fix(test): fix testing ci workflow and clean up docker

Reviewed-on: #39
Reviewed-by: Maximilian Liebmann <lima@noreply.git.dominikstahl.dev>

.dockerignore

@@ -1,2 +1,7 @@
 .next
 node_modules
+prisma/*.db*
+data
+README.md
+*.env*
+.yarn

.env.example

@@ -1,4 +1,4 @@
-DATABASE_URL=
+DATABASE_URL="file:./dev.db"
 
 AUTH_SECRET= # Added by `npx auth`. Read more: https://cli.authjs.dev
 

.github/workflows/container-scan.yml

@@ -9,7 +9,7 @@ jobs:
     name: Container Scan
     runs-on: docker
     container:
-      image: ghcr.io/di0ik/forgejo_runner_container:main@sha256:672aee9a5dfc35531db3a218ad9486eb5c5d7d9ac10bdcba13110470c10403ee
+      image: ghcr.io/di0ik/forgejo_runner_container:main@sha256:c66a37d9af18f8f0f34d16890082bc08d842d52ff2a2bc36d993e3d347b498ac
     steps:
       - name: Checkout code
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4

.github/workflows/docker-build.yml

@@ -13,7 +13,7 @@ jobs:
   docker:
     runs-on: docker
     container:
-      image: ghcr.io/di0ik/forgejo_runner_container:main@sha256:672aee9a5dfc35531db3a218ad9486eb5c5d7d9ac10bdcba13110470c10403ee
+      image: ghcr.io/di0ik/forgejo_runner_container:main@sha256:c66a37d9af18f8f0f34d16890082bc08d842d52ff2a2bc36d993e3d347b498ac
     steps:
       - name: Login to Docker Hub
         uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
@@ -40,7 +40,7 @@ jobs:
           echo "REPO=$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')" >>${GITHUB_ENV}
 
       - name: Build and push (pull_request)
-        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6
+        uses: docker/build-push-action@1dc73863535b631f98b2378be8619f83b136f4a0 # v6
         if: github.event_name == 'pull_request'
         with:
           push: true
@@ -48,7 +48,7 @@ jobs:
           cache-from: type=registry,ref=git.dominikstahl.dev/${{ env.REPO }}:buildcache
 
       - name: Build and push (push_tag)
-        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6
+        uses: docker/build-push-action@1dc73863535b631f98b2378be8619f83b136f4a0 # v6
         if: github.event_name == 'push' && github.ref_type == 'tag'
         with:
           push: true
@@ -56,7 +56,7 @@ jobs:
           cache-from: type=registry,ref=git.dominikstahl.dev/${{ env.REPO }}:buildcache
 
       - name: Build and push (push_branch)
-        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6
+        uses: docker/build-push-action@1dc73863535b631f98b2378be8619f83b136f4a0 # v6
         if: github.event_name == 'push' && github.ref_type == 'branch'
         with:
           push: true

.gitignore

@@ -42,6 +42,11 @@ yarn-error.log*
 *.tsbuildinfo
 next-env.d.ts
 
+# database
+/prisma/*.db*
+src/generated/prisma
+data
+
 # cypress
 cypress/videos
 cypress/screenshots

Dockerfile

@@ -1,4 +1,4 @@
-FROM node:22-alpine@sha256:ad1aedbcc1b0575074a91ac146d6956476c1f9985994810e4ee02efd932a68fd AS base
+FROM node:22-alpine@sha256:152270cd4bd094d216a84cbc3c5eb1791afb05af00b811e2f0f04bdc6c473602 AS base
 
 # ----- Dependencies -----
 FROM base AS deps
@@ -15,19 +15,24 @@ WORKDIR /app
 RUN corepack enable
 COPY --from=deps /app/node_modules ./node_modules
 COPY . .
+RUN yarn prisma:generate
 RUN yarn build
 
 # ----- Runner -----
-FROM gcr.io/distroless/nodejs22-debian12:nonroot@sha256:7461370c8473cfcbf5def249423d5e8301b0e6b98cb256b3c8707f0201c2ea4a AS runner
+FROM base AS runner
 
