add password expiry enforcement

2026-02-10 06:56:40 +00:00 · 2025-10-24 17:11:39 -07:00
parent 39d6b93d42
commit 1e70e4289b
17 changed files with 1028 additions and 71 deletions
--- a/server/db/sqlite/schema/schema.ts
+++ b/server/db/sqlite/schema/schema.ts
@@ -20,7 +20,8 @@ export const orgs = sqliteTable("orgs", {
    subnet: text("subnet"),
    createdAt: text("createdAt"),
    requireTwoFactor: integer("requireTwoFactor", { mode: "boolean" }),
-    maxSessionLengthHours: integer("maxSessionLengthHours") // hours
+    maxSessionLengthHours: integer("maxSessionLengthHours"), // hours
+    passwordExpiryDays: integer("passwordExpiryDays") // days
 });

 export const userDomains = sqliteTable("userDomains", {
@@ -229,7 +230,8 @@ export const users = sqliteTable("user", {
    termsVersion: text("termsVersion"),
    serverAdmin: integer("serverAdmin", { mode: "boolean" })
        .notNull()
-        .default(false)
+        .default(false),
+    lastPasswordChange: integer("lastPasswordChange")
 });

 export const securityKeys = sqliteTable("webauthnCredentials", {