npm - @mdguggenbichler/slugbase-core - Versions diffs - 0.0.1 - Mend

@mdguggenbichler/slugbase-core 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (381) hide show

package/backend/dist/db/migrations/002_add_oidc_custom_endpoints.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"002_add_oidc_custom_endpoints.d.ts","sourceRoot":"","sources":["../../../src/db/migrations/002_add_oidc_custom_endpoints.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,eAAO,MAAM,WAAW,kCAAkC,CAAC;AAC3D,eAAO,MAAM,aAAa,oCAAoC,CAAC;AAE/D,wBAAsB,EAAE,kBA8CvB;AAED,wBAAsB,IAAI,kBAuCzB"}

package/backend/dist/db/migrations/002_add_oidc_custom_endpoints.js ADDED Viewed

@@ -0,0 +1,92 @@
+/**
+ * Migration: Add custom OIDC endpoint fields
+ * Date: 2026-01-12
+ * Description: Adds optional custom endpoint fields (authorization_url, token_url, userinfo_url) to oidc_providers table
+ *              to allow providers with non-standard endpoint paths
+ */
+import { execute } from '../index.js';
+export const migrationId = '002_add_oidc_custom_endpoints';
+export const migrationName = 'Add custom OIDC endpoint fields';
+export async function up() {
+    const DB_TYPE = process.env.DB_TYPE || 'sqlite';
+    if (DB_TYPE === 'postgresql') {
+        // PostgreSQL: Add columns
+        await execute('ALTER TABLE oidc_providers ADD COLUMN IF NOT EXISTS authorization_url TEXT', []);
+        await execute('ALTER TABLE oidc_providers ADD COLUMN IF NOT EXISTS token_url TEXT', []);
+        await execute('ALTER TABLE oidc_providers ADD COLUMN IF NOT EXISTS userinfo_url TEXT', []);
+    }
+    else {
+        // SQLite: Need to recreate table
+        // Create new table with new columns
+        await execute(`
+      CREATE TABLE IF NOT EXISTS oidc_providers_new (
+        id VARCHAR(255) PRIMARY KEY,
+        provider_key VARCHAR(255) UNIQUE NOT NULL,
+        client_id TEXT NOT NULL,
+        client_secret TEXT NOT NULL,
+        issuer_url TEXT NOT NULL,
+        authorization_url TEXT,
+        token_url TEXT,
+        userinfo_url TEXT,
+        scopes TEXT NOT NULL,
+        auto_create_users BOOLEAN DEFAULT TRUE,
+        default_role VARCHAR(50) DEFAULT 'user',
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+      )
+    `, []);
+        // Copy data from old table
+        await execute(`
+      INSERT INTO oidc_providers_new (
+        id, provider_key, client_id, client_secret, issuer_url,
+        scopes, auto_create_users, default_role, created_at
+      )
+      SELECT
+        id, provider_key, client_id, client_secret, issuer_url,
+        scopes, auto_create_users, default_role, created_at
+      FROM oidc_providers
+    `, []);
+        // Drop old table
+        await execute('DROP TABLE oidc_providers', []);
+        // Rename new table
+        await execute('ALTER TABLE oidc_providers_new RENAME TO oidc_providers', []);
+    }
+}
+export async function down() {
+    const DB_TYPE = process.env.DB_TYPE || 'sqlite';
+    if (DB_TYPE === 'postgresql') {
+        // PostgreSQL: Drop columns
+        await execute('ALTER TABLE oidc_providers DROP COLUMN IF EXISTS authorization_url', []);
+        await execute('ALTER TABLE oidc_providers DROP COLUMN IF EXISTS token_url', []);
+        await execute('ALTER TABLE oidc_providers DROP COLUMN IF EXISTS userinfo_url', []);
+    }
+    else {
+        // SQLite: Need to recreate table without new columns
+        await execute(`
+      CREATE TABLE IF NOT EXISTS oidc_providers_new (
+        id VARCHAR(255) PRIMARY KEY,
+        provider_key VARCHAR(255) UNIQUE NOT NULL,
+        client_id TEXT NOT NULL,
+        client_secret TEXT NOT NULL,
+        issuer_url TEXT NOT NULL,
+        scopes TEXT NOT NULL,
+        auto_create_users BOOLEAN DEFAULT TRUE,
+        default_role VARCHAR(50) DEFAULT 'user',
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+      )
+    `, []);
+        // Copy data (excluding new columns)
+        await execute(`
+      INSERT INTO oidc_providers_new (
+        id, provider_key, client_id, client_secret, issuer_url,
+        scopes, auto_create_users, default_role, created_at
+      )
+      SELECT
+        id, provider_key, client_id, client_secret, issuer_url,
+        scopes, auto_create_users, default_role, created_at
+      FROM oidc_providers
+    `, []);
+        await execute('DROP TABLE oidc_providers', []);
+        await execute('ALTER TABLE oidc_providers_new RENAME TO oidc_providers', []);
+    }
+}
+//# sourceMappingURL=002_add_oidc_custom_endpoints.js.map