 WORKDIR /app
 
+RUN yarn add prisma -D
+
 ENV NODE_ENV=production
 ENV NEXT_TELEMETRY_DISABLED=1
 
 COPY --from=builder /app/public ./public
 COPY --from=builder /app/.next/standalone ./
 COPY --from=builder /app/.next/static ./.next/static
+COPY --from=builder /app/prisma ./prisma
+COPY entrypoint.sh ./
 
 LABEL org.opencontainers.image.source="https://git.dominikstahl.dev/DHBW-WE/MeetUp"
 LABEL org.opencontainers.image.title="MeetUp"
@@ -36,4 +41,4 @@ LABEL org.opencontainers.image.description="A web application for managing meetu
 EXPOSE 3000
 
 ENV HOSTNAME="0.0.0.0"
-CMD ["server.js"]
+CMD ["/bin/ash", "entrypoint.sh"]

entrypoint.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+echo "Running start script with user $(whoami) and NODE_ENV $NODE_ENV"
+if [ "$NODE_ENV" == "production" ]; then
+  if [ -d "prisma/migrations" ]; then
+    echo "Running Prisma migrations"
+    npx prisma migrate deploy
+  fi
+fi
+exec node server.js

eslint.config.mjs

@@ -11,6 +11,9 @@ const compat = new FlatCompat({
 
 const eslintConfig = [
   ...compat.extends('next/core-web-vitals', 'next/typescript', 'prettier'),
+  {
+    ignores: ['src/generated/**', '.next/**', 'public/**'],
+  },
 ];
 
 export default eslintConfig;

package.json

@@ -11,14 +11,21 @@
     "cypress:build": "prettier --check . && NODE_ENV=test next build",
     "cypress:start_server": "cp .env.test .next/standalone && cp public .next/standalone/ -r && cp .next/static/ .next/standalone/.next/ -r && NODE_ENV=test HOSTNAME=\"0.0.0.0\" dotenv -e .env.test -- node .next/standalone/server.js",
     "cypress:open": "cypress open",
-    "cypress:run": "cypress run"
+    "cypress:run": "cypress run",
+    "prisma:migrate": "dotenv -e .env.local -- prisma migrate dev",
+    "prisma:generate": "dotenv -e .env.local -- prisma generate",
+    "prisma:studio": "dotenv -e .env.local -- prisma studio",
+    "prisma:db:push": "dotenv -e .env.local -- prisma db push",
+    "prisma:migrate:reset": "dotenv -e .env.local -- prisma migrate reset"
   },
   "dependencies": {
+    "@auth/prisma-adapter": "^2.9.1",
     "@fortawesome/fontawesome-svg-core": "^6.7.2",
     "@fortawesome/free-brands-svg-icons": "^6.7.2",
     "@fortawesome/free-regular-svg-icons": "^6.7.2",
     "@fortawesome/free-solid-svg-icons": "^6.7.2",
     "@fortawesome/react-fontawesome": "^0.2.2",
+    "@prisma/client": "^6.8.2",
     "@radix-ui/react-dropdown-menu": "^2.1.14",
     "@radix-ui/react-hover-card": "^1.1.13",
     "@radix-ui/react-label": "^2.1.6",
@@ -40,20 +47,20 @@
   },
   "devDependencies": {
     "@eslint/eslintrc": "3.3.1",
-    "@tailwindcss/postcss": "4.1.6",
-    "@types/node": "22.15.18",
+    "@tailwindcss/postcss": "4.1.7",
+    "@types/node": "22.15.19",
     "@types/react": "19.1.4",
     "@types/react-dom": "19.1.5",
     "cypress": "14.3.3",
-    "dotenv-cli": "^8.0.0",
-    "eslint": "9.26.0",
+    "dotenv-cli": "8.0.0",
+    "eslint": "9.27.0",
     "eslint-config-next": "15.3.2",
     "eslint-config-prettier": "10.1.5",
     "postcss": "8.5.3",
     "prettier": "3.5.3",
-    "prisma": "6.7.0",
-    "tailwindcss": "4.1.6",
-    "tw-animate-css": "1.2.9",
+    "prisma": "6.8.2",
+    "tailwindcss": "4.1.7",
+    "tw-animate-css": "1.3.0",
     "typescript": "5.8.3"
   },
   "packageManager": "yarn@4.9.1"

