refactor(schema): remove unused verification_tokens table

packages/nextly/src/__tests__/database/_fixture-schema/unified.ts

@@ -267,39 +267,6 @@ export const nextlyTables: TableDefinition[] = [
     ],
   },
 
-  {
-    name: "verification_tokens",
-    comment: "Email verification tokens - Auth.js v5 compatible",
-    columns: [
-      {
-        name: "identifier",
-        type: "text",
-        nullable: false,
-      },
-      {
-        name: "token",
-        type: "text",
-        nullable: false,
-      },
-      {
-        name: "expires",
-        type: "timestamp",
-        nullable: false,
-      },
-    ],
-    indexes: [
-      {
-        name: "verification_tokens_identifier_token_pk",
-        columns: ["identifier", "token"],
-        unique: true,
-      },
-      {
-        name: "verification_tokens_token_idx",
-        columns: ["token"],
-      },
-    ],
-  },
-
   {
     name: "password_reset_tokens",
     comment: "Password reset tokens with hashing for security",

packages/nextly/src/__tests__/fixtures/db.ts

@@ -91,14 +91,6 @@ function createTables(sqlite: Database.Database) {
     CREATE UNIQUE INDEX IF NOT EXISTS evt_identifier_token_hash_unique ON email_verification_tokens(identifier, token_hash);
     CREATE INDEX IF NOT EXISTS evt_expires_idx ON email_verification_tokens(expires);
 
-    CREATE TABLE IF NOT EXISTS verification_tokens (
-      identifier TEXT NOT NULL,
-      token TEXT NOT NULL,
-      expires INTEGER NOT NULL
-    );
-    CREATE UNIQUE INDEX IF NOT EXISTS verification_tokens_identifier_token_pk ON verification_tokens(identifier, token);
-    CREATE INDEX IF NOT EXISTS verification_tokens_token_idx ON verification_tokens(token);
-
     CREATE TABLE IF NOT EXISTS user_roles (
       id TEXT PRIMARY KEY,
       user_id TEXT NOT NULL REFERENCES users(id) ON DELETE CASCADE,

packages/nextly/src/database/sqlite-core-tables.ts

@@ -62,12 +62,6 @@ export function generateSqliteCoreTableStatements(): string[] {
       "user_id" TEXT NOT NULL REFERENCES "users"("id") ON DELETE CASCADE,
       "expires" INTEGER NOT NULL
     )`,
-    `CREATE TABLE IF NOT EXISTS "verification_tokens" (
-      "identifier" TEXT NOT NULL,
-      "token" TEXT NOT NULL,
-      "expires" INTEGER NOT NULL,
-      UNIQUE("identifier", "token")
-    )`,
     `CREATE TABLE IF NOT EXISTS "password_reset_tokens" (
       "id" INTEGER PRIMARY KEY AUTOINCREMENT,
       "identifier" TEXT NOT NULL,

packages/nextly/src/domains/auth/__tests__/auth-service.test.ts

@@ -932,33 +932,5 @@ describe("AuthService", () => {
       expect(allTokens).toHaveLength(1);
       expect(allTokens[0].identifier).toBe(validEmail);
     });
-
-    it("should delete expired Auth.js verification tokens", async () => {
-      // Arrange: Create expired and valid Auth.js verification tokens
-      const expiredEmail = "expired@test.com";
-      const validEmail = "valid@test.com";
-
-      // Create expired token
-      await testDb.db.insert(testDb.schema.verificationTokens).values({
-        identifier: expiredEmail,
-        token: "expired-authjs-token",
-        expires: new Date(Date.now() - 1000), // Expired
-      });
-
-      // Create valid token
-      await testDb.db.insert(testDb.schema.verificationTokens).values({
-        identifier: validEmail,
-        token: "valid-authjs-token",
-        expires: new Date(Date.now() + TOKEN_EXPIRY_HOURS * HOUR_IN_MS), // Valid for 24h
-      });
-
-      // Act
-      await service.cleanupExpiredTokens();
-
-      // Assert: Expired token deleted, valid token remains
-      const allTokens = await testDb.db.query.verificationTokens.findMany();
-      expect(allTokens).toHaveLength(1);
-      expect(allTokens[0].identifier).toBe(validEmail);
-    });
   });
 });

