aboutsummaryrefslogtreecommitdiff
path: root/crates/secd/store/sqlite/migrations
diff options
context:
space:
mode:
Diffstat (limited to 'crates/secd/store/sqlite/migrations')
-rw-r--r--crates/secd/store/sqlite/migrations/20221125051738_bootstrap.sql133
1 files changed, 66 insertions, 67 deletions
diff --git a/crates/secd/store/sqlite/migrations/20221125051738_bootstrap.sql b/crates/secd/store/sqlite/migrations/20221125051738_bootstrap.sql
index a8784f5..299f282 100644
--- a/crates/secd/store/sqlite/migrations/20221125051738_bootstrap.sql
+++ b/crates/secd/store/sqlite/migrations/20221125051738_bootstrap.sql
@@ -1,82 +1,81 @@
-create table if not exists identity (
- identity_id integer primary key autoincrement
- , identity_public_id uuid
- , data text
- , created_at timestamptz not null
- , deleted_at timestamptz
- , unique(identity_public_id)
+create table if not exists realm (
+ realm_id integer primary key
+ , created_at integer not null
);
-create table if not exists session (
- session_id integer primary key autoincrement
- , identity_id bigint not null references identity(identity_id)
- , secret_hash bytea not null
- , created_at timestamptz not null
- , expired_at timestamptz
- , revoked_at timestamptz
- , unique(secret_hash)
+create table if not exists realm_data (
+ realm_data_id integer primary key
+ , realm_id integer not null references realm(realm_id)
+ , email_provider text not null
+ , sms_provider text not null
+ , created_at integer not null
+ , deleted_at integer
);
-create table if not exists oauth_provider (
- oauth_provider_id integer primary key autoincrement
- , name text not null
- , flow text not null
- , base_url text not null
- , response_type text not null
- , default_scope text
- , client_id text not null
- , client_secret text not null
- , redirect_url text not null
- , created_at timestamptz not null
- , deleted_at timestamptz
- , unique (name, flow)
+create table if not exists identity (
+ identity_id integer primary key
+ , identity_public_id uuid not null
+ , data text -- some things are dervied, others are not
+ , created_at integer not null
+ , updated_at integer not null
+ , deleted_at integer
+ , unique(identity_public_id)
);
-create table if not exists oauth_validation (
- oauth_validation_id integer primary key autoincrement
- , oauth_validation_public_id uuid not null
- , oauth_provider_id integer not null references oauth_provider(oauth_provider_id)
- , access_token text
- , raw_response text
- , created_at timestamptz not null
- , validated_at timestamptz
- , unique (oauth_validation_public_id)
+create table if not exists credential (
+ credential_id integer primary key
+ , credential_public_id uuid not null
+ , identity_id integer not null references identity(identity_id)
+ , type text not null-- e.g. password, oidc, totop, lookup_secret, webauthn, ...
+ , data text not null
+ , version integer not null
+ , created_at integer not null
+ , revoked_at integer
+ , deleted_at integer
);
-create table if not exists identity_oauth_validation (
- identity_oauth_validation_id integer primary key autoincrement
- -- A validation does not require an identity to initiate
- , identity_id bigint references identity(identity_id)
- , oauth_validation_id bigint not null references oauth_validation(oauth_validation_id)
- , revoked_at timestamptz
- , deleted_at timestamptz
- , unique(identity_id, oauth_validation_id)
+create table if not exists address (
+ address_id integer primary key
+ , address_public_id uuid not null
+ , type text not null
+ , value text not null
+ , created_at integer not null
+ , unique(value, type)
);
-create table if not exists email (
- email_id integer primary key autoincrement
- , address text not null
- , unique(address)
+create table if not exists address_validation (
+ address_validation_id integer primary key
+ , address_validation_public_id uuid not null
+ , identity_id integer references identity(identity_id)
+ , address_id integer not null references address(address_id)
+ , method text not null -- e.g. email, sms, voice, oidc
+ , token_hash blob
+ , code_hash blob
+ , attempts integer not null
+ , created_at integer not null
+ , expires_at integer not null
+ , revoked_at integer
+ , validated_at integer
+ , unique(address_validation_public_id)
);
-create table if not exists email_validation (
- email_validation_id integer primary key autoincrement
- , email_validation_public_id uuid not null
- , email_id bigint not null references email(email_id)
- , code text
- , is_oauth_derived boolean not null
- , created_at timestamptz not null
- , validated_at timestamptz
- , expired_at timestamptz
- , unique(email_validation_public_id)
+create table if not exists session (
+ session_id integer primary key
+ , identity_id integer not null references identity(identity_id)
+ , token_hash blob not null
+ , created_at integer not null
+ , expired_at integer not null
+ , revoked_at integer
+ , unique(token_hash)
);
-create table if not exists identity_email_validation (
- identity_email_validation_id integer primary key autoincrement
- -- A validation does not require an identity to initiate
- , identity_id bigint references identity(identity_id)
- , email_validation_id bigint not null references email_validation(email_validation_id)
- , revoked_at timestamptz
- , deleted_at timestamptz
- , unique(identity_id, email_validation_id)
+create table if not exists message (
+ message_id integer primary key
+ , address_id integer not null references address(address_id)
+ , subject text
+ , body text
+ , template text not null
+ , template_vars text not null
+ , created_at integer not null
+ , sent_at integer
);
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-06 09:41:18 +0000