백엔드에서 JWT가 아닌 세션 ID 기반으로 인증하도록 변경

2025-12-16 06:58:46 +00:00 · 2025-01-12 07:28:38 +09:00
parent 0bdf990dae
commit 1a86c8d9e0
42 changed files with 487 additions and 624 deletions
--- a/src/lib/server/db/schema/session.ts
+++ b/src/lib/server/db/schema/session.ts
@@ -0,0 +1,35 @@
+import { sqliteTable, text, integer, unique } from "drizzle-orm/sqlite-core";
+import { client } from "./client";
+import { user } from "./user";
+
+export const session = sqliteTable(
+  "session",
+  {
+    id: text("id").notNull().primaryKey(),
+    userId: integer("user_id")
+      .notNull()
+      .references(() => user.id),
+    clientId: integer("client_id").references(() => client.id),
+    createdAt: integer("created_at", { mode: "timestamp_ms" }).notNull(),
+    lastUsedAt: integer("last_used_at", { mode: "timestamp_ms" }).notNull(),
+    lastUsedByIp: text("last_used_by_ip"),
+    lastUsedByUserAgent: text("last_used_by_user_agent"),
+  },
+  (t) => ({
+    unq: unique().on(t.userId, t.clientId),
+  }),
+);
+
+export const sessionUpgradeChallenge = sqliteTable("session_upgrade_challenge", {
+  id: integer("id").primaryKey(),
+  sessionId: text("session_id")
+    .notNull()
+    .references(() => session.id)
+    .unique(),
+  clientId: integer("client_id")
+    .notNull()
+    .references(() => client.id),
+  answer: text("answer").notNull().unique(), // Base64
+  allowedIp: text("allowed_ip").notNull(),
+  expiresAt: integer("expires_at", { mode: "timestamp_ms" }).notNull(),
+});