packages/nextly/src/domains/auth/services/auth-service.ts

@@ -686,11 +686,6 @@ export class AuthService extends BaseService {
       await this.db
         .delete(this.tables.emailVerificationTokens)
         .where(lt(this.tables.emailVerificationTokens.expires, now));
-
-      // Auth.js verification tokens
-      await this.db
-        .delete(this.tables.verificationTokens)
-        .where(lt(this.tables.verificationTokens.expires, now));
     } catch (error) {
       console.error("Failed to cleanup expired tokens:", error);
     }

packages/nextly/src/schemas/__tests__/public-api.test.ts

@@ -51,7 +51,6 @@ describe("schemas public API", () => {
         "users",
         "accounts",
         "sessions",
-        "verification_tokens",
         "password_reset_tokens",
         "email_verification_tokens",
         "refresh_tokens",

packages/nextly/src/schemas/_dialect-bundles/mysql.ts

@@ -18,7 +18,6 @@ export {
 } from "../users/mysql-relations";
 
 export {
-  verificationTokens,
   emailVerificationTokens,
   passwordResetTokens,
   refreshTokens,

packages/nextly/src/schemas/_dialect-bundles/postgres.ts

@@ -33,7 +33,6 @@ export {
 
 // Auth tokens.
 export {
-  verificationTokens,
   emailVerificationTokens,
   passwordResetTokens,
   refreshTokens,

packages/nextly/src/schemas/_dialect-bundles/sqlite.ts

@@ -18,7 +18,6 @@ export {
 } from "../users/sqlite-relations";
 
 export {
-  verificationTokens,
   emailVerificationTokens,
   passwordResetTokens,
   refreshTokens,

packages/nextly/src/schemas/auth-tokens/index.ts

@@ -30,21 +30,18 @@ export function authTokenTables(dialect: SupportedDialect) {
   switch (dialect) {
     case "postgresql":
       return {
-        verificationTokens: pg.verificationTokens,
         emailVerificationTokens: pg.emailVerificationTokens,
         passwordResetTokens: pg.passwordResetTokens,
         refreshTokens: pg.refreshTokens,
       };
     case "mysql":
       return {
-        verificationTokens: my.verificationTokens,
         emailVerificationTokens: my.emailVerificationTokens,
         passwordResetTokens: my.passwordResetTokens,
         refreshTokens: my.refreshTokens,
       };
     case "sqlite":
       return {
-        verificationTokens: sl.verificationTokens,
         emailVerificationTokens: sl.emailVerificationTokens,
         passwordResetTokens: sl.passwordResetTokens,
         refreshTokens: sl.refreshTokens,

packages/nextly/src/schemas/auth-tokens/mysql.ts

@@ -1,8 +1,7 @@
 /**
  * Auth-token tables — MySQL.
  *
- * Tables: verificationTokens, emailVerificationTokens, passwordResetTokens,
- * refreshTokens.
+ * Tables: emailVerificationTokens, passwordResetTokens, refreshTokens.
  * Moved verbatim from packages/nextly/src/database/schema/mysql.ts as part of
  * Plan A schemas consolidation. No behavior change.
  *
@@ -26,22 +25,6 @@ import {
 
 import { users } from "../users/mysql";
 
