7 files changed, 8 insertions, 30 deletions

diff --git a/crates/secd/store/pg/migrations/20221222002434_bootstrap.sql b/crates/secd/store/pg/migrations/20221222002434_bootstrap.sql
index 0cf3fa0..0fd423e 100644
--- a/crates/secd/store/pg/migrations/20221222002434_bootstrap.sql
+++ b/crates/secd/store/pg/migrations/20221222002434_bootstrap.sql
@@ -36,11 +36,10 @@ create table if not exists secd.credential (
        , created_at timestamptz not null
        , revoked_at timestamptz
        , deleted_at timestamptz
+       , unique(partial_key)
 );
 
-create unique index if not exists credential_passphrase_type_key_ix
-on secd.credential (partial_key)
-where type = 'Passphrase';
+create unique index if not exists credential_partial_key_type_key_ix on secd.credential (partial_key);
 
 create table if not exists secd.address (
        address_id bigserial primary key
diff --git a/crates/secd/store/pg/sql/find_credential.sql b/crates/secd/store/pg/sql/find_credential.sql
index e30c0ea..1736500 100644
--- a/crates/secd/store/pg/sql/find_credential.sql
+++ b/crates/secd/store/pg/sql/find_credential.sql
@@ -9,4 +9,4 @@ join secd.identity   i using (identity_id)
 where (($1::uuid is null) or (c.credential_public_id = $1))
 and (($2::uuid is null) or (i.identity_public_id = $2))
 and (($3::text is null) or (c.type = $3))
-and (($3::text is null or $4::text is null) or (c.data->$3->>'key' = $4))
+and (($3::text is null or $4::text is null) or (c.partial_key = $4))
diff --git a/crates/secd/store/pg/sql/find_identity.sql b/crates/secd/store/pg/sql/find_identity.sql
index 37105cb..41c8518 100644
--- a/crates/secd/store/pg/sql/find_identity.sql
+++ b/crates/secd/store/pg/sql/find_identity.sql
@@ -7,9 +7,7 @@ select distinct
 from secd.identity i
 left join secd.address_validation av using (identity_id)
 left join secd.address            a  using (address_id)
-left join secd.session            s  using (identity_id)
 where (($1::uuid is null) or (i.identity_public_id = $1))
 and (($2::text is null) or (a.value = $2))
 and (($3::bool is null) or (($3::bool is true) and (av.validated_at is not null)))
-and (($4::bytea is null) or (s.token_hash = $4))
 and i.deleted_at is null;
diff --git a/crates/secd/store/pg/sql/find_session.sql b/crates/secd/store/pg/sql/find_session.sql
deleted file mode 100644
index ca58480..0000000
--- a/crates/secd/store/pg/sql/find_session.sql
+++ /dev/null
@@ -1,11 +0,0 @@
-select distinct
-       i.identity_public_id
-       , s.created_at
-       , s.expired_at
-       , s.revoked_at
-from secd.session  s
-join secd.identity i using (identity_id)
-where (($1::bytea is null) or (s.token_hash = $1))
-and (($2::uuid is null) or (i.identity_public_id = $2))
-and (($3::timestamptz is null) or (s.expired_at > $3))
-and ((revoked_at is null) or ($4::timestamptz is null) or (s.revoked_at > $4));
diff --git a/crates/secd/store/pg/sql/write_credential.sql b/crates/secd/store/pg/sql/write_credential.sql
index 17e03a2..ecaf523 100644
--- a/crates/secd/store/pg/sql/write_credential.sql
+++ b/crates/secd/store/pg/sql/write_credential.sql
@@ -16,4 +16,6 @@ insert into secd.credential (
        , $6
        , $7
        , $8
-);
+) on conflict (partial_key) do update
+  set revoked_at = excluded.revoked_at
+      , deleted_at = excluded.deleted_at;
diff --git a/crates/secd/store/pg/sql/write_identity.sql b/crates/secd/store/pg/sql/write_identity.sql
index 4b2745b..e86d2f5 100644
--- a/crates/secd/store/pg/sql/write_identity.sql
+++ b/crates/secd/store/pg/sql/write_identity.sql
@@ -9,4 +9,5 @@ insert into secd.identity (
 ) on conflict (identity_public_id) do update
   set data = excluded.data
       , updated_at = excluded.updated_at
-      , deleted_at = excluded.deleted_at;
+      , deleted_at = excluded.deleted_at
+returning (xmax = 0);
diff --git a/crates/secd/store/pg/sql/write_session.sql b/crates/secd/store/pg/sql/write_session.sql
deleted file mode 100644
index aa9c0a1..0000000
--- a/crates/secd/store/pg/sql/write_session.sql
+++ /dev/null
@@ -1,11 +0,0 @@
-insert into secd.session (
-       identity_id
-       , token_hash
-       , created_at
-       , expired_at
-       , revoked_at
-) values (
-  (select identity_id from secd.identity where identity_public_id = $1)
-  , $2, $3, $4, $5
-) on conflict (token_hash) do update
-  set revoked_at = excluded.revoked_at;