DROP TABLE IF EXISTS users;
CREATE TABLE users (
    id                  TEXT PRIMARY KEY,
    handle              TEXT NOT NULL UNIQUE,
    full_name           TEXT,
    email               TEXT UNIQUE,
    website             TEXT,
    picture             BLOB,
    roles               TEXT NOT NULL, -- json array of user roles

    status              TEXT CHECK(status IN ('Active','Disabled')) NOT NULL DEFAULT 'Disabled',
    password_hash       TEXT,
    activation_token    TEXT,
    last_login_at       DATETIME,
    created_at          DATETIME NOT NULL
);

DROP TABLE IF EXISTS authorizations;
CREATE TABLE authorizations (
    id                  TEXT PRIMARY KEY,
    user_id             TEXT NOT NULL,
    client_id           TEXT NOT NULL,
    scopes              TEXT, -- json array of app scope (permissions)
    code                TEXT,

    last_used_at        DATETIME,
    created_at          DATETIME NOT NULL
);