package/backend/dist/db/migrations/002_add_oidc_custom_endpoints.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"002_add_oidc_custom_endpoints.js","sourceRoot":"","sources":["../../../src/db/migrations/002_add_oidc_custom_endpoints.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAEtC,MAAM,CAAC,MAAM,WAAW,GAAG,+BAA+B,CAAC;AAC3D,MAAM,CAAC,MAAM,aAAa,GAAG,iCAAiC,CAAC;AAE/D,MAAM,CAAC,KAAK,UAAU,EAAE;IACtB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,QAAQ,CAAC;IAEhD,IAAI,OAAO,KAAK,YAAY,EAAE,CAAC;QAC7B,0BAA0B;QAC1B,MAAM,OAAO,CAAC,4EAA4E,EAAE,EAAE,CAAC,CAAC;QAChG,MAAM,OAAO,CAAC,oEAAoE,EAAE,EAAE,CAAC,CAAC;QACxF,MAAM,OAAO,CAAC,uEAAuE,EAAE,EAAE,CAAC,CAAC;IAC7F,CAAC;SAAM,CAAC;QACN,iCAAiC;QACjC,oCAAoC;QACpC,MAAM,OAAO,CAAC;;;;;;;;;;;;;;;KAeb,EAAE,EAAE,CAAC,CAAC;QAEP,2BAA2B;QAC3B,MAAM,OAAO,CAAC;;;;;;;;;KASb,EAAE,EAAE,CAAC,CAAC;QAEP,iBAAiB;QACjB,MAAM,OAAO,CAAC,2BAA2B,EAAE,EAAE,CAAC,CAAC;QAE/C,mBAAmB;QACnB,MAAM,OAAO,CAAC,yDAAyD,EAAE,EAAE,CAAC,CAAC;IAC/E,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,IAAI;IACxB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,QAAQ,CAAC;IAEhD,IAAI,OAAO,KAAK,YAAY,EAAE,CAAC;QAC7B,2BAA2B;QAC3B,MAAM,OAAO,CAAC,oEAAoE,EAAE,EAAE,CAAC,CAAC;QACxF,MAAM,OAAO,CAAC,4DAA4D,EAAE,EAAE,CAAC,CAAC;QAChF,MAAM,OAAO,CAAC,+DAA+D,EAAE,EAAE,CAAC,CAAC;IACrF,CAAC;SAAM,CAAC;QACN,qDAAqD;QACrD,MAAM,OAAO,CAAC;;;;;;;;;;;;KAYb,EAAE,EAAE,CAAC,CAAC;QAEP,oCAAoC;QACpC,MAAM,OAAO,CAAC;;;;;;;;;KASb,EAAE,EAAE,CAAC,CAAC;QAEP,MAAM,OAAO,CAAC,2BAA2B,EAAE,EAAE,CAAC,CAAC;QAC/C,MAAM,OAAO,CAAC,yDAAyD,EAAE,EAAE,CAAC,CAAC;IAC/E,CAAC;AACH,CAAC"}

package/backend/dist/db/migrations/003_add_bookmark_features.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export declare const migrationId = "003_add_bookmark_features";
+export declare const migrationName = "Add pinned, access_count, and last_accessed_at fields to bookmarks";
+export declare function up(): Promise<void>;
+export declare function down(): Promise<void>;
+//# sourceMappingURL=003_add_bookmark_features.d.ts.map

package/backend/dist/db/migrations/003_add_bookmark_features.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"003_add_bookmark_features.d.ts","sourceRoot":"","sources":["../../../src/db/migrations/003_add_bookmark_features.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,WAAW,8BAA8B,CAAC;AACvD,eAAO,MAAM,aAAa,uEAAuE,CAAC;AAElG,wBAAsB,EAAE,kBAuDvB;AAED,wBAAsB,IAAI,kBA6CzB"}

package/backend/dist/db/migrations/003_add_bookmark_features.js ADDED Viewed

@@ -0,0 +1,98 @@
+import { execute } from '../index.js';
+export const migrationId = '003_add_bookmark_features';
+export const migrationName = 'Add pinned, access_count, and last_accessed_at fields to bookmarks';
+export async function up() {
+    const DB_TYPE = process.env.DB_TYPE || 'sqlite';
+    if (DB_TYPE === 'postgresql') {
+        // PostgreSQL: Add columns directly
+        await execute('ALTER TABLE bookmarks ADD COLUMN IF NOT EXISTS pinned BOOLEAN DEFAULT FALSE', []);
+        await execute('ALTER TABLE bookmarks ADD COLUMN IF NOT EXISTS access_count INTEGER DEFAULT 0', []);
+        await execute('ALTER TABLE bookmarks ADD COLUMN IF NOT EXISTS last_accessed_at TIMESTAMP', []);
+    }
+    else {
+        // SQLite: Need to recreate table
+        // Create new table with new columns
+        await execute(`
+      CREATE TABLE IF NOT EXISTS bookmarks_new (
+        id VARCHAR(255) PRIMARY KEY,
+        user_id VARCHAR(255) NOT NULL,
+        title TEXT NOT NULL,
+        url TEXT NOT NULL,
+        slug VARCHAR(255),
+        forwarding_enabled BOOLEAN DEFAULT FALSE,
+        pinned BOOLEAN DEFAULT FALSE,
+        access_count INTEGER DEFAULT 0,
+        last_accessed_at TIMESTAMP,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
+      )
+    `, []);
+        // Copy data from old table
+        await execute(`
+      INSERT INTO bookmarks_new (
+        id, user_id, title, url, slug, forwarding_enabled,
+        pinned, access_count, last_accessed_at, created_at, updated_at
+      )
+      SELECT
+        id, user_id, title, url, slug, forwarding_enabled,
+        FALSE as pinned, 0 as access_count, NULL as last_accessed_at,
+        created_at, updated_at
+      FROM bookmarks
+    `, []);
+        // Drop old table
+        await execute('DROP TABLE bookmarks', []);
+        // Rename new table
+        await execute('ALTER TABLE bookmarks_new RENAME TO bookmarks', []);
+        // Recreate indexes
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_user_id ON bookmarks(user_id)', []);
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_slug ON bookmarks(slug)', []);
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_user_slug ON bookmarks(user_id, slug)', []);
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_pinned ON bookmarks(pinned)', []);
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_access_count ON bookmarks(access_count)', []);
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_last_accessed ON bookmarks(last_accessed_at)', []);
+    }
+}
+export async function down() {
+    const DB_TYPE = process.env.DB_TYPE || 'sqlite';
+    if (DB_TYPE === 'postgresql') {
+        // PostgreSQL: Remove columns
+        await execute('ALTER TABLE bookmarks DROP COLUMN IF EXISTS pinned', []);
+        await execute('ALTER TABLE bookmarks DROP COLUMN IF EXISTS access_count', []);
+        await execute('ALTER TABLE bookmarks DROP COLUMN IF EXISTS last_accessed_at', []);
+    }
+    else {
+        // SQLite: Recreate table without new columns
+        await execute(`
+      CREATE TABLE IF NOT EXISTS bookmarks_old (
+        id VARCHAR(255) PRIMARY KEY,
+        user_id VARCHAR(255) NOT NULL,
+        title TEXT NOT NULL,
+        url TEXT NOT NULL,
+        slug VARCHAR(255),
+        forwarding_enabled BOOLEAN DEFAULT FALSE,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
+      )
+    `, []);
+        // Copy data (excluding new columns)
+        await execute(`
+      INSERT INTO bookmarks_old (
+        id, user_id, title, url, slug, forwarding_enabled, created_at, updated_at
+      )
+      SELECT
+        id, user_id, title, url, slug, forwarding_enabled, created_at, updated_at
+      FROM bookmarks
+    `, []);
+        // Drop new table
+        await execute('DROP TABLE bookmarks', []);
+        // Rename old table
+        await execute('ALTER TABLE bookmarks_old RENAME TO bookmarks', []);
+        // Recreate indexes
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_user_id ON bookmarks(user_id)', []);
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_slug ON bookmarks(slug)', []);
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_user_slug ON bookmarks(user_id, slug)', []);
+    }
+}
+//# sourceMappingURL=003_add_bookmark_features.js.map

