feat: enhance authentication and user management with token-based system

- Implemented robust token-based authentication with access and refresh tokens - Added JWT token generation, verification, and rotation mechanisms - Created services for token management, Memcached, and MinIO storage - Enhanced user registration and login with device-specific tokens - Added support for profile picture upload and management via MinIO - Implemented secure password hashing with crypto - Updated Prisma schema to support refresh tokens and profile picture storage - Added GraphQL mutations for logout, token refresh, and profile picture handling - Integrated environment configuration with Zod validation - Improved error handling and authentication middleware
2025-03-09 22:34:57 -05:00 · 2025-03-09 22:34:57 -05:00 · d29d116214
commit d29d116214
parent d4d99fb5e7
22 changed files with 1992 additions and 388 deletions
--- a/apps/api/prisma/migrations/20250307053052_update_content_type/migration.sql
+++ b/apps/api/prisma/migrations/20250307053052_update_content_type/migration.sql
@ -1,2 +0,0 @@
-- AlterTable
-ALTER TABLE `Message` MODIFY `content` TEXT NOT NULL;
--- a/apps/api/prisma/migrations/20250309163226_init/migration.sql
+++ b/apps/api/prisma/migrations/20250309163226_init/migration.sql
@ -3,7 +3,8 @@ CREATE TABLE `User` (
    `id` VARCHAR(191) NOT NULL,
    `email` VARCHAR(191) NOT NULL,
    `username` VARCHAR(191) NOT NULL,
-    `password` VARCHAR(191) NOT NULL,
+    `password` TEXT NOT NULL,
+    `s3ProfilePicObjectKey` VARCHAR(191) NULL,
    `createdAt` DATETIME(3) NOT NULL DEFAULT CURRENT_TIMESTAMP(3),
    `updatedAt` DATETIME(3) NOT NULL,

@ -28,7 +29,7 @@ CREATE TABLE `Room` (
 -- CreateTable
 CREATE TABLE `Message` (
    `id` VARCHAR(191) NOT NULL,
-    `content` VARCHAR(191) NOT NULL,
+    `content` TEXT NOT NULL,
    `createdAt` DATETIME(3) NOT NULL DEFAULT CURRENT_TIMESTAMP(3),
    `updatedAt` DATETIME(3) NOT NULL,
    `userId` VARCHAR(191) NOT NULL,
@ -37,6 +38,21 @@ CREATE TABLE `Message` (
    PRIMARY KEY (`id`)
 ) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;

+-- CreateTable
+CREATE TABLE `RefreshToken` (
+    `id` VARCHAR(191) NOT NULL,
+    `jti` VARCHAR(191) NOT NULL,
+    `userId` VARCHAR(191) NOT NULL,
+    `deviceId` VARCHAR(191) NOT NULL,
+    `hash` VARCHAR(191) NOT NULL,
+    `expiresAt` DATETIME(3) NOT NULL,
+    `createdAt` DATETIME(3) NOT NULL DEFAULT CURRENT_TIMESTAMP(3),
+    `updatedAt` DATETIME(3) NOT NULL,
+
+    UNIQUE INDEX `RefreshToken_jti_key`(`jti`),
+    PRIMARY KEY (`id`)
+) DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
+
 -- CreateTable
 CREATE TABLE `_RoomMembers` (
    `A` VARCHAR(191) NOT NULL,
@ -55,6 +71,9 @@ ALTER TABLE `Message` ADD CONSTRAINT `Message_userId_fkey` FOREIGN KEY (`userId`
 -- AddForeignKey
 ALTER TABLE `Message` ADD CONSTRAINT `Message_roomId_fkey` FOREIGN KEY (`roomId`) REFERENCES `Room`(`id`) ON DELETE RESTRICT ON UPDATE CASCADE;

+-- AddForeignKey
+ALTER TABLE `RefreshToken` ADD CONSTRAINT `RefreshToken_userId_fkey` FOREIGN KEY (`userId`) REFERENCES `User`(`id`) ON DELETE CASCADE ON UPDATE CASCADE;
+
 -- AddForeignKey
 ALTER TABLE `_RoomMembers` ADD CONSTRAINT `_RoomMembers_A_fkey` FOREIGN KEY (`A`) REFERENCES `Room`(`id`) ON DELETE CASCADE ON UPDATE CASCADE;

--- a/apps/api/prisma/schema.prisma
+++ b/apps/api/prisma/schema.prisma
@ -14,15 +14,17 @@ datasource db {
 }

 model User {
-  id         String    @id @default(uuid())
-  email      String    @unique
-  username   String    @unique
-  password   String
-  createdAt  DateTime  @default(now())
-  updatedAt  DateTime  @updatedAt
-  messages   Message[]
-  rooms      Room[]    @relation("RoomMembers")
-  ownedRooms Room[]    @relation("RoomOwner")
+  id                    String         @id @default(uuid())
+  email                 String         @unique
+  username              String         @unique
+  password              String         @db.Text
+  s3ProfilePicObjectKey String?
+  createdAt             DateTime       @default(now())
+  updatedAt             DateTime       @updatedAt
+  messages              Message[]
+  rooms                 Room[]         @relation("RoomMembers")
+  ownedRooms            Room[]         @relation("RoomOwner")
+  refreshTokens         RefreshToken[]
 }

 model Room {
@ -48,3 +50,15 @@ model Message {
  roomId    String
  room      Room     @relation(fields: [roomId], references: [id])
 }
+
+model RefreshToken {
+  id        String   @id @default(uuid())
+  jti       String   @unique
+  userId    String
+  user      User     @relation(fields: [userId], references: [id], onDelete: Cascade)
+  deviceId  String
+  hash      String
+  expiresAt DateTime
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+}