jeffemmett
/
canvas-website
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
canvas-website/backlog/tasks/task-018 - Create-Cloudflar...

2.7 KiB
Raw Blame History

id title status assignee created_date updated_date labels dependencies priority
task-018 Create Cloudflare D1 cryptid-auth database To Do
2025-12-04 12:02 2025-12-04 12:27
infrastructure
cloudflare
d1
cryptid
auth
high

Description

Create the D1 database on Cloudflare for CryptID authentication system. This is the first step before deploying the email recovery feature.

Database Purpose:

  • Store user accounts linked to CryptID usernames
  • Store device public keys for multi-device auth
  • Store verification tokens for email/device linking
  • Enable account recovery via verified email

Security Considerations:

  • Emails should be encrypted at rest (task-016)
  • Public keys are safe to store (not secrets)
  • Tokens are time-limited and single-use
  • No passwords stored (WebCrypto key-based auth)

Acceptance Criteria

  • #1 D1 database 'cryptid-auth' created via wrangler d1 create
  • #2 D1 database 'cryptid-auth-dev' created for dev environment
  • #3 Database IDs added to wrangler.toml (replacing placeholders)
  • #4 Schema from worker/schema.sql deployed to both databases
  • #5 Verified tables exist: users, device_keys, verification_tokens

Implementation Plan

Implementation Steps

1. Create D1 Databases

Run from local machine or Netcup (requires wrangler CLI):

cd /home/jeffe/Github/canvas-website

# Create production database
wrangler d1 create cryptid-auth

# Create dev database
wrangler d1 create cryptid-auth-dev

2. Update wrangler.toml

Replace placeholder IDs with actual database IDs from step 1:

[[d1_databases]]
binding = "CRYPTID_DB"
database_name = "cryptid-auth"
database_id = "<PROD_ID_FROM_STEP_1>"

[[env.dev.d1_databases]]
binding = "CRYPTID_DB"
database_name = "cryptid-auth-dev"
database_id = "<DEV_ID_FROM_STEP_1>"

3. Deploy Schema

# Deploy to dev first
wrangler d1 execute cryptid-auth-dev --file=./worker/schema.sql

# Then production
wrangler d1 execute cryptid-auth --file=./worker/schema.sql

4. Verify Tables

# Check dev
wrangler d1 execute cryptid-auth-dev --command="SELECT name FROM sqlite_master WHERE type='table';"

# Expected output:
# - users
# - device_keys
# - verification_tokens

5. Commit wrangler.toml Changes

git add wrangler.toml
git commit -m "chore: add D1 database IDs for cryptid-auth"

Implementation Notes

Feature branch: feature/cryptid-email-recovery

Code is ready - waiting for D1 database creation