package/backend/dist/db/migrations/003_add_bookmark_features.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"003_add_bookmark_features.js","sourceRoot":"","sources":["../../../src/db/migrations/003_add_bookmark_features.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAEtC,MAAM,CAAC,MAAM,WAAW,GAAG,2BAA2B,CAAC;AACvD,MAAM,CAAC,MAAM,aAAa,GAAG,oEAAoE,CAAC;AAElG,MAAM,CAAC,KAAK,UAAU,EAAE;IACtB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,QAAQ,CAAC;IAEhD,IAAI,OAAO,KAAK,YAAY,EAAE,CAAC;QAC7B,mCAAmC;QACnC,MAAM,OAAO,CAAC,6EAA6E,EAAE,EAAE,CAAC,CAAC;QACjG,MAAM,OAAO,CAAC,+EAA+E,EAAE,EAAE,CAAC,CAAC;QACnG,MAAM,OAAO,CAAC,2EAA2E,EAAE,EAAE,CAAC,CAAC;IACjG,CAAC;SAAM,CAAC;QACN,iCAAiC;QACjC,oCAAoC;QACpC,MAAM,OAAO,CAAC;;;;;;;;;;;;;;;KAeb,EAAE,EAAE,CAAC,CAAC;QAEP,2BAA2B;QAC3B,MAAM,OAAO,CAAC;;;;;;;;;;KAUb,EAAE,EAAE,CAAC,CAAC;QAEP,iBAAiB;QACjB,MAAM,OAAO,CAAC,sBAAsB,EAAE,EAAE,CAAC,CAAC;QAE1C,mBAAmB;QACnB,MAAM,OAAO,CAAC,+CAA+C,EAAE,EAAE,CAAC,CAAC;QAEnE,mBAAmB;QACnB,MAAM,OAAO,CAAC,wEAAwE,EAAE,EAAE,CAAC,CAAC;QAC5F,MAAM,OAAO,CAAC,kEAAkE,EAAE,EAAE,CAAC,CAAC;QACtF,MAAM,OAAO,CAAC,gFAAgF,EAAE,EAAE,CAAC,CAAC;QACpG,MAAM,OAAO,CAAC,sEAAsE,EAAE,EAAE,CAAC,CAAC;QAC1F,MAAM,OAAO,CAAC,kFAAkF,EAAE,EAAE,CAAC,CAAC;QACtG,MAAM,OAAO,CAAC,uFAAuF,EAAE,EAAE,CAAC,CAAC;IAC7G,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,IAAI;IACxB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,QAAQ,CAAC;IAEhD,IAAI,OAAO,KAAK,YAAY,EAAE,CAAC;QAC7B,6BAA6B;QAC7B,MAAM,OAAO,CAAC,oDAAoD,EAAE,EAAE,CAAC,CAAC;QACxE,MAAM,OAAO,CAAC,0DAA0D,EAAE,EAAE,CAAC,CAAC;QAC9E,MAAM,OAAO,CAAC,8DAA8D,EAAE,EAAE,CAAC,CAAC;IACpF,CAAC;SAAM,CAAC;QACN,6CAA6C;QAC7C,MAAM,OAAO,CAAC;;;;;;;;;;;;KAYb,EAAE,EAAE,CAAC,CAAC;QAEP,oCAAoC;QACpC,MAAM,OAAO,CAAC;;;;;;;KAOb,EAAE,EAAE,CAAC,CAAC;QAEP,iBAAiB;QACjB,MAAM,OAAO,CAAC,sBAAsB,EAAE,EAAE,CAAC,CAAC;QAE1C,mBAAmB;QACnB,MAAM,OAAO,CAAC,+CAA+C,EAAE,EAAE,CAAC,CAAC;QAEnE,mBAAmB;QACnB,MAAM,OAAO,CAAC,wEAAwE,EAAE,EAAE,CAAC,CAAC;QAC5F,MAAM,OAAO,CAAC,kEAAkE,EAAE,EAAE,CAAC,CAAC;QACtF,MAAM,OAAO,CAAC,gFAAgF,EAAE,EAAE,CAAC,CAAC;IACtG,CAAC;AACH,CAAC"}

package/backend/dist/db/migrations/004_make_slug_globally_unique.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+/**
+ * Migration 004: Make slug globally unique
+ *
+ * Changes the UNIQUE constraint on bookmarks.slug from (user_id, slug) to just (slug)
+ * This ensures that when bookmarks are shared, slugs are unique across the entire system,
+ * allowing any user's user_key to work with shared bookmarks via forwarding.
+ */
+export declare const migrationId = "004";
+export declare const migrationName = "Make slug globally unique";
+export declare function up(): Promise<void>;
+export declare function down(): Promise<void>;
+//# sourceMappingURL=004_make_slug_globally_unique.d.ts.map

package/backend/dist/db/migrations/004_make_slug_globally_unique.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"004_make_slug_globally_unique.d.ts","sourceRoot":"","sources":["../../../src/db/migrations/004_make_slug_globally_unique.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,eAAO,MAAM,WAAW,QAAQ,CAAC;AACjC,eAAO,MAAM,aAAa,8BAA8B,CAAC;AAEzD,wBAAsB,EAAE,kBAgIvB;AAED,wBAAsB,IAAI,kBAmDzB"}