prisma/migrations/20250519192553_init/migration.sql

@@ -0,0 +1,298 @@
+-- CreateTable
+CREATE TABLE "users" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "name" TEXT NOT NULL,
+    "first_name" TEXT,
+    "last_name" TEXT,
+    "email" TEXT NOT NULL,
+    "email_verified" DATETIME,
+    "password_hash" TEXT,
+    "image" TEXT,
+    "timezone" TEXT NOT NULL DEFAULT 'UTC',
+    "created_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updated_at" DATETIME NOT NULL
+);
+
+-- CreateTable
+CREATE TABLE "accounts" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "user_id" TEXT NOT NULL,
+    "type" TEXT NOT NULL,
+    "provider" TEXT NOT NULL,
+    "provider_account_id" TEXT NOT NULL,
+    "refresh_token" TEXT,
+    "access_token" TEXT,
+    "expires_at" INTEGER,
+    "token_type" TEXT,
+    "scope" TEXT,
+    "id_token" TEXT,
+    "session_state" TEXT,
+    CONSTRAINT "accounts_user_id_fkey" FOREIGN KEY ("user_id") REFERENCES "users" ("id") ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "sessions" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "session_token" TEXT NOT NULL,
+    "user_id" TEXT NOT NULL,
+    "expires" DATETIME NOT NULL,
+    CONSTRAINT "sessions_user_id_fkey" FOREIGN KEY ("user_id") REFERENCES "users" ("id") ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "verification_tokens" (
+    "identifier" TEXT NOT NULL,
+    "token" TEXT NOT NULL,
+    "expires" DATETIME NOT NULL
+);
+
+-- CreateTable
+CREATE TABLE "authenticators" (
+    "user_id" TEXT NOT NULL,
+    "credential_id" TEXT NOT NULL,
+    "provider_account_id" TEXT NOT NULL,
+    "credential_public_key" TEXT NOT NULL,
+    "counter" INTEGER NOT NULL,
+    "credential_device_type" TEXT NOT NULL,
+    "credential_backed_up" BOOLEAN NOT NULL,
+    "transports" TEXT,
+
+    PRIMARY KEY ("user_id", "credential_id"),
+    CONSTRAINT "authenticators_user_id_fkey" FOREIGN KEY ("user_id") REFERENCES "users" ("id") ON DELETE CASCADE ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "friendships" (
+    "user_id_1" TEXT NOT NULL,
+    "user_id_2" TEXT NOT NULL,
+    "status" TEXT NOT NULL DEFAULT 'PENDING',
+    "requested_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "accepted_at" DATETIME,
+
+    PRIMARY KEY ("user_id_1", "user_id_2"),
+    CONSTRAINT "friendships_user_id_1_fkey" FOREIGN KEY ("user_id_1") REFERENCES "users" ("id") ON DELETE RESTRICT ON UPDATE CASCADE,
+    CONSTRAINT "friendships_user_id_2_fkey" FOREIGN KEY ("user_id_2") REFERENCES "users" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "groups" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "name" TEXT NOT NULL,
+    "description" TEXT,
+    "creator_id" TEXT NOT NULL,
+    "created_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updated_at" DATETIME NOT NULL,
+    CONSTRAINT "groups_creator_id_fkey" FOREIGN KEY ("creator_id") REFERENCES "users" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "group_members" (
+    "group_id" TEXT NOT NULL,
+    "user_id" TEXT NOT NULL,
+    "role" TEXT NOT NULL DEFAULT 'MEMBER',
+    "added_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    PRIMARY KEY ("group_id", "user_id"),
+    CONSTRAINT "group_members_group_id_fkey" FOREIGN KEY ("group_id") REFERENCES "groups" ("id") ON DELETE RESTRICT ON UPDATE CASCADE,
+    CONSTRAINT "group_members_user_id_fkey" FOREIGN KEY ("user_id") REFERENCES "users" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "blocked_slots" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "user_id" TEXT NOT NULL,
+    "start_time" DATETIME NOT NULL,
+    "end_time" DATETIME NOT NULL,
+    "reason" TEXT,
+    "is_recurring" BOOLEAN NOT NULL DEFAULT false,
