Database Models

AuthTuna uses a set of SQLAlchemy ORM models to represent users, roles, permissions, and other security-related data. Understanding these models is key to extending AuthTuna's functionality and building custom queries.

User

The `User` model is the core of the system, representing an individual user account.

  • `id`: A unique identifier for the user.
  • `username`: The user's username. This is case-insensitive.
  • `email`: The user's email address. This is case-insensitive.
  • `is_active`: A boolean indicating whether the user's account is active.
  • `password_hash`: The user's hashed password.
  • `email_verified`: A boolean indicating whether the user's email address has been verified.
  • `requires_password_reset`: A boolean indicating whether the user is required to reset their password.
  • `mfa_enabled`: A boolean indicating whether the user has multi-factor authentication enabled.
  • `created_at`: The timestamp when the user's account was created.
  • `last_login`: The timestamp of the user's last login.

Role

The `Role` model represents a role that can be assigned to a user.

  • `id`: A unique identifier for the role.
  • `name`: The name of the role.
  • `description`: A description of the role.
  • `system`: A boolean indicating whether the role is a system role.
  • `level`: An integer representing the role's level in the hierarchy.

Permission

The `Permission` model represents a permission that can be granted to a role.

  • `id`: A unique identifier for the permission.
  • `name`: The name of the permission.
  • `description`: A description of the permission.
  • `system`: A boolean indicating whether the permission is a system permission.

Session

The `Session` model represents an active user session.

  • `session_id`: A unique identifier for the session.
  • `user_id`: The ID of the user who owns the session.
  • `region`: The region where the session was initiated.
  • `device`: The device where the session was initiated.
  • `active`: A boolean indicating whether the session is active.
  • `ctime`: The timestamp when the session was created.
  • `mtime`: The timestamp when the session was last modified.
  • `etime`: The timestamp when the session will expire.
  • `e_abs_time`: The absolute expiry time of the session.
  • `create_ip`: The IP address where the session was created.
  • `last_ip`: The last IP address used for the session.
  • `random_string`: A random string used to mitigate replay attacks.
  • `previous_random_strings`: A list of previous random strings.

Token

The `Token` model represents a token that can be used for various purposes, such as email verification or password reset.

  • `id`: A unique identifier for the token.
  • `purpose`: The purpose of the token.
  • `user_id`: The ID of the user who owns the token.
  • `ctime`: The timestamp when the token was created.
  • `etime`: The timestamp when the token will expire.
  • `used`: A boolean indicating whether the token has been used.
  • `new_gen_id`: The ID of the new token that was generated to replace this one.