Auth Domain Schemas
The Auth Domain provides a complete set of production-ready schemas for building secure authentication systems in your Node.js applications.
This domain includes three core schemas that work together to handle user authentication, verification, and session management.
Database Schema Design
To see the complete database design, including the User schema from the Auth Domain, please click here visualization.
Database Variants
The Auth Domain is available for multiple databases:
- MongoDB (Mongoose) - Using Mongoose models and TTL indexes.
- PostgreSQL (Drizzle) - Type-safe Drizzle schemas for PostgreSQL.
- MySQL (Drizzle) - Type-safe Drizzle schemas for MySQL.
Together, these schemas provide everything you need to build:
- Email/password authentication
- Email verification flows
- Password reset functionality
- Two-factor authentication (2FA)
- Session management
- OAuth integration (Google, GitHub, etc.)
Quick Start
Install All Auth Schemas
To install all auth-related schemas at once, run:
npx servercn-cli add schema authThis will install:
Userschema (auth/user)OTPschema (auth/otp)Sessionschema (auth/session)Refresh Tokenschema (auth/refresh-token)Auth Constants(OTP types, max attempts, etc.)
Install Individual Schemas
If you install schema one by one (such as auth/user and auth/session), the relationships between them won't be automatic—you'll need to implement them manually.
You can also install schemas individually:
User Schema:
npx servercn-cli add schema auth/userOTP Schema:
npx servercn-cli add schema auth/otpSession Schema:
npx servercn-cli add schema auth/sessionRefresh Token Schema:
npx servercn-cli add schema auth/refresh-tokenSchemas Breakdown
1. User Schema
The User Schema is the foundation of your authentication system. It stores user identity, credentials, and profile information.
Key Features:
- Email/password authentication
- OAuth provider support (Google, GitHub)
- Role-based access control (user, admin)
- Email verification status
- Account locking for security
- Soft delete functionality
- Avatar/profile management
View Documentation: MongoDB | PostgreSQL | MySQL
2. OTP Schema
The OTP Schema handles one-time password verification for various authentication workflows.
Key Features:
- Multiple OTP types (signin, email-verification, password-reset, password-change)
- Cryptographic hashing for security
- Auto-expiration with TTL indexes
- Rate limiting (max attempts)
- Resend cooldown protection
- User and email references
View Documentation: MongoDB | PostgreSQL | MySQL
3. Session Schema
The Session Schema manages user sessions for authenticated users, supporting both stateful and stateless authentication.
Key Features:
- Secure token hashing
- Session expiration
- Device tracking (user agent, IP)
- Active/inactive status
- Session revocation
- Multi-device support
View Documentation: MongoDB | PostgreSQL | MySQL
4. Refresh Token Schema
The Refresh Token Schema manages long-lived tokens used to renew access tokens in JWT-based authentication systems.
Key Features:
- Secure token hashing
- Token rotation support (theft detection)
- Family revocation
- Auto-expiration
View Documentation: MongoDB | PostgreSQL | MySQL
Database Support
All auth schemas support multiple databases:
- MongoDB - via Mongoose
- MySQL - via Drizzle ORM
- PostgreSQL - via Drizzle ORM
The CLI automatically detects your database configuration from servercn.config.json and generates the appropriate schema.
Related Components
These components work well with the Auth Domain schemas:
- Password Hashing - Secure password hashing with argon2/bcrypt
- Generate OTP/Token - Cryptographic token generation
- JWT Utils - JWT token generation and verification
- Email Service - Send verification emails
- Rate Limiter - Protect auth endpoints
- RBAC - Role-based access control