🐛 fix(auth-migrations): add missing session columns migration

The sessions table on staging was missing newer columns like remember_me,
refresh_token, device_id, etc. because the initial migration uses
CREATE TABLE IF NOT EXISTS which skips if the table already exists.

This migration adds all potentially missing columns to the sessions table
using IF NOT EXISTS checks for each column.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

services/mana-core-auth/src/db/migrations/0001_add_missing_session_columns.sql

@@ -0,0 +1,52 @@
+-- Migration: Add missing columns to sessions table
+-- This handles the case where the table was created by db:push before these columns were added
+
+-- Add missing columns to sessions table (IF NOT EXISTS equivalent using DO block)
+DO $$
+BEGIN
+    -- refresh_token column
+    IF NOT EXISTS (SELECT 1 FROM information_schema.columns WHERE table_schema = 'auth' AND table_name = 'sessions' AND column_name = 'refresh_token') THEN
+        ALTER TABLE "auth"."sessions" ADD COLUMN "refresh_token" text;
+    END IF;
+
+    -- refresh_token_expires_at column
+    IF NOT EXISTS (SELECT 1 FROM information_schema.columns WHERE table_schema = 'auth' AND table_name = 'sessions' AND column_name = 'refresh_token_expires_at') THEN
+        ALTER TABLE "auth"."sessions" ADD COLUMN "refresh_token_expires_at" timestamp with time zone;
+    END IF;
+
+    -- device_id column
+    IF NOT EXISTS (SELECT 1 FROM information_schema.columns WHERE table_schema = 'auth' AND table_name = 'sessions' AND column_name = 'device_id') THEN
+        ALTER TABLE "auth"."sessions" ADD COLUMN "device_id" text;
+    END IF;
+
+    -- device_name column
+    IF NOT EXISTS (SELECT 1 FROM information_schema.columns WHERE table_schema = 'auth' AND table_name = 'sessions' AND column_name = 'device_name') THEN
+        ALTER TABLE "auth"."sessions" ADD COLUMN "device_name" text;
+    END IF;
+
+    -- last_activity_at column
+    IF NOT EXISTS (SELECT 1 FROM information_schema.columns WHERE table_schema = 'auth' AND table_name = 'sessions' AND column_name = 'last_activity_at') THEN
+        ALTER TABLE "auth"."sessions" ADD COLUMN "last_activity_at" timestamp with time zone DEFAULT now();
+    END IF;
+
+    -- revoked_at column
+    IF NOT EXISTS (SELECT 1 FROM information_schema.columns WHERE table_schema = 'auth' AND table_name = 'sessions' AND column_name = 'revoked_at') THEN
+        ALTER TABLE "auth"."sessions" ADD COLUMN "revoked_at" timestamp with time zone;
+    END IF;
+
+    -- remember_me column
+    IF NOT EXISTS (SELECT 1 FROM information_schema.columns WHERE table_schema = 'auth' AND table_name = 'sessions' AND column_name = 'remember_me') THEN
+        ALTER TABLE "auth"."sessions" ADD COLUMN "remember_me" boolean DEFAULT false;
+    END IF;
+END $$;
+--> statement-breakpoint
+
+-- Add unique constraint on refresh_token if it doesn't exist
+DO $$
+BEGIN
+    IF NOT EXISTS (SELECT 1 FROM pg_constraint WHERE conname = 'sessions_refresh_token_unique') THEN
+        ALTER TABLE "auth"."sessions" ADD CONSTRAINT "sessions_refresh_token_unique" UNIQUE("refresh_token");
+    END IF;
+EXCEPTION
+    WHEN duplicate_object THEN null;
+END $$;

services/mana-core-auth/src/db/migrations/meta/0001_snapshot.json

@@ -0,0 +1,15 @@
+{
+	"id": "0001_add_missing_session_columns",
+	"prevId": "0000_naive_scorpion",
+	"version": "7",
+	"dialect": "postgresql",
+	"tables": {},
+	"enums": {},
+	"schemas": {},
+	"sequences": {},
+	"_meta": {
+		"columns": {},
+		"schemas": {},
+		"tables": {}
+	}
+}

services/mana-core-auth/src/db/migrations/meta/_journal.json

@@ -8,6 +8,13 @@
 			"when": 1766081368788,
 			"tag": "0000_naive_scorpion",
 			"breakpoints": true
+		},
+		{
+			"idx": 1,
+			"version": "7",
+			"when": 1734555600000,
+			"tag": "0001_add_missing_session_columns",
+			"breakpoints": true
 		}
 	]
 }