feat(auth): add password_hash column + bcrypt helper for Auth.js Credentials provider
- Migration 0002 adds nullable password_hash to users (idempotent) - src/lib/passwords.ts: encode/verify with self-describing format (algo$N$salt$hash) so we can migrate to a stronger KDF later - Schema adds passwordHash column; OAuth-only users leave it null
This commit is contained in:
@@ -35,6 +35,13 @@ export const users = pgTable(
|
||||
email: text("email").unique(),
|
||||
name: text("name"),
|
||||
image: text("image"),
|
||||
/**
|
||||
* Bcrypt / scrypt / argon2 hash, or null for OAuth-only users.
|
||||
* Format is self-describing (algorithm$N$salt$hash) so we can
|
||||
* migrate to a stronger KDF later without losing existing hashes.
|
||||
* See `src/lib/passwords.ts` for the encoder/decoder.
|
||||
*/
|
||||
passwordHash: text("password_hash"),
|
||||
authProvider: text("auth_provider", { enum: authProviderEnum })
|
||||
.notNull()
|
||||
.default("dev"),
|
||||
|
||||
Reference in New Issue
Block a user