Expand description
SQLite-backed OAuth state persistence.
State tokens are short-lived (10 min) and single-use. Persisting them to SQLite lets the OAuth flow survive a server restart that happens between the user clicking “Sign in with Google” and the provider redirecting back.
Schema is one row per token. Cleanup happens lazily — when take() finds
an expired token it returns None; a periodic VACUUM is unnecessary at the
volumes OAuth flows actually generate.