@varaos/db 1.1.14 → 1.1.16

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@varaos/db",
-  "version": "1.1.14",
+  "version": "1.1.16",
   "private": false,
   "main": "index.js",
   "files": [

package/prisma/migrations/20251231113444_add_account_billing_usage_security_foundations/migration.sql

@@ -0,0 +1,170 @@
+-- CreateEnum
+CREATE TYPE "public"."AuthType" AS ENUM ('credentials', 'oauth', 'hybrid');
+
+-- AlterEnum
+-- This migration adds more than one value to an enum.
+-- With PostgreSQL versions 11 and earlier, this is not possible
+-- in a single migration. This can be worked around by creating
+-- multiple migrations, each migration adding only one value to
+-- the enum.
+
+
+ALTER TYPE "public"."Plan" ADD VALUE 'starter';
+ALTER TYPE "public"."Plan" ADD VALUE 'business';
+
+-- AlterTable
+ALTER TABLE "public"."Subscription" ADD COLUMN     "razorpayCustomerId" TEXT,
+ADD COLUMN     "razorpayPlanId" TEXT,
+ADD COLUMN     "razorpaySubscriptionId" TEXT;
+
+-- AlterTable
+ALTER TABLE "public"."TokenTransaction" ADD COLUMN     "billingPeriod" TEXT,
+ADD COLUMN     "integration" TEXT,
+ADD COLUMN     "source" TEXT,
+ADD COLUMN     "workspaceId" TEXT;
+
+-- AlterTable
+ALTER TABLE "public"."User" ADD COLUMN     "authType" "public"."AuthType" NOT NULL DEFAULT 'oauth',
+ADD COLUMN     "avatarOverrideUrl" TEXT,
+ADD COLUMN     "passwordStrength" TEXT;
+
+-- CreateTable
+CREATE TABLE "public"."UserSession" (
+    "id" TEXT NOT NULL,
+    "userId" TEXT NOT NULL,
+    "ip" TEXT,
+    "userAgent" TEXT,
+    "lastUsed" TIMESTAMP(3) NOT NULL,
+    "revoked" BOOLEAN NOT NULL DEFAULT false,
+    "revokedAt" TIMESTAMP(3),
+    "expiresAt" TIMESTAMP(3) NOT NULL,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "UserSession_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "public"."UserEmail" (
+    "id" TEXT NOT NULL,
+    "userId" TEXT NOT NULL,
+    "email" TEXT NOT NULL,
+    "verified" BOOLEAN NOT NULL DEFAULT false,
+    "primary" BOOLEAN NOT NULL DEFAULT false,
+    "type" TEXT,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "UserEmail_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "public"."UsageAggregate" (
+    "id" TEXT NOT NULL,
+    "userId" TEXT NOT NULL,
+    "workspaceId" TEXT,
+    "billingPeriod" TEXT NOT NULL,
+    "source" TEXT NOT NULL,
+    "tokensUsed" INTEGER NOT NULL,
+    "requestCount" INTEGER NOT NULL,
+    "updatedAt" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "UsageAggregate_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "public"."SecurityEvent" (
+    "id" TEXT NOT NULL,
+    "userId" TEXT,
+    "type" TEXT NOT NULL,
+    "ip" TEXT,
+    "userAgent" TEXT,
+    "success" BOOLEAN NOT NULL,
+    "metadata" JSONB,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "SecurityEvent_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "public"."Invoice" (
+    "id" TEXT NOT NULL,
+    "userId" TEXT NOT NULL,
+    "subscriptionId" TEXT,
+    "razorpayInvoiceId" TEXT NOT NULL,
+    "amount" INTEGER NOT NULL,
+    "currency" TEXT NOT NULL,
+    "status" TEXT NOT NULL,
+    "periodStart" TIMESTAMP(3) NOT NULL,
+    "periodEnd" TIMESTAMP(3) NOT NULL,
+    "pdfUrl" TEXT,
+    "metadata" JSONB,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "Invoice_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "public"."BillingEvent" (
+    "id" TEXT NOT NULL,
+    "provider" TEXT NOT NULL,
+    "eventType" TEXT NOT NULL,
+    "eventId" TEXT NOT NULL,
+    "payload" JSONB NOT NULL,
+    "processed" BOOLEAN NOT NULL DEFAULT false,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "BillingEvent_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateTable
+CREATE TABLE "public"."PaymentMethod" (
+    "id" TEXT NOT NULL,
+    "userId" TEXT NOT NULL,
+    "provider" TEXT NOT NULL,
+    "type" TEXT NOT NULL,
+    "brand" TEXT,
+    "last4" TEXT,
+    "expMonth" INTEGER,
+    "expYear" INTEGER,
+    "isDefault" BOOLEAN NOT NULL DEFAULT true,
+    "metadata" JSONB,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" TIMESTAMP(3) NOT NULL,
+
+    CONSTRAINT "PaymentMethod_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateIndex
+CREATE INDEX "UserSession_userId_idx" ON "public"."UserSession"("userId");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "UserEmail_email_key" ON "public"."UserEmail"("email");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "UsageAggregate_userId_workspaceId_billingPeriod_source_key" ON "public"."UsageAggregate"("userId", "workspaceId", "billingPeriod", "source");
+
+-- CreateIndex
+CREATE INDEX "SecurityEvent_userId_createdAt_idx" ON "public"."SecurityEvent"("userId", "createdAt");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "BillingEvent_eventId_key" ON "public"."BillingEvent"("eventId");
+
+-- CreateIndex
+CREATE INDEX "BillingEvent_provider_eventType_idx" ON "public"."BillingEvent"("provider", "eventType");
+
+-- CreateIndex
+CREATE INDEX "Subscription_razorpayCustomerId_idx" ON "public"."Subscription"("razorpayCustomerId");
+
+-- CreateIndex
+CREATE INDEX "Subscription_razorpaySubscriptionId_idx" ON "public"."Subscription"("razorpaySubscriptionId");
+
+-- AddForeignKey
+ALTER TABLE "public"."UserSession" ADD CONSTRAINT "UserSession_userId_fkey" FOREIGN KEY ("userId") REFERENCES "public"."User"("id") ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "public"."UserEmail" ADD CONSTRAINT "UserEmail_userId_fkey" FOREIGN KEY ("userId") REFERENCES "public"."User"("id") ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "public"."Invoice" ADD CONSTRAINT "Invoice_userId_fkey" FOREIGN KEY ("userId") REFERENCES "public"."User"("id") ON DELETE RESTRICT ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "public"."PaymentMethod" ADD CONSTRAINT "PaymentMethod_userId_fkey" FOREIGN KEY ("userId") REFERENCES "public"."User"("id") ON DELETE CASCADE ON UPDATE CASCADE;

