mirror of
https://github.com/DeBrosOfficial/orama.git
synced 2026-03-17 12:06:57 +00:00
fd87eec476
- Invalidate plaintext refresh tokens (migration 019) - Add `--sign` flag to `orama build` for rootwallet manifest signing - Add `--ca-fingerprint` TOFU verification for production joins/invites - Save cluster secrets from join (RQLite auth, Olric key, IPFS peers) - Add RQLite auth config fields
5 lines
277 B
SQL
5 lines
277 B
SQL
-- Invalidate all existing refresh tokens.
|
|
-- Tokens were stored in plaintext; the application now stores SHA-256 hashes.
|
|
-- Users will need to re-authenticate (tokens have 30-day expiry anyway).
|
|
UPDATE refresh_tokens SET revoked_at = datetime('now') WHERE revoked_at IS NULL;
|