package/backend/dist/db/migrations/004_make_slug_globally_unique.js ADDED Viewed

@@ -0,0 +1,152 @@
+/**
+ * Migration 004: Make slug globally unique
+ *
+ * Changes the UNIQUE constraint on bookmarks.slug from (user_id, slug) to just (slug)
+ * This ensures that when bookmarks are shared, slugs are unique across the entire system,
+ * allowing any user's user_key to work with shared bookmarks via forwarding.
+ */
+import { execute, query } from '../index.js';
+export const migrationId = '004';
+export const migrationName = 'Make slug globally unique';
+export async function up() {
+    const DB_TYPE = process.env.DB_TYPE || 'sqlite';
+    if (DB_TYPE === 'postgresql') {
+        // PostgreSQL: Drop the old unique constraint and add a new one
+        try {
+            // Drop the old unique constraint
+            await execute('ALTER TABLE bookmarks DROP CONSTRAINT IF EXISTS bookmarks_user_id_slug_key', []);
+        }
+        catch (error) {
+            // Constraint might not exist or have a different name, try alternative
+            try {
+                await execute('ALTER TABLE bookmarks DROP CONSTRAINT IF EXISTS bookmarks_user_id_slug_unique', []);
+            }
+            catch (e) {
+                // Try to find and drop the constraint
+                const constraints = await query(`SELECT constraint_name
+           FROM information_schema.table_constraints
+           WHERE table_name = 'bookmarks'
+           AND constraint_type = 'UNIQUE'
+           AND constraint_name LIKE '%slug%'`, []);
+                for (const constraint of constraints) {
+                    try {
+                        await execute(`ALTER TABLE bookmarks DROP CONSTRAINT IF EXISTS ${constraint.constraint_name}`, []);
+                    }
+                    catch (e) {
+                        // Ignore errors
+                    }
+                }
+            }
+        }
+        // Add global unique constraint on slug (NULL values are allowed and don't violate uniqueness)
+        await execute('CREATE UNIQUE INDEX IF NOT EXISTS idx_bookmarks_slug_unique ON bookmarks (slug) WHERE slug IS NOT NULL', []);
+    }
+    else {
+        // SQLite: Need to recreate the table
+        // First, check if there are any duplicate slugs (excluding NULL)
+        const duplicates = await query(`SELECT slug, COUNT(*) as count
+       FROM bookmarks
+       WHERE slug IS NOT NULL AND slug != ''
+       GROUP BY slug
+       HAVING COUNT(*) > 1`, []);
+        if (Array.isArray(duplicates) && duplicates.length > 0) {
+            // For duplicates, keep the oldest bookmark (by created_at) and nullify slugs for others
+            console.log(`Found ${duplicates.length} duplicate slug(s). Resolving by keeping oldest bookmark for each slug...`);
+            for (const dup of duplicates) {
+                const slug = dup.slug;
+                // Get all bookmarks with this slug, ordered by created_at
+                const bookmarksWithSlug = await query(`SELECT id, created_at FROM bookmarks
+           WHERE slug = ?
+           ORDER BY created_at ASC`, [slug]);
+                if (Array.isArray(bookmarksWithSlug) && bookmarksWithSlug.length > 1) {
+                    // Keep the first one (oldest), nullify slugs for the rest
+                    const toKeep = bookmarksWithSlug[0];
+                    const toNullify = bookmarksWithSlug.slice(1);
+                    for (const bm of toNullify) {
+                        await execute(`UPDATE bookmarks SET slug = NULL, forwarding_enabled = FALSE WHERE id = ?`, [bm.id]);
+                        console.log(`  - Nullified slug for bookmark ${bm.id} (duplicate of ${toKeep.id})`);
+                    }
+                }
+            }
+            console.log('Duplicate slugs resolved. Continuing migration...');
+        }
+        // Create new table with global unique constraint
+        await execute(`
+      CREATE TABLE bookmarks_new (
+        id VARCHAR(255) PRIMARY KEY,
+        user_id VARCHAR(255) NOT NULL,
+        title TEXT NOT NULL,
+        url TEXT NOT NULL,
+        slug VARCHAR(255),
+        forwarding_enabled BOOLEAN DEFAULT FALSE,
+        pinned BOOLEAN DEFAULT FALSE,
+        access_count INTEGER DEFAULT 0,
+        last_accessed_at TIMESTAMP,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        UNIQUE(slug)
+      )
+    `, []);
+        // Copy data
+        await execute(`
+      INSERT INTO bookmarks_new
+      SELECT * FROM bookmarks
+    `, []);
+        // Drop old table
+        await execute('DROP TABLE bookmarks', []);
+        // Rename new table
+        await execute('ALTER TABLE bookmarks_new RENAME TO bookmarks', []);
+        // Recreate indexes
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_user_id ON bookmarks(user_id)', []);
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_slug ON bookmarks(slug)', []);
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_pinned ON bookmarks(pinned)', []);
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_access_count ON bookmarks(access_count)', []);
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_last_accessed ON bookmarks(last_accessed_at)', []);
+    }
+}
+export async function down() {
+    const DB_TYPE = process.env.DB_TYPE || 'sqlite';
+    if (DB_TYPE === 'postgresql') {
+        // Drop the global unique index
+        await execute('DROP INDEX IF EXISTS idx_bookmarks_slug_unique', []);
+        // Restore the per-user unique constraint
+        await execute('ALTER TABLE bookmarks ADD CONSTRAINT bookmarks_user_id_slug_key UNIQUE (user_id, slug)', []);
+    }
+    else {
+        // SQLite: Recreate table with per-user unique constraint
+        await execute(`
+      CREATE TABLE bookmarks_old (
+        id VARCHAR(255) PRIMARY KEY,
+        user_id VARCHAR(255) NOT NULL,
+        title TEXT NOT NULL,
+        url TEXT NOT NULL,
+        slug VARCHAR(255),
+        forwarding_enabled BOOLEAN DEFAULT FALSE,
+        pinned BOOLEAN DEFAULT FALSE,
+        access_count INTEGER DEFAULT 0,
+        last_accessed_at TIMESTAMP,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        UNIQUE(user_id, slug)
+      )
+    `, []);
+        // Copy data
+        await execute(`
+      INSERT INTO bookmarks_old
+      SELECT * FROM bookmarks
+    `, []);
+        // Drop current table
+        await execute('DROP TABLE bookmarks', []);
+        // Rename old table
+        await execute('ALTER TABLE bookmarks_old RENAME TO bookmarks', []);
+        // Recreate indexes
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_user_id ON bookmarks(user_id)', []);
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_slug ON bookmarks(slug)', []);
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_pinned ON bookmarks(pinned)', []);
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_access_count ON bookmarks(access_count)', []);
+        await execute('CREATE INDEX IF NOT EXISTS idx_bookmarks_last_accessed ON bookmarks(last_accessed_at)', []);
+    }
+}
+//# sourceMappingURL=004_make_slug_globally_unique.js.map

