Task_Reporter/app/modules/auth/models.py

"""SQLAlchemy models for authentication

資料表結構：
- user_sessions: 儲存使用者 session 資料，包含加密密碼用於自動刷新
"""
from sqlalchemy import Column, Integer, String, DateTime, Index
from datetime import datetime
from app.core.database import Base


class UserSession(Base):
    """User session model with encrypted password for auto-refresh"""

    __tablename__ = "user_sessions"

    id = Column(Integer, primary_key=True, index=True)
    username = Column(String(255), nullable=False, comment="User email from AD")
    display_name = Column(String(255), nullable=False, comment="Display name for chat")
    internal_token = Column(
        String(255), unique=True, nullable=False, index=True, comment="Internal session token (UUID)"
    )
    ad_token = Column(String(500), nullable=False, comment="AD API token")
    encrypted_password = Column(String(500), nullable=False, comment="AES-256 encrypted password")
    ad_token_expires_at = Column(DateTime, nullable=False, comment="AD token expiry time")
    refresh_attempt_count = Column(
        Integer, default=0, nullable=False, comment="Failed refresh attempts counter"
    )
    last_activity = Column(
        DateTime, default=datetime.utcnow, nullable=False, comment="Last API request time"
    )
    created_at = Column(DateTime, default=datetime.utcnow, nullable=False)