From eb6c86a4d1ae8d053bdb1c2115f057bd4015bc99 Mon Sep 17 00:00:00 2001
From: Padreug <padreug@aiolabs.dev>
Date: Sat, 30 May 2026 13:23:52 +0200
Subject: [PATCH] chore(schema): add Token.revokedAt for surgical token
 revocation (#11)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Pre-requisite for the live-policy auth rewrite in #11. The new
revoke_token admin RPC needs a way to mark a single Token as
revoked without nuking the whole KeyUser (revoke_user) or
conflating with future expiry cleanup (deletedAt).

Nullable DateTime — existing rows default to NULL (active), no
data migration needed.

refs: https://git.atitlan.io/aiolabs/nsecbunkerd/issues/11
---
 .../20260530112308_add_token_revoked_at/migration.sql           | 2 ++
 prisma/schema.prisma                                            | 1 +
 2 files changed, 3 insertions(+)
 create mode 100644 prisma/migrations/20260530112308_add_token_revoked_at/migration.sql

diff --git a/prisma/migrations/20260530112308_add_token_revoked_at/migration.sql b/prisma/migrations/20260530112308_add_token_revoked_at/migration.sql
new file mode 100644
index 0000000..4dbce97
--- /dev/null
+++ b/prisma/migrations/20260530112308_add_token_revoked_at/migration.sql
@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "Token" ADD COLUMN "revokedAt" DATETIME;
diff --git a/prisma/schema.prisma b/prisma/schema.prisma
index e8b5344..f0072ea 100644
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@@ -110,6 +110,7 @@ model Token {
   deletedAt  DateTime?
   expiresAt  DateTime?
   redeemedAt DateTime?
+  revokedAt  DateTime?
   keyUserId  Int?
   policyId   Int?
   policy     Policy?   @relation(fields: [policyId], references: [id])