+    "rrule" TEXT,
+    "recurrence_end_date" DATETIME,
+    "created_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updated_at" DATETIME NOT NULL,
+    CONSTRAINT "blocked_slots_user_id_fkey" FOREIGN KEY ("user_id") REFERENCES "users" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "meetings" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "title" TEXT NOT NULL,
+    "description" TEXT,
+    "start_time" DATETIME NOT NULL,
+    "end_time" DATETIME NOT NULL,
+    "organizer_id" TEXT NOT NULL,
+    "location" TEXT,
+    "status" TEXT NOT NULL DEFAULT 'CONFIRMED',
+    "created_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updated_at" DATETIME NOT NULL,
+    CONSTRAINT "meetings_organizer_id_fkey" FOREIGN KEY ("organizer_id") REFERENCES "users" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "meeting_participants" (
+    "meeting_id" TEXT NOT NULL,
+    "user_id" TEXT NOT NULL,
+    "status" TEXT NOT NULL DEFAULT 'PENDING',
+    "added_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    PRIMARY KEY ("meeting_id", "user_id"),
+    CONSTRAINT "meeting_participants_meeting_id_fkey" FOREIGN KEY ("meeting_id") REFERENCES "meetings" ("id") ON DELETE RESTRICT ON UPDATE CASCADE,
+    CONSTRAINT "meeting_participants_user_id_fkey" FOREIGN KEY ("user_id") REFERENCES "users" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "notifications" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "user_id" TEXT NOT NULL,
+    "type" TEXT NOT NULL,
+    "related_entity_type" TEXT,
+    "related_entity_id" TEXT,
+    "message" TEXT NOT NULL,
+    "is_read" BOOLEAN NOT NULL DEFAULT false,
+    "created_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    CONSTRAINT "notifications_user_id_fkey" FOREIGN KEY ("user_id") REFERENCES "users" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "user_notification_preferences" (
+    "user_id" TEXT NOT NULL,
+    "notification_type" TEXT NOT NULL,
+    "email_enabled" BOOLEAN NOT NULL DEFAULT false,
+    "updated_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+
+    PRIMARY KEY ("user_id", "notification_type"),
+    CONSTRAINT "user_notification_preferences_user_id_fkey" FOREIGN KEY ("user_id") REFERENCES "users" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "email_queue" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "user_id" TEXT NOT NULL,
+    "subject" TEXT NOT NULL,
+    "body_html" TEXT NOT NULL,
+    "body_text" TEXT,
+    "status" TEXT NOT NULL DEFAULT 'PENDING',
+    "scheduled_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "attempts" INTEGER NOT NULL DEFAULT 0,
+    "last_attempt_at" DATETIME,
+    "sent_at" DATETIME,
+    "error_message" TEXT,
+    "created_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updated_at" DATETIME NOT NULL,
+    CONSTRAINT "email_queue_user_id_fkey" FOREIGN KEY ("user_id") REFERENCES "users" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "calendar_export_tokens" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "user_id" TEXT NOT NULL,
+    "token" TEXT NOT NULL,
+    "scope" TEXT NOT NULL DEFAULT 'MEETINGS_ONLY',
+    "is_active" BOOLEAN NOT NULL DEFAULT true,
+    "created_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "last_accessed_at" DATETIME,
+    CONSTRAINT "calendar_export_tokens_user_id_fkey" FOREIGN KEY ("user_id") REFERENCES "users" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "calendar_subscriptions" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "user_id" TEXT NOT NULL,
+    "feed_url" TEXT NOT NULL,
+    "name" TEXT,
+    "color" TEXT,
+    "is_enabled" BOOLEAN NOT NULL DEFAULT true,
+    "last_synced_at" DATETIME,
+    "last_sync_error" TEXT,
