43 lines
1.5 KiB
SQL
43 lines
1.5 KiB
SQL
-- ============================================================================
|
|
-- Auth Database Schema (auth.db)
|
|
-- ============================================================================
|
|
-- Separate from medical data. Contains volatile OAuth/session data.
|
|
-- Tables are NOT auto-created. Use this file manually if needed.
|
|
-- ============================================================================
|
|
|
|
-- OAuth Clients (Claude, Flutter app, etc.)
|
|
CREATE TABLE IF NOT EXISTS oauth_clients (
|
|
client_id TEXT PRIMARY KEY,
|
|
client_secret TEXT NOT NULL,
|
|
name TEXT NOT NULL,
|
|
redirect_uris TEXT NOT NULL, -- JSON array
|
|
created_at INTEGER NOT NULL
|
|
);
|
|
|
|
-- OAuth Authorization Codes (short-lived, single-use)
|
|
CREATE TABLE IF NOT EXISTS oauth_codes (
|
|
code TEXT PRIMARY KEY,
|
|
client_id TEXT NOT NULL,
|
|
dossier_id TEXT NOT NULL,
|
|
redirect_uri TEXT NOT NULL,
|
|
code_challenge TEXT,
|
|
code_challenge_method TEXT,
|
|
expires_at INTEGER NOT NULL,
|
|
used INTEGER DEFAULT 0
|
|
);
|
|
|
|
CREATE INDEX IF NOT EXISTS idx_oauth_codes_client ON oauth_codes(client_id);
|
|
|
|
-- OAuth Refresh Tokens (long-lived, rotatable)
|
|
CREATE TABLE IF NOT EXISTS oauth_refresh_tokens (
|
|
token_id TEXT PRIMARY KEY,
|
|
client_id TEXT NOT NULL,
|
|
dossier_id TEXT NOT NULL,
|
|
expires_at INTEGER NOT NULL,
|
|
revoked INTEGER DEFAULT 0,
|
|
created_at INTEGER NOT NULL
|
|
);
|
|
|
|
CREATE INDEX IF NOT EXISTS idx_oauth_refresh_dossier ON oauth_refresh_tokens(dossier_id);
|
|
CREATE INDEX IF NOT EXISTS idx_oauth_refresh_client ON oauth_refresh_tokens(client_id);
|