Expand description
Persistent account-link stores. Schema mirrors better-auth’s
account table
so apps migrating between the two see the same field names + meanings.
SqliteAccountBackend— single-file durability for self-hosted single-replica deploys. Lives alongside sessions/oauth-state inPYLON_SESSION_DB.PostgresAccountBackend— forDATABASE_URL=postgres://...deploys. Stores account rows in the same Postgres cluster as the user’s data so a join across_pylon_accountsand the manifest’sUserentity works without cross-database queries.
Both implement pylon_auth::AccountBackend. Why a dedicated table
instead of folding the link into the manifest’s User entity:
- Multi-provider: a single user can link Google + GitHub +
custom IdPs + a password (
provider_id="credential"). TheUserrow needs one identity-of-record (email), not N nullable provider columns. - Refresh token + password storage: provider secrets and
password hashes shouldn’t be in the user-visible entity surface
— hiding them in a framework table keeps them out of
/api/entities/Userresponses by default. - Schema agility: the framework owns the account schema, so adding a new provider column doesn’t require a manifest migration in every consumer app.