package/prisma/migrations/20260103095101_add_user_storage_quota_fields/migration.sql

@@ -0,0 +1,3 @@
+-- AlterTable
+ALTER TABLE "public"."User" ADD COLUMN     "storageLimit" BIGINT NOT NULL DEFAULT 524288000,
+ADD COLUMN     "storageUsed" BIGINT NOT NULL DEFAULT 0;

package/prisma/migrations/20260103095321_add_user_file_storage_tracking/migration.sql

@@ -0,0 +1,21 @@
+-- CreateTable
+CREATE TABLE "public"."UserFile" (
+    "id" TEXT NOT NULL,
+    "userId" TEXT NOT NULL,
+    "path" TEXT NOT NULL,
+    "size" BIGINT NOT NULL,
+    "mimeType" TEXT NOT NULL,
+    "category" TEXT NOT NULL,
+    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    CONSTRAINT "UserFile_pkey" PRIMARY KEY ("id")
+);
+
+-- CreateIndex
+CREATE INDEX "UserFile_userId_idx" ON "public"."UserFile"("userId");
+
+-- CreateIndex
+CREATE INDEX "UserFile_category_idx" ON "public"."UserFile"("category");
+
+-- AddForeignKey
+ALTER TABLE "public"."UserFile" ADD CONSTRAINT "UserFile_userId_fkey" FOREIGN KEY ("userId") REFERENCES "public"."User"("id") ON DELETE CASCADE ON UPDATE CASCADE;

package/prisma/schema.prisma

@@ -34,10 +34,18 @@ enum Status {
 
 enum Plan {
   free
+  starter
   pro
+  business
   enterprise
 }
 
+enum AuthType {
+  credentials
+  oauth
+  hybrid
+}
+
 enum MessageRole {
   user
   assistant
@@ -65,9 +73,12 @@ enum ReactionType {
 /// ─────────────────────────────────────────────
 
 model User {
-  id                 String    @id @default(uuid())
-  name               String
-  image              String?
+  id   String @id @default(uuid())
+  name String
+
+  image             String? // provider image
+  avatarOverrideUrl String?
+
   email              String    @unique
   password           String?
   emailVerified      DateTime?
@@ -86,6 +97,13 @@ model User {
   creditsUsed        Int       @default(0)
   deletedAt          DateTime?
 
+  authType AuthType @default(oauth)
+
+  passwordStrength String? // weak | medium | strong
+
+  storageUsed  BigInt @default(0) // bytes
+  storageLimit BigInt @default(524288000) // 500 MB (beta)
+
   accounts           Account[]
   integrations       Integration[]
   tokenTransactions  TokenTransaction[]
@@ -99,13 +117,65 @@ model User {
   Onboarding         Onboarding?
   ChatSession        ChatSession[]
 
-  createdAt DateTime @default(now())
-  updatedAt DateTime @updatedAt
-  posts     Post[]
+  createdAt      DateTime        @default(now())
+  updatedAt      DateTime        @updatedAt
+  posts          Post[]
+  userSessions   UserSession[]
+  paymentMethods PaymentMethod[]
+  userEmails     UserEmail[]
+  invoices       Invoice[]
+  userFiles      UserFile[]
 
