Shut down the `/api/events` stream when the user logs out or their token expires.

When tokens are revoked (logout or expiry), the server now publishes an internal event via the new `logins` event broadcaster. These events are used to guard the `/api/events` stream. When a token revocation event arrives for the token used to subscribe to the stream, the stream is cut short, disconnecting the client.

In service of this, tokens now have IDs, which are non-confidential values that can be used to discuss tokens without their secrets being passed around unnecessarily. These IDs are not (at this time) exposed to clients, but they could be.

1 files changed, 29 insertions, 0 deletions

diff --git a/migrations/20240929013644_token_id.sql b/migrations/20240929013644_token_id.sql
new file mode 100644
index 0000000..ad4d8b4
--- /dev/null
+++ b/migrations/20240929013644_token_id.sql
@@ -0,0 +1,29 @@
+alter table token
+rename to old_token;
+
+create table token (
+	id text
+		not null
+		primary key,
+	secret text
+		not null
+		unique,
+	login text
+		not null,
+	issued_at text
+		not null,
+	last_used_at text
+		not null,
+	foreign key (login)
+		references login (id)
+);
+
+insert into token
+select
+	'T' || lower(hex(randomblob(8))) as id,
+	*
+from old_token;
+
+drop table old_token;
+
+create index token_issued_at on token (issued_at);