diff --git a/migrations/2022-01-02-195433_users-and-jwt/down.sql b/migrations/2022-01-02-195433_users-and-jwt/down.sql
new file mode 100644
index 0000000..0d8d494
--- /dev/null
+++ b/migrations/2022-01-02-195433_users-and-jwt/down.sql
@@ -0,0 +1,3 @@
+-- This file should undo anything in `up.sql`
+drop table refresh_tokens cascade;
+drop table users cascade;
diff --git a/migrations/2022-01-02-195433_users-and-jwt/up.sql b/migrations/2022-01-02-195433_users-and-jwt/up.sql
new file mode 100644
index 0000000..15f0484
--- /dev/null
+++ b/migrations/2022-01-02-195433_users-and-jwt/up.sql
@@ -0,0 +1,20 @@
+CREATE TABLE users (
+    id uuid DEFAULT gen_random_uuid() PRIMARY KEY,
+
+    username varchar(32) UNIQUE NOT NULL,
+    -- Hashed + salted representation of the username
+    password text NOT NULL,
+    -- Wether the user is currently blocked
+    blocked boolean NOT NULL DEFAULT false
+);
+
+CREATE TABLE refresh_tokens (
+    -- This is more efficient than storing the text
+    token bytea PRIMARY KEY,
+    -- The user for whom the token was created
+    user_id uuid NOT NULL REFERENCES users(id) ON DELETE CASCADE,
+    -- When the token expires
+    expires_at timestamp NOT NULL,
+    -- When the token was last used (is NULL until used)
+    last_used_at timestamp
+);
diff --git a/src/schema.rs b/src/schema.rs
new file mode 100644
index 0000000..8dcb725
--- /dev/null
+++ b/src/schema.rs
@@ -0,0 +1,25 @@
+table! {
+    refresh_tokens (token) {
+        token -> Bytea,
+        user_id -> Uuid,
+        expires_at -> Timestamp,
+        last_used_at -> Nullable<Timestamp>,
+    }
+}
+
+table! {
+    users (id) {
+        id -> Uuid,
+        username -> Varchar,
+        password -> Text,
+        blocked -> Bool,
+        admin -> Bool,
+    }
+}
+
+joinable!(refresh_tokens -> users (user_id));
+
+allow_tables_to_appear_in_same_query!(
+    refresh_tokens,
+    users,
+);