+    "sync_frequency_minutes" INTEGER DEFAULT 60,
+    "created_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updated_at" DATETIME NOT NULL,
+    CONSTRAINT "calendar_subscriptions_user_id_fkey" FOREIGN KEY ("user_id") REFERENCES "users" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateTable
+CREATE TABLE "external_events" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "subscription_id" TEXT NOT NULL,
+    "ical_uid" TEXT NOT NULL,
+    "summary" TEXT,
+    "description" TEXT,
+    "start_time" DATETIME NOT NULL,
+    "end_time" DATETIME NOT NULL,
+    "is_all_day" BOOLEAN NOT NULL DEFAULT false,
+    "location" TEXT,
+    "rrule" TEXT,
+    "dtstamp" DATETIME,
+    "sequence" INTEGER,
+    "show_as_free" BOOLEAN NOT NULL DEFAULT false,
+    "last_fetched_at" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    CONSTRAINT "external_events_subscription_id_fkey" FOREIGN KEY ("subscription_id") REFERENCES "calendar_subscriptions" ("id") ON DELETE RESTRICT ON UPDATE CASCADE
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "users_name_key" ON "users"("name");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "users_email_key" ON "users"("email");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "accounts_provider_provider_account_id_key" ON "accounts"("provider", "provider_account_id");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "sessions_session_token_key" ON "sessions"("session_token");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "verification_tokens_identifier_token_key" ON "verification_tokens"("identifier", "token");
+
+-- CreateIndex
+CREATE INDEX "idx_friendships_user2_status" ON "friendships"("user_id_2", "status");
+
+-- CreateIndex
+CREATE INDEX "groups_creator_id_idx" ON "groups"("creator_id");
+
+-- CreateIndex
+CREATE INDEX "group_members_user_id_idx" ON "group_members"("user_id");
+
+-- CreateIndex
+CREATE INDEX "blocked_slots_user_id_start_time_end_time_idx" ON "blocked_slots"("user_id", "start_time", "end_time");
+
+-- CreateIndex
+CREATE INDEX "blocked_slots_user_id_is_recurring_idx" ON "blocked_slots"("user_id", "is_recurring");
+
+-- CreateIndex
+CREATE INDEX "meetings_start_time_end_time_idx" ON "meetings"("start_time", "end_time");
+
+-- CreateIndex
+CREATE INDEX "meetings_organizer_id_idx" ON "meetings"("organizer_id");
+
+-- CreateIndex
+CREATE INDEX "meetings_status_idx" ON "meetings"("status");
+
+-- CreateIndex
+CREATE INDEX "idx_participants_user_status" ON "meeting_participants"("user_id", "status");
+
+-- CreateIndex
+CREATE INDEX "idx_notifications_user_read_time" ON "notifications"("user_id", "is_read", "created_at");
+
+-- CreateIndex
+CREATE INDEX "idx_email_queue_pending_jobs" ON "email_queue"("status", "scheduled_at");
+
+-- CreateIndex
+CREATE INDEX "idx_email_queue_user_history" ON "email_queue"("user_id", "created_at");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "calendar_export_tokens_token_key" ON "calendar_export_tokens"("token");
+
+-- CreateIndex
+CREATE INDEX "calendar_export_tokens_user_id_idx" ON "calendar_export_tokens"("user_id");
+
+-- CreateIndex
+CREATE INDEX "calendar_subscriptions_user_id_is_enabled_idx" ON "calendar_subscriptions"("user_id", "is_enabled");
+
+-- CreateIndex
+CREATE INDEX "external_events_subscription_id_start_time_end_time_idx" ON "external_events"("subscription_id", "start_time", "end_time");
+
+-- CreateIndex
+CREATE INDEX "external_events_subscription_id_show_as_free_idx" ON "external_events"("subscription_id", "show_as_free");
+
+-- CreateIndex
+CREATE UNIQUE INDEX "external_events_subscription_id_ical_uid_key" ON "external_events"("subscription_id", "ical_uid");

