database/migrations/009_add_authentication_features.sql

-- Add authentication features
-- Email verification and password reset tokens

-- Add email verification fields to users table
ALTER TABLE users 
ADD COLUMN email_verified BOOLEAN DEFAULT FALSE AFTER email,
ADD COLUMN email_verification_token VARCHAR(255) NULL AFTER email_verified,
ADD COLUMN email_verification_sent_at TIMESTAMP NULL AFTER email_verification_token;

-- Create password reset tokens table
CREATE TABLE IF NOT EXISTS password_reset_tokens (
    id INT AUTO_INCREMENT PRIMARY KEY,
    user_id INT NOT NULL,
    token VARCHAR(255) NOT NULL UNIQUE,
    expires_at TIMESTAMP NOT NULL,
    used BOOLEAN DEFAULT FALSE,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
    INDEX idx_token (token),
    INDEX idx_user_id (user_id),
    INDEX idx_expires_at (expires_at)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;

-- Create remember me tokens table
CREATE TABLE IF NOT EXISTS remember_tokens (
    id INT AUTO_INCREMENT PRIMARY KEY,
    user_id INT NOT NULL,
    token VARCHAR(255) NOT NULL UNIQUE,
    expires_at TIMESTAMP NOT NULL,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
    INDEX idx_token (token),
    INDEX idx_user_id (user_id),
    INDEX idx_expires_at (expires_at)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;

-- Add role field to users for future multi-user support
ALTER TABLE users
ADD COLUMN role VARCHAR(50) DEFAULT 'user' AFTER full_name;

-- Update existing admin user to have admin role
UPDATE users SET role = 'admin' WHERE username = 'admin';

-- Add settings for registration
INSERT INTO settings (setting_key, setting_value) VALUES
('registration_enabled', '0'),
('require_email_verification', '1')
ON DUPLICATE KEY UPDATE setting_key=setting_key;
Upgraded to 1.1.0 1.1.0 (2025-10-09) - User Notifications System - In-app notification center with 7 notification types, filtering, pagination - Advanced Session Management - Database-backed sessions with geolocation (country, city, ISP) - Remote Session Control - Terminate any device instantly with immediate logout validation - Enhanced Profile Page - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions) - MVC Architecture Refactoring - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views - Geolocation Tracking - IP-based location detection using ip-api.com, country flags with flag-icons - Device Detection - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet) - Auto-Detected Cron Paths - Settings show actual installation paths (thanks @jadeops) - Welcome Notifications - Sent to new users on registration or fresh install - Upgrade Notifications - Admins notified on system updates with version & migration count - Web-Based Installer - Replaces CLI, auto-generates encryption key, one-time password display - Web-Based Updater - `/install/update` for running new migrations with smart detection - User Registration - Full signup flow with email verification, password reset, resend verification - User Management - CRUD for users with filtering, sorting, pagination (admin-only) - Remember Me - 30-day secure tokens linked to sessions, cascade deletion on logout - Session Validator - Middleware validates sessions on every request for instant remote logout - Consistent UI/UX - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry - Smart Migrations - Consolidated schema for fresh installs, incremental for upgrades - XSS Protection - htmlspecialchars() applied across all user-facing data (thanks @jadeops) 2025-10-09 18:02:46 +03:00			`-- Add authentication features`
			`-- Email verification and password reset tokens`

			`-- Add email verification fields to users table`
			`ALTER TABLE users`
			`ADD COLUMN email_verified BOOLEAN DEFAULT FALSE AFTER email,`
			`ADD COLUMN email_verification_token VARCHAR(255) NULL AFTER email_verified,`
			`ADD COLUMN email_verification_sent_at TIMESTAMP NULL AFTER email_verification_token;`

			`-- Create password reset tokens table`
			`CREATE TABLE IF NOT EXISTS password_reset_tokens (`
			`id INT AUTO_INCREMENT PRIMARY KEY,`
			`user_id INT NOT NULL,`
			`token VARCHAR(255) NOT NULL UNIQUE,`
			`expires_at TIMESTAMP NOT NULL,`
			`used BOOLEAN DEFAULT FALSE,`
			`created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,`
			`FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,`
			`INDEX idx_token (token),`
			`INDEX idx_user_id (user_id),`
			`INDEX idx_expires_at (expires_at)`
			`) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;`

			`-- Create remember me tokens table`
			`CREATE TABLE IF NOT EXISTS remember_tokens (`
			`id INT AUTO_INCREMENT PRIMARY KEY,`
			`user_id INT NOT NULL,`
			`token VARCHAR(255) NOT NULL UNIQUE,`
			`expires_at TIMESTAMP NOT NULL,`
			`created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,`
			`FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,`
			`INDEX idx_token (token),`
			`INDEX idx_user_id (user_id),`
			`INDEX idx_expires_at (expires_at)`
			`) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;`

			`-- Add role field to users for future multi-user support`
			`ALTER TABLE users`
			`ADD COLUMN role VARCHAR(50) DEFAULT 'user' AFTER full_name;`

			`-- Update existing admin user to have admin role`
			`UPDATE users SET role = 'admin' WHERE username = 'admin';`

			`-- Add settings for registration`
			`INSERT INTO settings (setting_key, setting_value) VALUES`
			`('registration_enabled', '0'),`
			`('require_email_verification', '1')`
			`ON DUPLICATE KEY UPDATE setting_key=setting_key;`