33 lines
1.5 KiB
Ruby
33 lines
1.5 KiB
Ruby
class CreateWebauthnCredentials < ActiveRecord::Migration[8.1]
|
|
def change
|
|
create_table :webauthn_credentials do |t|
|
|
# Reference to the user who owns this credential
|
|
t.references :user, null: false, foreign_key: true, index: true
|
|
|
|
# WebAuthn specification fields
|
|
t.string :external_id, null: false, index: { unique: true } # credential ID (base64)
|
|
t.string :public_key, null: false # public key (base64)
|
|
t.integer :sign_count, null: false, default: 0 # signature counter (clone detection)
|
|
|
|
# Metadata
|
|
t.string :nickname # User-friendly name ("MacBook Touch ID")
|
|
t.string :authenticator_type # "platform" or "cross-platform"
|
|
t.boolean :backup_eligible, default: false # Can be backed up (passkey sync)
|
|
t.boolean :backup_state, default: false # Currently backed up
|
|
|
|
# Tracking
|
|
t.datetime :last_used_at
|
|
t.string :last_used_ip
|
|
t.string :user_agent # Browser/OS info
|
|
|
|
t.timestamps
|
|
end
|
|
|
|
# Add composite index for user-specific queries
|
|
add_index :webauthn_credentials, [:user_id, :external_id], unique: true
|
|
add_index :webauthn_credentials, [:user_id, :last_used_at]
|
|
add_index :webauthn_credentials, :authenticator_type
|
|
add_index :webauthn_credentials, :last_used_at
|
|
end
|
|
end
|