prisma/migrations/migration_lock.toml

@@ -0,0 +1,3 @@
+# Please do not edit this file manually
+# It should be added in your version-control system (e.g., Git)
+provider = "sqlite"

prisma/schema.prisma

@@ -5,11 +5,355 @@
 // Try Prisma Accelerate: https://pris.ly/cli/accelerate-init
 
 generator client {
-  provider = "prisma-client-js"
-  output   = "../generated/prisma"
+    provider = "prisma-client-js"
+    output   = "../src/generated/prisma"
 }
 
 datasource db {
-  provider = "postgresql"
-  url      = env("DATABASE_URL")
+    provider = "sqlite"
+    url      = env("DATABASE_URL")
+}
+
+enum participant_status {
+    PENDING
+    ACCEPTED
+    DECLINED
+    TENTATIVE
+}
+
+enum meeting_status {
+    TENTATIVE
+    CONFIRMED
+    CANCELLED
+}
+
+enum friendship_status {
+    PENDING
+    ACCEPTED
+    DECLINED
+    BLOCKED
+}
+
+enum notification_type {
+    FRIEND_REQUEST
+    FRIEND_ACCEPT
+    MEETING_INVITE
+    MEETING_UPDATE
+    MEETING_CANCEL
+    MEETING_REMINDER
+    GROUP_MEMBER_ADDED
+    CALENDAR_SYNC_ERROR
+}
+
+enum group_member_role {
+    ADMIN
+    MEMBER
+}
+
+enum calendar_export_scope {
+    MEETINGS_ONLY
+    MEETINGS_AND_BLOCKED
+    BLOCKED_ONLY
+}
+
+enum email_queue_status {
+    PENDING
+    PROCESSING
+    SENT
+    FAILED
+    CANCELLED
+}
+
+model User {
+    id            String    @id @default(cuid())
+    name          String    @unique
+    first_name    String?
+    last_name     String?
+    email         String    @unique
+    emailVerified DateTime? @map("email_verified")
+    password_hash String?
+    image         String?
+    timezone      String    @default("UTC")
+    created_at    DateTime  @default(now())
+    updated_at    DateTime  @updatedAt
+
+    accounts       Account[]
+    sessions       Session[]
+    authenticators Authenticator[]
+    friendships1   Friendship[]                 @relation("FriendshipUser1")
+    friendships2   Friendship[]                 @relation("FriendshipUser2")
+    groupsCreated  Group[]                      @relation("GroupCreator")
+    groupMembers   GroupMember[]
+    blockedSlots   BlockedSlot[]
+    meetingsOrg    Meeting[]                    @relation("MeetingOrganizer")
+    meetingParts   MeetingParticipant[]
+    notifications  Notification[]
+    notifPrefs     UserNotificationPreference[]
+    emailQueue     EmailQueue[]
+    calendarTokens CalendarExportToken[]
+    subscriptions  CalendarSubscription[]
+
+    @@map("users")
+}
+
+model Account {
+    id                String  @id @default(cuid())
+    userId            String  @map("user_id")
+    type              String
+    provider          String
+    providerAccountId String  @map("provider_account_id")
+    refresh_token     String?
+    access_token      String?
+    expires_at        Int?
+    token_type        String?
+    scope             String?
+    id_token          String?
+    session_state     String?
+
+    user User @relation(fields: [userId], references: [id], onDelete: Cascade)
+
+    @@unique([provider, providerAccountId])
+    @@map("accounts")
+}
+
+model Session {
+    id           String   @id @default(cuid())
+    sessionToken String   @unique @map("session_token")
+    userId       String   @map("user_id")
+    expires      DateTime
+    user         User     @relation(fields: [userId], references: [id], onDelete: Cascade)
+
+    @@map("sessions")
+}
+
+model VerificationToken {
+    identifier String
+    token      String
+    expires    DateTime
+
+    @@unique([identifier, token])
+    @@map("verification_tokens")
+}
+
+model Authenticator {
+    user_id                String
+    credential_id          String
+    provider_account_id    String
+    credential_public_key  String
+    counter                Int
+    credential_device_type String
+    credential_backed_up   Boolean
+    transports             String?
+