package/backend/dist/db/migrations/004_make_slug_globally_unique.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"004_make_slug_globally_unique.js","sourceRoot":"","sources":["../../../src/db/migrations/004_make_slug_globally_unique.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAE7C,MAAM,CAAC,MAAM,WAAW,GAAG,KAAK,CAAC;AACjC,MAAM,CAAC,MAAM,aAAa,GAAG,2BAA2B,CAAC;AAEzD,MAAM,CAAC,KAAK,UAAU,EAAE;IACtB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,QAAQ,CAAC;IAEhD,IAAI,OAAO,KAAK,YAAY,EAAE,CAAC;QAC7B,+DAA+D;QAC/D,IAAI,CAAC;YACH,iCAAiC;YACjC,MAAM,OAAO,CACX,4EAA4E,EAC5E,EAAE,CACH,CAAC;QACJ,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,uEAAuE;YACvE,IAAI,CAAC;gBACH,MAAM,OAAO,CACX,+EAA+E,EAC/E,EAAE,CACH,CAAC;YACJ,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,sCAAsC;gBACtC,MAAM,WAAW,GAAG,MAAM,KAAK,CAC7B;;;;6CAImC,EACnC,EAAE,CACH,CAAC;gBACF,KAAK,MAAM,UAAU,IAAI,WAAoB,EAAE,CAAC;oBAC9C,IAAI,CAAC;wBACH,MAAM,OAAO,CACX,mDAAmD,UAAU,CAAC,eAAe,EAAE,EAC/E,EAAE,CACH,CAAC;oBACJ,CAAC;oBAAC,OAAO,CAAC,EAAE,CAAC;wBACX,gBAAgB;oBAClB,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,8FAA8F;QAC9F,MAAM,OAAO,CACX,wGAAwG,EACxG,EAAE,CACH,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,qCAAqC;QACrC,iEAAiE;QACjE,MAAM,UAAU,GAAG,MAAM,KAAK,CAC5B;;;;2BAIqB,EACrB,EAAE,CACH,CAAC;QAEF,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvD,wFAAwF;YACxF,OAAO,CAAC,GAAG,CAAC,SAAS,UAAU,CAAC,MAAM,2EAA2E,CAAC,CAAC;YAEnH,KAAK,MAAM,GAAG,IAAI,UAAmB,EAAE,CAAC;gBACtC,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;gBACtB,0DAA0D;gBAC1D,MAAM,iBAAiB,GAAG,MAAM,KAAK,CACnC;;mCAEyB,EACzB,CAAC,IAAI,CAAC,CACP,CAAC;gBAEF,IAAI,KAAK,CAAC,OAAO,CAAC,iBAAiB,CAAC,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACrE,0DAA0D;oBAC1D,MAAM,MAAM,GAAG,iBAAiB,CAAC,CAAC,CAAC,CAAC;oBACpC,MAAM,SAAS,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;oBAE7C,KAAK,MAAM,EAAE,IAAI,SAAS,EAAE,CAAC;wBAC3B,MAAM,OAAO,CACX,2EAA2E,EAC3E,CAAC,EAAE,CAAC,EAAE,CAAC,CACR,CAAC;wBACF,OAAO,CAAC,GAAG,CAAC,mCAAmC,EAAE,CAAC,EAAE,kBAAkB,MAAM,CAAC,EAAE,GAAG,CAAC,CAAC;oBACtF,CAAC;gBACH,CAAC;YACH,CAAC;YAED,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;QACnE,CAAC;QAED,iDAAiD;QACjD,MAAM,OAAO,CAAC;;;;;;;;;;;;;;;;KAgBb,EAAE,EAAE,CAAC,CAAC;QAEP,YAAY;QACZ,MAAM,OAAO,CAAC;;;KAGb,EAAE,EAAE,CAAC,CAAC;QAEP,iBAAiB;QACjB,MAAM,OAAO,CAAC,sBAAsB,EAAE,EAAE,CAAC,CAAC;QAE1C,mBAAmB;QACnB,MAAM,OAAO,CAAC,+CAA+C,EAAE,EAAE,CAAC,CAAC;QAEnE,mBAAmB;QACnB,MAAM,OAAO,CAAC,wEAAwE,EAAE,EAAE,CAAC,CAAC;QAC5F,MAAM,OAAO,CAAC,kEAAkE,EAAE,EAAE,CAAC,CAAC;QACtF,MAAM,OAAO,CAAC,sEAAsE,EAAE,EAAE,CAAC,CAAC;QAC1F,MAAM,OAAO,CAAC,kFAAkF,EAAE,EAAE,CAAC,CAAC;QACtG,MAAM,OAAO,CAAC,uFAAuF,EAAE,EAAE,CAAC,CAAC;IAC7G,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,IAAI;IACxB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,QAAQ,CAAC;IAEhD,IAAI,OAAO,KAAK,YAAY,EAAE,CAAC;QAC7B,+BAA+B;QAC/B,MAAM,OAAO,CAAC,gDAAgD,EAAE,EAAE,CAAC,CAAC;QAEpE,yCAAyC;QACzC,MAAM,OAAO,CACX,wFAAwF,EACxF,EAAE,CACH,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,yDAAyD;QACzD,MAAM,OAAO,CAAC;;;;;;;;;;;;;;;;KAgBb,EAAE,EAAE,CAAC,CAAC;QAEP,YAAY;QACZ,MAAM,OAAO,CAAC;;;KAGb,EAAE,EAAE,CAAC,CAAC;QAEP,qBAAqB;QACrB,MAAM,OAAO,CAAC,sBAAsB,EAAE,EAAE,CAAC,CAAC;QAE1C,mBAAmB;QACnB,MAAM,OAAO,CAAC,+CAA+C,EAAE,EAAE,CAAC,CAAC;QAEnE,mBAAmB;QACnB,MAAM,OAAO,CAAC,wEAAwE,EAAE,EAAE,CAAC,CAAC;QAC5F,MAAM,OAAO,CAAC,kEAAkE,EAAE,EAAE,CAAC,CAAC;QACtF,MAAM,OAAO,CAAC,sEAAsE,EAAE,EAAE,CAAC,CAAC;QAC1F,MAAM,OAAO,CAAC,kFAAkF,EAAE,EAAE,CAAC,CAAC;QACtG,MAAM,OAAO,CAAC,uFAAuF,EAAE,EAAE,CAAC,CAAC;IAC7G,CAAC;AACH,CAAC"}

