重构认证授权逻辑，集中到 auth 包中

2025-05-12 10:07:12 +08:00
parent cfdee98a1b
commit 2c37dcc2be
40 changed files with 905 additions and 455 deletions
--- a/scripts/sql/init.sql
+++ b/scripts/sql/init.sql
@@ -295,6 +295,52 @@ comment on column client.deleted_at is '删除时间';
 -- region 权限信息
 -- ====================

+-- session
+drop table if exists session cascade;
+create table session (
+    id                    serial primary key,
+    user_id               int references "user" (id)
+        on update cascade
+        on delete cascade,
+    client_id             int references client (id)
+        on update cascade
+        on delete cascade,
+    ip                    varchar(45),
+    ua                    varchar(255),
+    grant_type            varchar(255) not null default 0,
+    access_token          varchar(255) not null unique,
+    access_token_expires  timestamp    not null,
+    refresh_token         varchar(255) unique,
+    refresh_token_expires timestamp,
+    scopes                varchar(255),
+    created_at            timestamp             default current_timestamp,
+    updated_at            timestamp             default current_timestamp,
+    deleted_at            timestamp
+);
+create index session_user_id_index on session (user_id);
+create index session_client_id_index on session (client_id);
+create index session_access_token_index on session (access_token);
+create index session_refresh_token_index on session (refresh_token);
+create index session_created_at_index on session (created_at);
+create index session_deleted_at_index on session (deleted_at);
+
+-- session表字段注释
+comment on table session is '会话表';
+comment on column session.id is '会话ID';
+comment on column session.user_id is '用户ID';
+comment on column session.client_id is '客户端ID';
+comment on column session.ip is 'IP地址';
+comment on column session.ua is '用户代理';
+comment on column session.grant_type is '授权类型：authorization_code-授权码模式，client_credentials-客户端凭证模式，refresh_token-刷新令牌模式，password-密码模式';
+comment on column session.access_token is '访问令牌';
+comment on column session.access_token_expires is '访问令牌过期时间';
+comment on column session.refresh_token is '刷新令牌';
+comment on column session.refresh_token_expires is '刷新令牌过期时间';
+comment on column session.scopes is '权限范围';
+comment on column session.created_at is '创建时间';
+comment on column session.updated_at is '更新时间';
+comment on column session.deleted_at is '删除时间';
+
 -- permission
 drop table if exists permission cascade;
 create table permission (