Files
Beyhan Oğur e04ba85564 first commit
2026-04-26 21:40:14 +03:00

28 lines
1.2 KiB
Go

package models
import (
"time"
"gorm.io/gorm"
)
// RefreshToken represents a server-side record of issued refresh tokens
// to support rotation, revocation and reuse detection.
type RefreshToken struct {
gorm.Model
UserID uint64 `gorm:"type:bigint unsigned;not null;index" json:"user_id"`
TokenID string `gorm:"type:varchar(128);not null;uniqueIndex" json:"token_id"`
// TokenHash is SHA-256 hex of the refresh token string (64 chars).
// Stored instead of the raw token for security, while still allowing debug/lookup.
TokenHash string `gorm:"type:char(64);index" json:"token_hash"`
// TokenFingerprint is a masked representation (e.g. first6...last4) to help operators
// visually correlate DB rows with logs without storing full token.
TokenFingerprint string `gorm:"type:varchar(32);index" json:"token_fingerprint"`
ExpiresAt time.Time `gorm:"index" json:"expires_at"`
SessionExpiresAt *time.Time `gorm:"index" json:"session_expires_at,omitempty"`
Revoked bool `gorm:"index" json:"revoked"`
ReplacedByTokenID string `gorm:"type:varchar(128)" json:"replaced_by_token_id"`
UserAgent string `gorm:"type:varchar(255)" json:"user_agent"`
IP string `gorm:"type:varchar(64)" json:"ip"`
}