refactor: use adonis's access tokens instead of creating custom (and unsecured) logic

2025-12-08 14:43:24 +00:00 · 2025-08-22 18:35:50 +02:00
parent d00b6b9edd
commit 9aa71dad30
19 changed files with 241 additions and 402 deletions
--- a/database/migrations/1755640100587_create_api_tokens_table.ts
+++ b/database/migrations/1755640100587_create_api_tokens_table.ts
@@ -1,35 +0,0 @@
-import { defaultTableFields } from '#database/default_table_fields';
-import { BaseSchema } from '@adonisjs/lucid/schema';
-
-export default class CreateApiTokensTable extends BaseSchema {
-	static tableName = 'api_tokens';
-
-	async up() {
-		const exists = await this.schema.hasTable(CreateApiTokensTable.tableName);
-		if (exists) {
-			return console.warn(
-				`Table ${CreateApiTokensTable.tableName} already exists.`
-			);
-		}
-
-		this.schema.createTable(CreateApiTokensTable.tableName, (table) => {
-			table
-				.integer('user_id')
-				.unsigned()
-				.references('id')
-				.inTable('users')
-				.onDelete('CASCADE');
-			table.string('name', 255).notNullable();
-			table.string('token', 255).notNullable().unique();
-			table.timestamp('last_used_at').nullable();
-			table.timestamp('expires_at').nullable();
-			table.boolean('is_active').defaultTo(true).notNullable();
-
-			defaultTableFields(table);
-		});
-	}
-
-	async down() {
-		this.schema.dropTable(CreateApiTokensTable.tableName);
-	}
-}
--- a/database/migrations/1755788189587_create_auth_access_tokens_table.ts
+++ b/database/migrations/1755788189587_create_auth_access_tokens_table.ts
@@ -0,0 +1,31 @@
+import { BaseSchema } from '@adonisjs/lucid/schema';
+
+export default class CreateAuthAccessTokensTable extends BaseSchema {
+	protected tableName = 'auth_access_tokens';
+
+	async up() {
+		this.schema.createTable(this.tableName, (table) => {
+			table.increments('id');
+			table
+				.integer('tokenable_id')
+				.notNullable()
+				.unsigned()
+				.references('id')
+				.inTable('users')
+				.onDelete('CASCADE');
+
+			table.string('type').notNullable();
+			table.string('name').nullable();
+			table.string('hash').notNullable();
+			table.text('abilities').notNullable();
+			table.timestamp('created_at');
+			table.timestamp('updated_at');
+			table.timestamp('last_used_at').nullable();
+			table.timestamp('expires_at').nullable();
+		});
+	}
+
+	async down() {
+		this.schema.dropTable(this.tableName);
+	}
+}