From b1c3ceeab7d5fd7d636bdb12ecf05e9631cb5dc1 Mon Sep 17 00:00:00 2001 From: Jeff Emmett Date: Thu, 4 Dec 2025 04:00:55 -0800 Subject: [PATCH] Create task task-016 --- ...ate-Cloudflare-D1-cryptid-auth-database.md | 43 +++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 backlog/tasks/task-016 - Create-Cloudflare-D1-cryptid-auth-database.md diff --git a/backlog/tasks/task-016 - Create-Cloudflare-D1-cryptid-auth-database.md b/backlog/tasks/task-016 - Create-Cloudflare-D1-cryptid-auth-database.md new file mode 100644 index 0000000..f3391f5 --- /dev/null +++ b/backlog/tasks/task-016 - Create-Cloudflare-D1-cryptid-auth-database.md @@ -0,0 +1,43 @@ +--- +id: task-016 +title: Create Cloudflare D1 cryptid-auth database +status: To Do +assignee: [] +created_date: '2025-12-04 12:00' +labels: + - infrastructure + - cloudflare + - d1 + - cryptid + - auth + - security +dependencies: [] +priority: high +--- + +## Description + + +Create the D1 database on Cloudflare for CryptID authentication system. This is the first step before deploying the email recovery feature. + +**Database Purpose:** +- Store user accounts linked to CryptID usernames +- Store device public keys for multi-device auth +- Store verification tokens for email/device linking +- Enable account recovery via verified email + +**Security Considerations:** +- Emails should be encrypted at rest (Phase 2) +- Public keys are safe to store (not secrets) +- Tokens are time-limited and single-use +- No passwords stored (WebCrypto key-based auth) + + +## Acceptance Criteria + +- [ ] #1 D1 database 'cryptid-auth' created via wrangler d1 create +- [ ] #2 D1 database 'cryptid-auth-dev' created for dev environment +- [ ] #3 Database IDs added to wrangler.toml (replacing placeholders) +- [ ] #4 Schema from worker/schema.sql deployed to both databases +- [ ] #5 Verified tables exist: users, device_keys, verification_tokens +