package/backend/dist/db/migrations/005_add_email_verification.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export declare const migrationId = "005";
+export declare const migrationName = "Add email verification system";
+export declare function up(): Promise<void>;
+export declare function down(): Promise<void>;
+//# sourceMappingURL=005_add_email_verification.d.ts.map

package/backend/dist/db/migrations/005_add_email_verification.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"005_add_email_verification.d.ts","sourceRoot":"","sources":["../../../src/db/migrations/005_add_email_verification.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,WAAW,QAAQ,CAAC;AACjC,eAAO,MAAM,aAAa,kCAAkC,CAAC;AAE7D,wBAAsB,EAAE,kBAuFvB;AAED,wBAAsB,IAAI,kBAiBzB"}

package/backend/dist/db/migrations/005_add_email_verification.js ADDED Viewed

@@ -0,0 +1,102 @@
+import { execute, query } from '../index.js';
+export const migrationId = '005';
+export const migrationName = 'Add email verification system';
+export async function up() {
+    const DB_TYPE = process.env.DB_TYPE || 'sqlite';
+    if (DB_TYPE === 'postgresql') {
+        // Add email_pending column to users table
+        await execute(`
+      ALTER TABLE users
+      ADD COLUMN IF NOT EXISTS email_pending VARCHAR(255)
+    `, []);
+        // Create email verification tokens table
+        await execute(`
+      CREATE TABLE IF NOT EXISTS email_verification_tokens (
+        id VARCHAR(255) PRIMARY KEY,
+        user_id VARCHAR(255) NOT NULL,
+        token VARCHAR(255) UNIQUE NOT NULL,
+        new_email VARCHAR(255) NOT NULL,
+        expires_at TIMESTAMP NOT NULL,
+        used BOOLEAN DEFAULT FALSE,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
+      )
+    `, []);
+        // Create indexes
+        await execute(`
+      CREATE INDEX IF NOT EXISTS idx_email_verification_tokens_token
+      ON email_verification_tokens(token)
+    `, []);
+        await execute(`
+      CREATE INDEX IF NOT EXISTS idx_email_verification_tokens_user
+      ON email_verification_tokens(user_id)
+    `, []);
+        await execute(`
+      CREATE INDEX IF NOT EXISTS idx_email_verification_tokens_expires
+      ON email_verification_tokens(expires_at)
+    `, []);
+    }
+    else {
+        // SQLite: Check if column exists before adding
+        const tableInfo = await query("PRAGMA table_info(users)", []);
+        const hasEmailPending = tableInfo.some((col) => col.name === 'email_pending');
+        if (!hasEmailPending) {
+            // SQLite doesn't support ALTER TABLE ADD COLUMN IF NOT EXISTS, so we need to recreate
+            // But we'll use a safer approach: just add the column (it will fail if exists, but that's ok)
+            try {
+                await execute(`ALTER TABLE users ADD COLUMN email_pending VARCHAR(255)`, []);
+            }
+            catch (error) {
+                // Column might already exist, ignore
+                if (!error.message?.includes('duplicate column name')) {
+                    throw error;
+                }
+            }
+        }
+        // Create email verification tokens table
+        await execute(`
+      CREATE TABLE IF NOT EXISTS email_verification_tokens (
+        id TEXT PRIMARY KEY,
+        user_id TEXT NOT NULL,
+        token TEXT UNIQUE NOT NULL,
+        new_email TEXT NOT NULL,
+        expires_at TEXT NOT NULL,
+        used INTEGER DEFAULT 0,
+        created_at TEXT DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
+      )
+    `, []);
+        // Create indexes
+        await execute(`
+      CREATE INDEX IF NOT EXISTS idx_email_verification_tokens_token
+      ON email_verification_tokens(token)
+    `, []);
+        await execute(`
+      CREATE INDEX IF NOT EXISTS idx_email_verification_tokens_user
+      ON email_verification_tokens(user_id)
+    `, []);
+        await execute(`
+      CREATE INDEX IF NOT EXISTS idx_email_verification_tokens_expires
+      ON email_verification_tokens(expires_at)
+    `, []);
+    }
+}
+export async function down() {
+    const DB_TYPE = process.env.DB_TYPE || 'sqlite';
+    if (DB_TYPE === 'postgresql') {
+        await execute(`DROP INDEX IF EXISTS idx_email_verification_tokens_expires`, []);
+        await execute(`DROP INDEX IF EXISTS idx_email_verification_tokens_user`, []);
+        await execute(`DROP INDEX IF EXISTS idx_email_verification_tokens_token`, []);
+        await execute(`DROP TABLE IF EXISTS email_verification_tokens`, []);
+        await execute(`ALTER TABLE users DROP COLUMN IF EXISTS email_pending`, []);
+    }
+    else {
+        await execute(`DROP INDEX IF EXISTS idx_email_verification_tokens_expires`, []);
+        await execute(`DROP INDEX IF EXISTS idx_email_verification_tokens_user`, []);
+        await execute(`DROP INDEX IF EXISTS idx_email_verification_tokens_token`, []);
+        await execute(`DROP TABLE IF EXISTS email_verification_tokens`, []);
+        // SQLite doesn't support DROP COLUMN easily, so we'll leave email_pending
+        // It won't cause issues if it exists
+    }
+}
+//# sourceMappingURL=005_add_email_verification.js.map