   @@index([status])
 }
 
+model UserFile {
+  id     String @id @default(uuid())
+  userId String
+
+  path     String // local path or CDN URL
+  size     BigInt // bytes
+  mimeType String
+  category String // avatar | memory | export | attachment
+
+  createdAt DateTime @default(now())
+
+  user User @relation(fields: [userId], references: [id], onDelete: Cascade)
+
+  @@index([userId])
+  @@index([category])
+}
+
+model UserSession {
+  id        String   @id @default(uuid())
+  userId    String
+  ip        String?
+  userAgent String?
+  lastUsed  DateTime
+
+  revoked   Boolean   @default(false)
+  revokedAt DateTime?
+
+  expiresAt DateTime
+  createdAt DateTime @default(now())
+
+  user User @relation(fields: [userId], references: [id], onDelete: Cascade)
+
+  @@index([userId])
+}
+
+model UserEmail {
+  id        String   @id @default(uuid())
+  userId    String
+  email     String   @unique
+  verified  Boolean  @default(false)
+  primary   Boolean  @default(false)
+  type      String? // billing | security | notifications
+  createdAt DateTime @default(now())
+
+  user User @relation(fields: [userId], references: [id], onDelete: Cascade)
+}
+
 model Account {
   id                String  @id @default(uuid())
   userId            String
@@ -261,14 +331,34 @@ model AIAgent {
   ChatSession       ChatSession[]
 }
 
+model UsageAggregate {
+  id            String   @id @default(uuid())
+  userId        String
+  workspaceId   String?
+  billingPeriod String
+  source        String // chat | automation | api
+  tokensUsed    Int
+  requestCount  Int
+  updatedAt     DateTime @updatedAt
+
+  @@unique([userId, workspaceId, billingPeriod, source])
+}
+
 model TokenTransaction {
-  id         String   @id @default(uuid())
+  id         String  @id @default(uuid())
   userId     String
   agentId    String?
   tokensUsed Int
   action     String
-  metadata   Json?
-  createdAt  DateTime @default(now())
+
+  source      String? // chat | automation | api
+  workspaceId String?
+  integration String?
+
+  billingPeriod String? // e.g. "2025-01" (YYYY-MM)
+
+  metadata  Json?
+  createdAt DateTime @default(now())
 
   user  User     @relation(fields: [userId], references: [id])
   agent AIAgent? @relation(fields: [agentId], references: [id])
@@ -519,6 +609,19 @@ model AuditLog {
   @@index([userId, createdAt])
 }
 
+model SecurityEvent {
+  id        String   @id @default(uuid())
+  userId    String?
+  type      String // login | logout | password_change | session_revoked
+  ip        String?
+  userAgent String?
+  success   Boolean
+  metadata  Json?
+  createdAt DateTime @default(now())
+
+  @@index([userId, createdAt])
+}
+
 /// ─────────────────────────────────────────────
 /// BILLING / WAITLIST / JOBS / ONBOARDING
 /// ─────────────────────────────────────────────
@@ -527,13 +630,71 @@ model Subscription {
   id          String    @id @default(uuid())
   userId      String
   plan        Plan
-  status      String
+  status      String // active | trialing | past_due | canceled
   startedAt   DateTime
   endedAt     DateTime?
   nextPayment DateTime?
-  metadata    Json?
+
+  razorpayCustomerId     String?
+  razorpaySubscriptionId String?
+  razorpayPlanId         String?
+
+  metadata Json?
 
   user User @relation(fields: [userId], references: [id])
+
+  @@index([razorpayCustomerId])
+  @@index([razorpaySubscriptionId])
+}
+
+model Invoice {
+  id                String   @id @default(uuid())
+  userId            String
+  subscriptionId    String?
+  razorpayInvoiceId String
+  amount            Int
+  currency          String
+  status            String // paid | open | failed | refunded
+  periodStart       DateTime
+  periodEnd         DateTime
+  pdfUrl            String?
+  metadata          Json?
+
+  createdAt DateTime @default(now())
+
+  user User @relation(fields: [userId], references: [id])
+}
+
+model BillingEvent {
+  id       String @id @default(uuid())
+  provider String // razorpay
+
+  eventType String
+  eventId   String @unique // razorpay event ID
+
+  payload   Json
+  processed Boolean  @default(false)
+  createdAt DateTime @default(now())
+
+  @@index([provider, eventType])
+}
+
+model PaymentMethod {
+  id        String  @id @default(uuid())
+  userId    String
+  provider  String // razorpay | stripe | paypal
+  type      String // card
+  brand     String?
+  last4     String?
+  expMonth  Int?
+  expYear   Int?
+  isDefault Boolean @default(true)
+  metadata  Json?
+
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+
+  user User @relation(fields: [userId], references: [id], onDelete: Cascade)
 }
 
 model WaitList {