+    user User @relation(fields: [user_id], references: [id], onDelete: Cascade)
+
+    @@id([user_id, credential_id])
+    @@map("authenticators")
+}
+
+model Friendship {
+    user_id_1    String
+    user_id_2    String
+    status       friendship_status @default(PENDING)
+    requested_at DateTime          @default(now())
+    accepted_at  DateTime?
+
+    user1 User @relation("FriendshipUser1", fields: [user_id_1], references: [id])
+    user2 User @relation("FriendshipUser2", fields: [user_id_2], references: [id])
+
+    @@id([user_id_1, user_id_2])
+    @@index([user_id_2, status], name: "idx_friendships_user2_status")
+    @@map("friendships")
+}
+
+model Group {
+    id          String   @id @default(cuid())
+    name        String
+    description String?
+    creator_id  String
+    created_at  DateTime @default(now())
+    updated_at  DateTime @updatedAt
+
+    creator User          @relation("GroupCreator", fields: [creator_id], references: [id])
+    members GroupMember[]
+
+    @@index([creator_id])
+    @@map("groups")
+}
+
+model GroupMember {
+    group_id String
+    user_id  String
+    role     group_member_role @default(MEMBER)
+    added_at DateTime          @default(now())
+
+    group Group @relation(fields: [group_id], references: [id])
+    user  User  @relation(fields: [user_id], references: [id])
+
+    @@id([group_id, user_id])
+    @@index([user_id])
+    @@map("group_members")
+}
+
+model BlockedSlot {
+    id                  String    @id @default(cuid())
+    user_id             String
+    start_time          DateTime
+    end_time            DateTime
+    reason              String?
+    is_recurring        Boolean   @default(false)
+    rrule               String?
+    recurrence_end_date DateTime?
+    created_at          DateTime  @default(now())
+    updated_at          DateTime  @updatedAt
+
+    user User @relation(fields: [user_id], references: [id])
+
+    @@index([user_id, start_time, end_time])
+    @@index([user_id, is_recurring])
+    @@map("blocked_slots")
+}
+
+model Meeting {
+    id           String         @id @default(cuid())
+    title        String
+    description  String?
+    start_time   DateTime
+    end_time     DateTime
+    organizer_id String
+    location     String?
+    status       meeting_status @default(CONFIRMED)
+    created_at   DateTime       @default(now())
+    updated_at   DateTime       @updatedAt
+
+    organizer    User                 @relation("MeetingOrganizer", fields: [organizer_id], references: [id])
+    participants MeetingParticipant[]
+
+    @@index([start_time, end_time])
+    @@index([organizer_id])
+    @@index([status])
+    @@map("meetings")
+}
+
+model MeetingParticipant {
+    meeting_id String
+    user_id    String
+    status     participant_status @default(PENDING)
+    added_at   DateTime           @default(now())
+
+    meeting Meeting @relation(fields: [meeting_id], references: [id])
+    user    User    @relation(fields: [user_id], references: [id])
+
+    @@id([meeting_id, user_id])
+    @@index([user_id, status], name: "idx_participants_user_status")
+    @@map("meeting_participants")
+}
+
+model Notification {
+    id                  String            @id @default(cuid())
+    user_id             String
+    type                notification_type
+    related_entity_type String?
+    related_entity_id   String?
+    message             String
+    is_read             Boolean           @default(false)
+    created_at          DateTime          @default(now())
+
+    user User @relation(fields: [user_id], references: [id])
+
+    @@index([user_id, is_read, created_at], name: "idx_notifications_user_read_time")
+    @@map("notifications")
+}
+
+model UserNotificationPreference {
+    user_id           String
+    notification_type notification_type
+    email_enabled     Boolean           @default(false)
+    updated_at        DateTime          @default(now())