-export const verificationTokens = mysqlTable(
-  "verification_tokens",
-  {
-    identifier: varchar("identifier", { length: 191 }).notNull(),
-    token: varchar("token", { length: 191 }).notNull(),
-    expires: datetime("expires").notNull(),
-  },
-  t => [
-    uniqueIndex("verification_tokens_identifier_token_pk").on(
-      t.identifier,
-      t.token
-    ),
-    index("verification_tokens_token_idx").on(t.token),
-  ]
-);
-
 // Password reset tokens (custom table)
 export const passwordResetTokens = mysqlTable(
   "password_reset_tokens",

packages/nextly/src/schemas/auth-tokens/postgres.ts

@@ -1,8 +1,7 @@
 /**
  * Auth-token tables — PostgreSQL.
  *
- * Tables: verificationTokens, emailVerificationTokens, passwordResetTokens,
- * refreshTokens.
+ * Tables: emailVerificationTokens, passwordResetTokens, refreshTokens.
  * Moved verbatim from packages/nextly/src/database/schema/postgres.ts as part
  * of Plan A schemas consolidation. No behavior change.
  *
@@ -26,22 +25,6 @@ import {
 
 import { users } from "../users/postgres";
 
-export const verificationTokens = pgTable(
-  "verification_tokens",
-  {
-    identifier: text("identifier").notNull(),
-    token: text("token").notNull(),
-    expires: timestamp("expires", { withTimezone: false }).notNull(),
-  },
-  t => [
-    uniqueIndex("verification_tokens_identifier_token_pk").on(
-      t.identifier,
-      t.token
-    ),
-    index("verification_tokens_token_idx").on(t.token),
-  ]
-);
-
 // Password reset tokens (custom table)
 export const passwordResetTokens = pgTable(
   "password_reset_tokens",

packages/nextly/src/schemas/auth-tokens/sqlite.ts

@@ -1,8 +1,7 @@
 /**
  * Auth-token tables — SQLite.
  *
- * Tables: verificationTokens, emailVerificationTokens, passwordResetTokens,
- * refreshTokens.
+ * Tables: emailVerificationTokens, passwordResetTokens, refreshTokens.
  * Moved verbatim from packages/nextly/src/database/schema/sqlite.ts as part of
  * Plan A schemas consolidation. No behavior change.
  *
@@ -24,22 +23,6 @@ import {
 
 import { users } from "../users/sqlite";
 
-export const verificationTokens = sqliteTable(
-  "verification_tokens",
-  {
-    identifier: text("identifier").notNull(),
-    token: text("token").notNull(),
-    expires: integer("expires", { mode: "timestamp" }).notNull(),
-  },
-  t => [
-    uniqueIndex("verification_tokens_identifier_token_pk").on(
-      t.identifier,
-      t.token
-    ),
-    index("verification_tokens_token_idx").on(t.token),
-  ]
-);
-
 // Password reset tokens (custom table)
 export const passwordResetTokens = sqliteTable(
   "password_reset_tokens",

packages/nextly/src/schemas/index.ts

@@ -137,7 +137,6 @@ export const CORE_TABLE_NAMES: readonly string[] = [
   "users",
   "accounts",
   "sessions",
-  "verification_tokens",
   "password_reset_tokens",
   "email_verification_tokens",
   "refresh_tokens",
@@ -187,7 +186,6 @@ export { users, accounts, sessions } from "./users/postgres";
 
 // Plan A Task 6 — auth-token tables. PG re-exports for direct-query callers.
 export {
-  verificationTokens,
   emailVerificationTokens,
   passwordResetTokens,
   refreshTokens,

packages/nextly/src/types/auth.ts

@@ -67,7 +67,6 @@ export interface AuthTables {
   users: unknown;
   accounts: unknown;
   sessions: unknown;
-  verificationTokens: unknown;
   passwordResetTokens: unknown;
   emailVerificationTokens?: unknown;
 }

packages/nextly/src/types/database-operations.ts

@@ -188,10 +188,6 @@ export interface AuthSchemaTables {
     tokenHash: unknown;
     expires: unknown;
   };
-  verificationTokens: {
-    id?: unknown;
-    expires: unknown;
-  };
   accounts: {
     id: unknown;
     userId: unknown;