False)
|
|
token_hash: Mapped[str] = mapped_column(Text, nullable=False, unique=True)
|
|
token_family_id: Mapped[str] = mapped_column(String(36), nullable=False)
|
|
token_version: Mapped[int] = mapped_column(Integer, nullable=False, default=1)
|
|
user_agent: Mapped[str | None] = mapped_column(Text, nullable=True)
|
|
ip_address: Mapped[str | None] = mapped_column(Text, nullable=True)
|
|
created_at: Mapped[datetime] = mapped_column(DateTime, default=datetime.utcnow, nullable=False)
|
|
expires_at: Mapped[datetime] = mapped_column(DateTime, nullable=False)
|
|
revoked_at: Mapped[datetime | None] = mapped_column(DateTime, nullable=True)
|
|
is_global_logout: Mapped[bool] = mapped_column(Boolean, default=False, nullable=False)
|
|
|
|
|
|
class JwtBlocklist(Base):
|
|
__tablename__ = "jwt_blocklist"
|
|
|
|
token_id: Mapped[str] = mapped_column(String(36), primary_key=True)
|
|
revoked_at: Mapped[datetime] = mapped_column(DateTime, default=datetime.utcnow, nullable=False)
|
|
expires_at: Mapped[datetime] = mapped_column(DateTime, nullable=False)
|