refactor(auth): redesign authentication and identity models

[Harxhit]

Summary

Redesign the authentication schema to improve account security, support multiple authentication providers, and provide a stronger foundation for future authentication features such as email/password, OAuth, and phone-based login.

Context

The previous authentication design stored provider-specific information directly on the User model, making it difficult to support multiple authentication methods for a single account.

This PR introduces a dedicated identity layer and enhances account management by separating authentication concerns from user profile data. The redesign also improves refresh token tracking, session management, account verification, and auditing capabilities.

Changes

User Identity Redesign

• Introduced a dedicated UserIdentity model.

• Moved authentication provider information out of the User model.

• Users can now be associated with multiple authentication identities.

• Added constraints and indexes for efficient provider lookups:

  • Unique (provider, providerId)
  • Indexed userId

Benefits:

• Supports multiple login methods per account.
• Simplifies future OAuth integrations.
• Decouples authentication data from profile data.
• Improves maintainability and extensibility of the authentication system.

User Model Improvements

Added:

• emailVerified

  • Tracks email verification status.
  • Enables verification-gated features.

• phoneNumber

  • Dedicated field for phone-based authentication.
  • Supports Firebase Phone Authentication and future SMS login flows.

• lastSignInAt

  • Records the user's most recent successful sign-in.
  • Useful for auditing and account activity monitoring.

• isActive

  • Allows accounts to be activated, suspended, or disabled without deletion.
  • Provides better account lifecycle management.

Refresh Token Enhancements

Extended refresh token storage to improve session security and token management.

Added:

• family

  • Groups refresh tokens belonging to the same login session.
  • Enables refresh token rotation strategies.
  • Helps detect token reuse and session compromise.

• tokenHash

  • Stores hashed refresh tokens instead of raw tokens.
  • Prevents token disclosure if the database is compromised.

• userAgent

  • Stores device/browser information.
  • Improves session visibility and auditing.

• ipHash (planned)

  • Stores a hashed representation of the client IP.
  • Adds an additional security signal while avoiding storage of raw IP addresses.

Benefits:

• Stronger session management.
• Secure refresh token rotation.
• Improved compromise detection.
• Better auditing and device tracking.
• Reduced impact of database leaks.

Proofs

[github-actions]

CI Results — ❌ Some checks failed

🖥️ Backend (❌ failure)

Check	Status
Lint	✅ success
Test	❌ failure
Typecheck	❌ failure

📱 Mobile (⏭️ skipped)

Check	Status
Lint	⚪ unknown
Test	⚪ unknown

🌐 Web (⏭️ skipped)

Check	Status
Check	⚪ unknown
Build	⚪ unknown

---

🕐 Last updated: Wed, 03 Jun 2026 08:20:53 GMT