mrpiglr/AeThex-OS
1
0
Fork 0
mirror of https://github.com/AeThex-Corporation/AeThex-OS.git synced 2026-04-24 08:57:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
AeThex-OS/temp-forge-extract/aethex-forge-main/supabase/migrations/20250115_oauth_federation.sql
MrPiglr b3c308b2c8 Add functional marketplace modules, bottom nav bar, root terminal, arcade games 
- ModuleManager: Central tracking for installed marketplace modules
- DataAnalyzerWidget: Real-time CPU/RAM/Battery/Storage widget (unlocked by Data Analyzer module)
- BottomNavBar: Navigation bar for Projects/Chat/Marketplace/Settings
- RootShell: Real root command execution utility
- TerminalActivity: Full root shell with neofetch, sysinfo, real Linux commands
- Terminal Pro module: Adds aliases (ll, la, h), command history
- ArcadeActivity + SnakeGame: Pixel Arcade module unlocks retro games
- fade_in/fade_out animations for smooth transitions
2026-02-18 22:03:50 -07:00

71 lines
2.5 KiB
SQL
Raw Blame History

-- OAuth Federation: Link external OAuth providers to Foundation Passports
-- This allows users to login via GitHub, Discord, Google, Roblox, etc.
-- and all logins federate to a single Foundation Passport
CREATE TABLE IF NOT EXISTS public.provider_identities (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
-- Reference to the Foundation Passport (user_profiles.id)
user_id UUID NOT NULL REFERENCES public.user_profiles(id) ON DELETE CASCADE,
-- OAuth provider name (github, discord, google, roblox, ethereum, etc)
provider TEXT NOT NULL,
-- The unique ID from the OAuth provider
provider_user_id TEXT NOT NULL,
-- User's email from the provider (for identity verification)
provider_email TEXT,
-- Additional provider data (JSON: avatar, username, etc)
provider_data JSONB,
-- When this provider was linked
linked_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
-- Unique constraint: one provider ID per provider
UNIQUE(provider, provider_user_id),
-- Ensure one user doesn't have duplicate providers
UNIQUE(user_id, provider)
);
-- Indexes for fast OAuth callback lookups
CREATE INDEX idx_provider_identities_provider_user_id
ON public.provider_identities(provider, provider_user_id);
CREATE INDEX idx_provider_identities_user_id
ON public.provider_identities(user_id);
-- Grant access
GRANT SELECT, INSERT, UPDATE, DELETE ON public.provider_identities TO authenticated;
GRANT SELECT, INSERT, UPDATE, DELETE ON public.provider_identities TO service_role;
-- Enable RLS
ALTER TABLE public.provider_identities ENABLE ROW LEVEL SECURITY;
-- Users can only see their own provider identities
CREATE POLICY "Users can view own provider identities"
ON public.provider_identities FOR SELECT
USING (auth.uid() = user_id);
-- Users can only insert their own provider identities
CREATE POLICY "Users can insert own provider identities"
ON public.provider_identities FOR INSERT
WITH CHECK (auth.uid() = user_id);
-- Users can only update their own provider identities
CREATE POLICY "Users can update own provider identities"
ON public.provider_identities FOR UPDATE
USING (auth.uid() = user_id);
-- Users can only delete their own provider identities
CREATE POLICY "Users can delete own provider identities"
ON public.provider_identities FOR DELETE
USING (auth.uid() = user_id);
-- Service role can do anything for OAuth flows
CREATE POLICY "Service role can manage all provider identities"
ON public.provider_identities
FOR ALL
USING (current_user_id() = (SELECT id FROM auth.users WHERE id = auth.uid()));
Reference in a new issue View git blame Copy permalink