+
+    user User @relation(fields: [user_id], references: [id])
+
+    @@id([user_id, notification_type])
+    @@map("user_notification_preferences")
+}
+
+model EmailQueue {
+    id              String             @id @default(cuid())
+    user_id         String
+    subject         String
+    body_html       String
+    body_text       String?
+    status          email_queue_status @default(PENDING)
+    scheduled_at    DateTime           @default(now())
+    attempts        Int                @default(0)
+    last_attempt_at DateTime?
+    sent_at         DateTime?
+    error_message   String?
+    created_at      DateTime           @default(now())
+    updated_at      DateTime           @updatedAt
+
+    user User @relation(fields: [user_id], references: [id])
+
+    @@index([status, scheduled_at], name: "idx_email_queue_pending_jobs")
+    @@index([user_id, created_at], name: "idx_email_queue_user_history")
+    @@map("email_queue")
+}
+
+model CalendarExportToken {
+    id               String                @id @default(cuid())
+    user_id          String
+    token            String                @unique
+    scope            calendar_export_scope @default(MEETINGS_ONLY)
+    is_active        Boolean               @default(true)
+    created_at       DateTime              @default(now())
+    last_accessed_at DateTime?
+
+    user User @relation(fields: [user_id], references: [id])
+
+    @@index([user_id])
+    @@map("calendar_export_tokens")
+}
+
+model CalendarSubscription {
+    id                     String    @id @default(cuid())
+    user_id                String
+    feed_url               String
+    name                   String?
+    color                  String?
+    is_enabled             Boolean   @default(true)
+    last_synced_at         DateTime?
+    last_sync_error        String?
+    sync_frequency_minutes Int?      @default(60)
+    created_at             DateTime  @default(now())
+    updated_at             DateTime  @updatedAt
+
+    user           User            @relation(fields: [user_id], references: [id])
+    externalEvents ExternalEvent[]
+
+    @@index([user_id, is_enabled])
+    @@map("calendar_subscriptions")
+}
+
+model ExternalEvent {
+    id              String    @id @default(cuid())
+    subscription_id String
+    ical_uid        String
+    summary         String?
+    description     String?
+    start_time      DateTime
+    end_time        DateTime
+    is_all_day      Boolean   @default(false)
+    location        String?
+    rrule           String?
+    dtstamp         DateTime?
+    sequence        Int?
+    show_as_free    Boolean   @default(false)
+    last_fetched_at DateTime  @default(now())
+
+    subscription CalendarSubscription @relation(fields: [subscription_id], references: [id])
+
+    @@unique([subscription_id, ical_uid], name: "uq_external_event_sub_uid")
+    @@index([subscription_id, start_time, end_time])
+    @@index([subscription_id, show_as_free])
+    @@map("external_events")
 }

src/auth.ts

@@ -5,6 +5,9 @@ import Credentials from 'next-auth/providers/credentials';
 
 import Authentik from 'next-auth/providers/authentik';
 
+import { PrismaAdapter } from '@auth/prisma-adapter';
+import { prisma } from '@/prisma';
+
 const providers: Provider[] = [
   !process.env.DISABLE_PASSWORD_LOGIN &&
     Credentials({
@@ -34,6 +37,7 @@ export const providerMap = providers
 
 export const { handlers, signIn, signOut, auth } = NextAuth({
   providers,
+  adapter: PrismaAdapter(prisma),
   session: {
     strategy: 'jwt',
   },

src/prisma.ts

@@ -0,0 +1,7 @@
+import { PrismaClient } from '@/generated/prisma';
+
+const globalForPrisma = globalThis as unknown as { prisma: PrismaClient };
+
+export const prisma = globalForPrisma.prisma || new PrismaClient();
+
+if (process.env.NODE_ENV !== 'production') globalForPrisma.prisma = prisma;