feat: enhance authentication and user management with token-based system

- Implemented robust token-based authentication with access and refresh tokens - Added JWT token generation, verification, and rotation mechanisms - Created services for token management, Memcached, and MinIO storage - Enhanced user registration and login with device-specific tokens - Added support for profile picture upload and management via MinIO - Implemented secure password hashing with crypto - Updated Prisma schema to support refresh tokens and profile picture storage - Added GraphQL mutations for logout, token refresh, and profile picture handling - Integrated environment configuration with Zod validation - Improved error handling and authentication middleware
2025-03-09 22:34:57 -05:00 · 2025-03-09 22:34:57 -05:00 · d29d116214
commit d29d116214
parent d4d99fb5e7
22 changed files with 1992 additions and 388 deletions
--- a/apps/api/prisma/schema.prisma
+++ b/apps/api/prisma/schema.prisma
@ -14,15 +14,17 @@ datasource db {
 }

 model User {
-  id         String    @id @default(uuid())
-  email      String    @unique
-  username   String    @unique
-  password   String
-  createdAt  DateTime  @default(now())
-  updatedAt  DateTime  @updatedAt
-  messages   Message[]
-  rooms      Room[]    @relation("RoomMembers")
-  ownedRooms Room[]    @relation("RoomOwner")
+  id                    String         @id @default(uuid())
+  email                 String         @unique
+  username              String         @unique
+  password              String         @db.Text
+  s3ProfilePicObjectKey String?
+  createdAt             DateTime       @default(now())
+  updatedAt             DateTime       @updatedAt
+  messages              Message[]
+  rooms                 Room[]         @relation("RoomMembers")
+  ownedRooms            Room[]         @relation("RoomOwner")
+  refreshTokens         RefreshToken[]
 }

 model Room {
@ -48,3 +50,15 @@ model Message {
  roomId    String
  room      Room     @relation(fields: [roomId], references: [id])
 }
+
+model RefreshToken {
+  id        String   @id @default(uuid())
+  jti       String   @unique
+  userId    String
+  user      User     @relation(fields: [userId], references: [id], onDelete: Cascade)
+  deviceId  String
+  hash      String
+  expiresAt DateTime
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+}