Mike Swanson
3fc4e1f96a
- Database schema: users, permissions, client_access tables - Auth: JWT tokens with Argon2 password hashing - API: login, user CRUD, permission management - Dashboard: login required, admin Users tab - Auto-creates initial admin user on first run
45 lines
1.5 KiB
SQL
45 lines
1.5 KiB
SQL
-- GuruConnect User Management Schema
|
|
-- User authentication, roles, and per-client access control
|
|
|
|
-- Users table
|
|
CREATE TABLE users (
|
|
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
|
|
username VARCHAR(64) UNIQUE NOT NULL,
|
|
password_hash VARCHAR(255) NOT NULL,
|
|
email VARCHAR(255),
|
|
role VARCHAR(32) NOT NULL DEFAULT 'viewer',
|
|
enabled BOOLEAN NOT NULL DEFAULT true,
|
|
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
|
|
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
|
|
last_login TIMESTAMPTZ
|
|
);
|
|
|
|
-- Granular permissions (what actions a user can perform)
|
|
CREATE TABLE user_permissions (
|
|
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
|
|
user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
|
|
permission VARCHAR(64) NOT NULL,
|
|
UNIQUE(user_id, permission)
|
|
);
|
|
|
|
-- Per-client access (which machines a user can access)
|
|
-- No entries = access to all clients (for admins)
|
|
CREATE TABLE user_client_access (
|
|
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
|
|
user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
|
|
client_id UUID NOT NULL REFERENCES connect_machines(id) ON DELETE CASCADE,
|
|
UNIQUE(user_id, client_id)
|
|
);
|
|
|
|
-- Indexes
|
|
CREATE INDEX idx_users_username ON users(username);
|
|
CREATE INDEX idx_users_enabled ON users(enabled);
|
|
CREATE INDEX idx_user_permissions_user ON user_permissions(user_id);
|
|
CREATE INDEX idx_user_client_access_user ON user_client_access(user_id);
|
|
|
|
-- Trigger for updated_at
|
|
CREATE TRIGGER update_users_updated_at
|
|
BEFORE UPDATE ON users
|
|
FOR EACH ROW
|
|
EXECUTE FUNCTION update_connect_updated_at();
|