erDiagram
users {
uuid id PK
string email UK
string phone UK
string display_name
boolean email_verified
boolean phone_verified
string status
timestamp created_at
timestamp updated_at
timestamp deleted_at
json metadata
}
accounts {
uuid id PK
uuid user_id FK
string provider
string provider_account_id UK
string type
string access_token
string refresh_token
string id_token
timestamp token_expires_at
string scope
timestamp created_at
timestamp updated_at
json metadata
}
sessions {
uuid id PK
uuid user_id FK
uuid account_id FK
string token UK
string strategy
string device_id
string ip_address
string user_agent
string country
boolean is_active
timestamp expires_at
timestamp last_active_at
timestamp created_at
timestamp revoked_at
string revoke_reason
json metadata
}
verification_tokens {
uuid id PK
uuid user_id FK
string token UK
string type
string identifier
timestamp expires_at
timestamp used_at
string redirect_url
json metadata
}
refresh_tokens {
uuid id PK
uuid session_id FK
string token UK
string family
boolean used
timestamp expires_at
timestamp created_at
timestamp used_at
string replaced_by FK
}
devices {
uuid id PK
uuid user_id FK
string fingerprint
string name
string platform
string browser
boolean trusted
timestamp first_seen_at
timestamp last_seen_at
json metadata
}
mfa_credentials {
uuid id PK
uuid user_id FK
string type
string credential_id UK
string secret
boolean is_primary
boolean is_backup
timestamp verified_at
timestamp created_at
json metadata
}
audit_logs {
uuid id PK
uuid user_id FK
uuid session_id FK
string event
string ip_address
string user_agent
string result
json payload
timestamp created_at
}
users ||--o{ accounts : "has"
users ||--o{ sessions : "owns"
users ||--o{ devices : "registers"
users ||--o{ mfa_credentials : "holds"
users ||--o{ verification_tokens : "receives"
users ||--o{ audit_logs : "generates"
accounts ||--o{ sessions : "linked via"
sessions ||--o{ refresh_tokens : "rotates"
sessions ||--o| devices : "from"
sessions ||--o{ audit_logs : "records"
Description
Model
erDiagram users { uuid id PK string email UK string phone UK string display_name boolean email_verified boolean phone_verified string status timestamp created_at timestamp updated_at timestamp deleted_at json metadata } accounts { uuid id PK uuid user_id FK string provider string provider_account_id UK string type string access_token string refresh_token string id_token timestamp token_expires_at string scope timestamp created_at timestamp updated_at json metadata } sessions { uuid id PK uuid user_id FK uuid account_id FK string token UK string strategy string device_id string ip_address string user_agent string country boolean is_active timestamp expires_at timestamp last_active_at timestamp created_at timestamp revoked_at string revoke_reason json metadata } verification_tokens { uuid id PK uuid user_id FK string token UK string type string identifier timestamp expires_at timestamp used_at string redirect_url json metadata } refresh_tokens { uuid id PK uuid session_id FK string token UK string family boolean used timestamp expires_at timestamp created_at timestamp used_at string replaced_by FK } devices { uuid id PK uuid user_id FK string fingerprint string name string platform string browser boolean trusted timestamp first_seen_at timestamp last_seen_at json metadata } mfa_credentials { uuid id PK uuid user_id FK string type string credential_id UK string secret boolean is_primary boolean is_backup timestamp verified_at timestamp created_at json metadata } audit_logs { uuid id PK uuid user_id FK uuid session_id FK string event string ip_address string user_agent string result json payload timestamp created_at } users ||--o{ accounts : "has" users ||--o{ sessions : "owns" users ||--o{ devices : "registers" users ||--o{ mfa_credentials : "holds" users ||--o{ verification_tokens : "receives" users ||--o{ audit_logs : "generates" accounts ||--o{ sessions : "linked via" sessions ||--o{ refresh_tokens : "rotates" sessions ||--o| devices : "from" sessions ||--o{ audit_logs : "records"Possible
erDiagram USER ||--o{ AUTH_FLOW : "optional" AUTH_FLOW { uuid id PK string type string provider string state_hash UK string code_verifier_hash string identifie json metadata datetime expires_at datetime consumed_at datetime created_at }