Skip to Content
Models (database shapes)User & auth models

User & auth models

FileCollection purpose
user.model.tsAccount: email, Google id, admin flags, onboarding
refresh-token.model.tsHashed refresh tokens per device/session

user.model.ts (baby)

Stores who someone is:

  • email, name, avatar
  • googleId — link to Google account
  • isAdmin, adminRole — staff access (permissions)
  • isOnboarded — finished first-time setup?

Auth middleware loads this row on every request.

refresh-token.model.ts (baby)

Long-lived login sessions. Raw token never stored plain — hashed with REFRESH_TOKEN_SECRET.

TokenService creates, rotates, revokes rows here.

Last updated on
OverviewPractice PYQ models