Skip to main content
The authentication schema manages user accounts, session management, OAuth integrations, and email verification.

User Table

Core user account information with JSONB settings for flexible configuration.

Schema Definition

id
text
required
Primary key - unique user identifier
name
text
required
User’s display name
email
text
required
User’s email address (unique constraint)
emailVerified
boolean
default:"false"
required
Whether the email address has been verified
image
text
URL to user’s profile image (optional)
createdAt
timestamp
default:"now()"
required
Account creation timestamp
updatedAt
timestamp
default:"now()"
required
Last update timestamp (auto-updates on modification)
settings
jsonb
default:"{}"
required
User settings stored as JSONB
canvasApiKey
string
Canvas LMS API key for integration
canvasDomain
string
Canvas LMS domain (e.g., “school.instructure.com”)

Relationships

  • Has many session records (cascade delete)
  • Has many account records (cascade delete)
  • Has many todo records (cascade delete)
  • Has many studySet records (cascade delete)

Session Table

Manages user authentication sessions with expiration and tracking.

Schema Definition

id
text
required
Primary key - unique session identifier
expiresAt
timestamp
required
Session expiration timestamp
token
text
required
Session token (unique constraint)
createdAt
timestamp
default:"now()"
required
Session creation timestamp
updatedAt
timestamp
required
Last update timestamp (auto-updates on modification)
ipAddress
text
IP address from which session was created (optional)
userAgent
text
Browser/client user agent string (optional)
userId
text
required
Foreign key to user.id (cascade delete)

Relationships

  • Belongs to user (cascade delete when user is removed)

Account Table

Stores OAuth provider credentials and authentication tokens.

Schema Definition

id
text
required
Primary key - unique account identifier
accountId
text
required
Provider’s account identifier
providerId
text
required
OAuth provider identifier (e.g., “google”, “github”)
userId
text
required
Foreign key to user.id (cascade delete)
accessToken
text
OAuth access token (optional)
refreshToken
text
OAuth refresh token (optional)
idToken
text
OAuth ID token (optional)
accessTokenExpiresAt
timestamp
Access token expiration timestamp (optional)
refreshTokenExpiresAt
timestamp
Refresh token expiration timestamp (optional)
scope
text
OAuth scope string (optional)
password
text
Hashed password for credential-based auth (optional)
createdAt
timestamp
default:"now()"
required
Account creation timestamp
updatedAt
timestamp
default:"now()"
required
Last update timestamp (auto-updates on modification)

Relationships

  • Belongs to user (cascade delete when user is removed)

Verification Table

Manages email verification tokens and other verification processes.

Schema Definition

id
text
required
Primary key - unique verification identifier
identifier
text
required
Identifier to verify (e.g., email address)
value
text
required
Verification token value
expiresAt
timestamp
required
Verification token expiration timestamp
createdAt
timestamp
default:"now()"
required
Verification creation timestamp
updatedAt
timestamp
default:"now()"
required
Last update timestamp (auto-updates on modification)

Usage

Verification records are typically short-lived and used for:
  • Email verification during registration
  • Password reset tokens
  • Two-factor authentication codes

Database Configuration

Source: apps/web/src/db/schema/auth.ts All foreign keys use { onDelete: "cascade" } to automatically remove dependent records when a user is deleted.

Build docs developers (and LLMs) love

Get started for freeTalk to us