package/backend/dist/db/migrations/005_add_email_verification.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"005_add_email_verification.js","sourceRoot":"","sources":["../../../src/db/migrations/005_add_email_verification.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAE7C,MAAM,CAAC,MAAM,WAAW,GAAG,KAAK,CAAC;AACjC,MAAM,CAAC,MAAM,aAAa,GAAG,+BAA+B,CAAC;AAE7D,MAAM,CAAC,KAAK,UAAU,EAAE;IACtB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,QAAQ,CAAC;IAEhD,IAAI,OAAO,KAAK,YAAY,EAAE,CAAC;QAC7B,0CAA0C;QAC1C,MAAM,OAAO,CAAC;;;KAGb,EAAE,EAAE,CAAC,CAAC;QAEP,yCAAyC;QACzC,MAAM,OAAO,CAAC;;;;;;;;;;;KAWb,EAAE,EAAE,CAAC,CAAC;QAEP,iBAAiB;QACjB,MAAM,OAAO,CAAC;;;KAGb,EAAE,EAAE,CAAC,CAAC;QAEP,MAAM,OAAO,CAAC;;;KAGb,EAAE,EAAE,CAAC,CAAC;QAEP,MAAM,OAAO,CAAC;;;KAGb,EAAE,EAAE,CAAC,CAAC;IACT,CAAC;SAAM,CAAC;QACN,+CAA+C;QAC/C,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,0BAA0B,EAAE,EAAE,CAAC,CAAC;QAC9D,MAAM,eAAe,GAAI,SAAmB,CAAC,IAAI,CAAC,CAAC,GAAQ,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,eAAe,CAAC,CAAC;QAE9F,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,sFAAsF;YACtF,8FAA8F;YAC9F,IAAI,CAAC;gBACH,MAAM,OAAO,CAAC,yDAAyD,EAAE,EAAE,CAAC,CAAC;YAC/E,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,qCAAqC;gBACrC,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,QAAQ,CAAC,uBAAuB,CAAC,EAAE,CAAC;oBACtD,MAAM,KAAK,CAAC;gBACd,CAAC;YACH,CAAC;QACH,CAAC;QAED,yCAAyC;QACzC,MAAM,OAAO,CAAC;;;;;;;;;;;KAWb,EAAE,EAAE,CAAC,CAAC;QAEP,iBAAiB;QACjB,MAAM,OAAO,CAAC;;;KAGb,EAAE,EAAE,CAAC,CAAC;QAEP,MAAM,OAAO,CAAC;;;KAGb,EAAE,EAAE,CAAC,CAAC;QAEP,MAAM,OAAO,CAAC;;;KAGb,EAAE,EAAE,CAAC,CAAC;IACT,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,IAAI;IACxB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,QAAQ,CAAC;IAEhD,IAAI,OAAO,KAAK,YAAY,EAAE,CAAC;QAC7B,MAAM,OAAO,CAAC,4DAA4D,EAAE,EAAE,CAAC,CAAC;QAChF,MAAM,OAAO,CAAC,yDAAyD,EAAE,EAAE,CAAC,CAAC;QAC7E,MAAM,OAAO,CAAC,0DAA0D,EAAE,EAAE,CAAC,CAAC;QAC9E,MAAM,OAAO,CAAC,gDAAgD,EAAE,EAAE,CAAC,CAAC;QACpE,MAAM,OAAO,CAAC,uDAAuD,EAAE,EAAE,CAAC,CAAC;IAC7E,CAAC;SAAM,CAAC;QACN,MAAM,OAAO,CAAC,4DAA4D,EAAE,EAAE,CAAC,CAAC;QAChF,MAAM,OAAO,CAAC,yDAAyD,EAAE,EAAE,CAAC,CAAC;QAC7E,MAAM,OAAO,CAAC,0DAA0D,EAAE,EAAE,CAAC,CAAC;QAC9E,MAAM,OAAO,CAAC,gDAAgD,EAAE,EAAE,CAAC,CAAC;QACpE,0EAA0E;QAC1E,qCAAqC;IACvC,CAAC;AACH,CAAC"}

package/backend/dist/db/migrations/006_refresh_tokens.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+/**
+ * Migration: Add refresh_tokens table for CLOUD mode auth (short-lived access JWT + refresh cookie).
+ * Used only in CLOUD mode; table is harmless when empty in SELFHOSTED.
+ */
+export declare const migrationId = "006_refresh_tokens";
+export declare const migrationName = "Add refresh_tokens table for CLOUD mode";
+export declare function up(): Promise<void>;
+export declare function down(): Promise<void>;
+//# sourceMappingURL=006_refresh_tokens.d.ts.map

package/backend/dist/db/migrations/006_refresh_tokens.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"006_refresh_tokens.d.ts","sourceRoot":"","sources":["../../../src/db/migrations/006_refresh_tokens.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,eAAO,MAAM,WAAW,uBAAuB,CAAC;AAChD,eAAO,MAAM,aAAa,4CAA4C,CAAC;AAEvE,wBAAsB,EAAE,kBA8CvB;AAED,wBAAsB,IAAI,kBAKzB"}

package/backend/dist/db/migrations/006_refresh_tokens.js ADDED Viewed

@@ -0,0 +1,61 @@
+/**
+ * Migration: Add refresh_tokens table for CLOUD mode auth (short-lived access JWT + refresh cookie).
+ * Used only in CLOUD mode; table is harmless when empty in SELFHOSTED.
+ */
+import { execute } from '../index.js';
+export const migrationId = '006_refresh_tokens';
+export const migrationName = 'Add refresh_tokens table for CLOUD mode';
+export async function up() {
+    const DB_TYPE = process.env.DB_TYPE || 'sqlite';
+    if (DB_TYPE === 'postgresql') {
+        await execute(`
+      CREATE TABLE IF NOT EXISTS refresh_tokens (
+        id VARCHAR(255) PRIMARY KEY,
+        user_id VARCHAR(255) NOT NULL,
+        token_hash VARCHAR(255) NOT NULL,
+        expires_at TIMESTAMP NOT NULL,
+        revoked BOOLEAN DEFAULT FALSE,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
+      )
+    `, []);
+        await execute(`
+      CREATE INDEX IF NOT EXISTS idx_refresh_tokens_token_hash ON refresh_tokens(token_hash)
+    `, []);
+        await execute(`
+      CREATE INDEX IF NOT EXISTS idx_refresh_tokens_user_id ON refresh_tokens(user_id)
+    `, []);
+        await execute(`
+      CREATE INDEX IF NOT EXISTS idx_refresh_tokens_expires_at ON refresh_tokens(expires_at)
+    `, []);
+    }
+    else {
+        await execute(`
+      CREATE TABLE IF NOT EXISTS refresh_tokens (
+        id TEXT PRIMARY KEY,
+        user_id TEXT NOT NULL,
+        token_hash TEXT NOT NULL,
+        expires_at TEXT NOT NULL,
+        revoked INTEGER DEFAULT 0,
+        created_at TEXT DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
+      )
+    `, []);
+        await execute(`
+      CREATE INDEX IF NOT EXISTS idx_refresh_tokens_token_hash ON refresh_tokens(token_hash)
+    `, []);
+        await execute(`
+      CREATE INDEX IF NOT EXISTS idx_refresh_tokens_user_id ON refresh_tokens(user_id)
+    `, []);
+        await execute(`
+      CREATE INDEX IF NOT EXISTS idx_refresh_tokens_expires_at ON refresh_tokens(expires_at)
+    `, []);
+    }
+}
+export async function down() {
+    await execute(`DROP INDEX IF EXISTS idx_refresh_tokens_expires_at`, []);
+    await execute(`DROP INDEX IF EXISTS idx_refresh_tokens_user_id`, []);
+    await execute(`DROP INDEX IF EXISTS idx_refresh_tokens_token_hash`, []);
+    await execute(`DROP TABLE IF EXISTS refresh_tokens`, []);
+}
+//# sourceMappingURL=006_refresh_tokens.js.map

