chore(schema): add Token.revokedAt for surgical token revocation (#11)

Pre-requisite for the live-policy auth rewrite in #11. The new revoke_token admin RPC needs a way to mark a single Token as revoked without nuking the whole KeyUser (revoke_user) or conflating with future expiry cleanup (deletedAt). Nullable DateTime — existing rows default to NULL (active), no data migration needed. refs: #11
2026-05-30 15:25:16 +00:00 · 2026-05-30 13:23:52 +02:00 · 2026-05-30 13:23:52 +02:00
commit eb6c86a4d1
2 changed files with 3 additions and 0 deletions
--- a/prisma/migrations/20260530112308_add_token_revoked_at/migration.sql
+++ b/prisma/migrations/20260530112308_add_token_revoked_at/migration.sql
@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "Token" ADD COLUMN "revokedAt" DATETIME;
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@ -110,6 +110,7 @@ model Token {
  deletedAt  DateTime?
  expiresAt  DateTime?
  redeemedAt DateTime?
+  revokedAt  DateTime?
  keyUserId  Int?
  policyId   Int?
  policy     Policy?   @relation(fields: [policyId], references: [id])