Checkpoint: password reset, rule expiry, migrations
- Self-service and admin password-change endpoints
(PUT /v1/auth/password, PUT /v1/accounts/{id}/password)
- Policy rule time-scoped expiry (not_before / expires_at)
with migration 000006 and engine filtering
- golang-migrate integration; embedded SQL migrations
- PolicyRecord fieldalignment lint fix
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
6
internal/db/migrations/000006_policy_rule_expiry.up.sql
Normal file
6
internal/db/migrations/000006_policy_rule_expiry.up.sql
Normal file
@@ -0,0 +1,6 @@
|
||||
-- Add optional time-scoped validity window to policy rules.
|
||||
-- NULL means "no constraint" (rule is always active / never expires).
|
||||
-- The policy engine skips rules where not_before > now() or expires_at <= now()
|
||||
-- at cache-load time (SetRules), not at query time.
|
||||
ALTER TABLE policy_rules ADD COLUMN not_before TEXT DEFAULT NULL;
|
||||
ALTER TABLE policy_rules ADD COLUMN expires_at TEXT DEFAULT NULL;
|
||||
Reference in New Issue
Block a user