package/backend/dist/db/migrations/006_refresh_tokens.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"006_refresh_tokens.js","sourceRoot":"","sources":["../../../src/db/migrations/006_refresh_tokens.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAEtC,MAAM,CAAC,MAAM,WAAW,GAAG,oBAAoB,CAAC;AAChD,MAAM,CAAC,MAAM,aAAa,GAAG,yCAAyC,CAAC;AAEvE,MAAM,CAAC,KAAK,UAAU,EAAE;IACtB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,QAAQ,CAAC;IAEhD,IAAI,OAAO,KAAK,YAAY,EAAE,CAAC;QAC7B,MAAM,OAAO,CAAC;;;;;;;;;;KAUb,EAAE,EAAE,CAAC,CAAC;QACP,MAAM,OAAO,CAAC;;KAEb,EAAE,EAAE,CAAC,CAAC;QACP,MAAM,OAAO,CAAC;;KAEb,EAAE,EAAE,CAAC,CAAC;QACP,MAAM,OAAO,CAAC;;KAEb,EAAE,EAAE,CAAC,CAAC;IACT,CAAC;SAAM,CAAC;QACN,MAAM,OAAO,CAAC;;;;;;;;;;KAUb,EAAE,EAAE,CAAC,CAAC;QACP,MAAM,OAAO,CAAC;;KAEb,EAAE,EAAE,CAAC,CAAC;QACP,MAAM,OAAO,CAAC;;KAEb,EAAE,EAAE,CAAC,CAAC;QACP,MAAM,OAAO,CAAC;;KAEb,EAAE,EAAE,CAAC,CAAC;IACT,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,IAAI;IACxB,MAAM,OAAO,CAAC,oDAAoD,EAAE,EAAE,CAAC,CAAC;IACxE,MAAM,OAAO,CAAC,iDAAiD,EAAE,EAAE,CAAC,CAAC;IACrE,MAAM,OAAO,CAAC,oDAAoD,EAAE,EAAE,CAAC,CAAC;IACxE,MAAM,OAAO,CAAC,qCAAqC,EAAE,EAAE,CAAC,CAAC;AAC3D,CAAC"}

package/backend/dist/db/migrations/007_password_reset_token_hash.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+/**
+ * Migration: Add token_hash to password_reset_tokens; store only hash, not plaintext token.
+ * New rows use token_hash for lookup; token column holds placeholder 'h:'+id. Legacy rows
+ * (token_hash IS NULL) are looked up by token and migrated on use.
+ */
+export declare const migrationId = "007_password_reset_token_hash";
+export declare const migrationName = "Add password_reset_tokens.token_hash for secure storage";
+export declare function up(): Promise<void>;
+export declare function down(): Promise<void>;
+//# sourceMappingURL=007_password_reset_token_hash.d.ts.map

package/backend/dist/db/migrations/007_password_reset_token_hash.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"007_password_reset_token_hash.d.ts","sourceRoot":"","sources":["../../../src/db/migrations/007_password_reset_token_hash.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,eAAO,MAAM,WAAW,kCAAkC,CAAC;AAC3D,eAAO,MAAM,aAAa,4DAA4D,CAAC;AAEvF,wBAAsB,EAAE,kBAsBvB;AAED,wBAAsB,IAAI,kBAOzB"}

package/backend/dist/db/migrations/007_password_reset_token_hash.js ADDED Viewed

@@ -0,0 +1,40 @@
+/**
+ * Migration: Add token_hash to password_reset_tokens; store only hash, not plaintext token.
+ * New rows use token_hash for lookup; token column holds placeholder 'h:'+id. Legacy rows
+ * (token_hash IS NULL) are looked up by token and migrated on use.
+ */
+import { execute } from '../index.js';
+export const migrationId = '007_password_reset_token_hash';
+export const migrationName = 'Add password_reset_tokens.token_hash for secure storage';
+export async function up() {
+    const DB_TYPE = process.env.DB_TYPE || 'sqlite';
+    if (DB_TYPE === 'postgresql') {
+        await execute(`
+      ALTER TABLE password_reset_tokens
+      ADD COLUMN IF NOT EXISTS token_hash VARCHAR(255)
+    `, []);
+        await execute(`
+      CREATE INDEX IF NOT EXISTS idx_password_reset_tokens_token_hash
+      ON password_reset_tokens(token_hash)
+    `, []);
+    }
+    else {
+        // SQLite: ADD COLUMN only
+        await execute(`
+      ALTER TABLE password_reset_tokens ADD COLUMN token_hash TEXT
+    `, []);
+        await execute(`
+      CREATE INDEX IF NOT EXISTS idx_password_reset_tokens_token_hash
+      ON password_reset_tokens(token_hash)
+    `, []);
+    }
+}
+export async function down() {
+    await execute(`DROP INDEX IF EXISTS idx_password_reset_tokens_token_hash`, []);
+    // SQLite does not support DROP COLUMN easily; leave column for safety
+    const DB_TYPE = process.env.DB_TYPE || 'sqlite';
+    if (DB_TYPE === 'postgresql') {
+        await execute(`ALTER TABLE password_reset_tokens DROP COLUMN IF EXISTS token_hash`, []);
+    }
+}
+//# sourceMappingURL=007_password_reset_token_hash.js.map