Merge branch 'clients-user' into refactor/separate-tables

2026-02-24 13:56:39 +00:00 · 2025-12-03 17:01:50 +01:00
parent cb3861a5c8 152fb47ca4
commit 3870ced635
50 changed files with 1945 additions and 562 deletions
--- a/server/db/pg/schema/schema.ts
+++ b/server/db/pg/schema/schema.ts
@@ -11,6 +11,7 @@ import {
 } from "drizzle-orm/pg-core";
 import { InferSelectModel } from "drizzle-orm";
 import { randomUUID } from "crypto";
+import { alias } from "yargs";

 export const domains = pgTable("domains", {
    domainId: varchar("domainId").primaryKey(),
@@ -40,6 +41,7 @@ export const orgs = pgTable("orgs", {
    orgId: varchar("orgId").primaryKey(),
    name: varchar("name").notNull(),
    subnet: varchar("subnet"),
+    utilitySubnet: varchar("utilitySubnet"), // this is the subnet for utility addresses
    createdAt: text("createdAt"),
    requireTwoFactor: boolean("requireTwoFactor"),
    maxSessionLengthHours: integer("maxSessionLengthHours"),
@@ -209,7 +211,8 @@ export const siteResources = pgTable("siteResources", {
    destinationPort: integer("destinationPort"), // only for port mode
    destination: varchar("destination").notNull(), // ip, cidr, hostname; validate against the mode
    enabled: boolean("enabled").notNull().default(true),
-    alias: varchar("alias")
+    alias: varchar("alias"),
+    aliasAddress: varchar("aliasAddress")
 });

 export const clientSiteResources = pgTable("clientSiteResources", {
@@ -284,7 +287,8 @@ export const sessions = pgTable("session", {
        .notNull()
        .references(() => users.userId, { onDelete: "cascade" }),
    expiresAt: bigint("expiresAt", { mode: "number" }).notNull(),
-    issuedAt: bigint("issuedAt", { mode: "number" })
+    issuedAt: bigint("issuedAt", { mode: "number" }),
+    deviceAuthUsed: boolean("deviceAuthUsed").notNull().default(false)
 });

 export const newtSessions = pgTable("newtSession", {
@@ -661,7 +665,8 @@ export const clientSitesAssociationsCache = pgTable(
            .notNull(),
        siteId: integer("siteId").notNull(),
        isRelayed: boolean("isRelayed").notNull().default(false),
-        endpoint: varchar("endpoint")
+        endpoint: varchar("endpoint"),
+        publicKey: varchar("publicKey") // this will act as the session's public key for hole punching so we can track when it changes
    }
 );

--- a/server/db/sqlite/schema/schema.ts
+++ b/server/db/sqlite/schema/schema.ts
@@ -1,6 +1,7 @@
 import { randomUUID } from "crypto";
 import { InferSelectModel } from "drizzle-orm";
 import { sqliteTable, text, integer, index } from "drizzle-orm/sqlite-core";
+import { no } from "zod/v4/locales";

 export const domains = sqliteTable("domains", {
    domainId: text("domainId").primaryKey(),
@@ -32,6 +33,7 @@ export const orgs = sqliteTable("orgs", {
    orgId: text("orgId").primaryKey(),
    name: text("name").notNull(),
    subnet: text("subnet"),
+    utilitySubnet: text("utilitySubnet"), // this is the subnet for utility addresses
    createdAt: text("createdAt"),
    requireTwoFactor: integer("requireTwoFactor", { mode: "boolean" }),
    maxSessionLengthHours: integer("maxSessionLengthHours"), // hours
@@ -230,7 +232,8 @@ export const siteResources = sqliteTable("siteResources", {
    destinationPort: integer("destinationPort"), // only for port mode
    destination: text("destination").notNull(), // ip, cidr, hostname
    enabled: integer("enabled", { mode: "boolean" }).notNull().default(true),
-    alias: text("alias")
+    alias: text("alias"),
+    aliasAddress: text("aliasAddress")
 });

 export const clientSiteResources = sqliteTable("clientSiteResources", {
@@ -370,7 +373,8 @@ export const clientSitesAssociationsCache = sqliteTable(
        isRelayed: integer("isRelayed", { mode: "boolean" })
            .notNull()
            .default(false),
-        endpoint: text("endpoint")
+        endpoint: text("endpoint"),
+        publicKey: text("publicKey") // this will act as the session's public key for hole punching so we can track when it changes
    }
 );

@@ -413,7 +417,10 @@ export const sessions = sqliteTable("session", {
        .notNull()
        .references(() => users.userId, { onDelete: "cascade" }),
    expiresAt: integer("expiresAt").notNull(),
-    issuedAt: integer("issuedAt")
+    issuedAt: integer("issuedAt"),
+    deviceAuthUsed: integer("deviceAuthUsed", { mode: "boolean" })
+        .notNull()
+        .default(false)
 });

 export const newtSessions = sqliteTable("newtSession", {