feat(security): #286 implement csrf middleware

migration/001_initial_schema.up.sql

@@ -1,4 +1,40 @@
 
+CREATE TABLE user (
+	user_id TEXT NOT NULL UNIQUE PRIMARY KEY,
+
+	email TEXT NOT NULL UNIQUE,
+	email_verified BOOLEAN NOT NULL,
+	email_verified_at DATETIME,
+
+	is_admin BOOLEAN NOT NULL,
+
+	password BLOB NOT NULL,
+	salt BLOB NOT NULL,
+
+	created_at DATETIME NOT NULL
+) WITHOUT ROWID;
+
+CREATE TABLE session (
+	session_id TEXT NOT NULL UNIQUE PRIMARY KEY,
+	user_id TEXT NOT NULL,
+
+	created_at DATETIME NOT NULL,
+	expires_at DATETIME NOT NULL
+) WITHOUT ROWID;
+
+
+CREATE TABLE token (
+	token TEXT NOT NULL UNIQUE PRIMARY KEY,
+
+	user_id TEXT,
+	session_id TEXT,
+
+	type TEXT NOT NULL,
+
+	created_at DATETIME NOT NULL,
+	expires_at DATETIME
+);
+
 CREATE TABLE workout (
 	user_id INTEGER NOT NULL,
 	date TEXT NOT NULL,
@@ -6,4 +42,3 @@ CREATE TABLE workout (
 	sets INTEGER NOT NULL,
 	reps INTEGER NOT NULL
 );
-

migration/002_user_and_session.up.sql

@@ -1,21 +0,0 @@
-
-CREATE TABLE user (
-	user_uuid TEXT NOT NULL UNIQUE PRIMARY KEY,
-
-	email TEXT NOT NULL UNIQUE,
-	email_verified BOOLEAN NOT NULL,
-
-	is_admin BOOLEAN NOT NULL,
-
-	password BLOB NOT NULL,
-	salt BLOB NOT NULL,
-
-	created_at DATETIME NOT NULL
-) WITHOUT ROWID;
-
-CREATE TABLE session (
-	session_id TEXT NOT NULL UNIQUE PRIMARY KEY,
-	user_uuid TEXT NOT NULL,
-
-	created_at DATETIME NOT NULL
-) WITHOUT ROWID;

migration/003_user_mail_verification.up.sql

@@ -1,2 +0,0 @@
-
-ALTER TABLE user ADD COLUMN email_verified_at DATETIME DEFAULT NULL;

migration/004_user_tokens.up.sql

@@ -1,11 +0,0 @@
-
--- E.G. email-verifications, password-resets, unsubscribe-from-newsletter etc.
-CREATE TABLE user_token (
-	user_uuid TEXT NOT NULL,
-
-	type TEXT NOT NULL,
-	token TEXT NOT NULL UNIQUE PRIMARY KEY,
-
-	created_at DATETIME NOT NULL,
-	expires_at DATETIME
-);