15 files changed, 58 insertions, 42 deletions

diff --git a/crates/iam/src/api.rs b/crates/iam/src/api.rs
index 5819533..5b72d93 100644
--- a/crates/iam/src/api.rs
+++ b/crates/iam/src/api.rs
@@ -69,6 +69,14 @@ pub enum Command {
         object: CreateObject,
     },
     #[command(
+        about = "Utility and convenience commands while developing against secd",
+        long_about = "Dev\n\nUtility and convenience commands while developing against secd. Easily retrieve local mail, monitor secd logs, and otherwise inspect or interact with the system."
+    )]
+    Dev {
+        #[command(subcommand)]
+        object: DevObject,
+    },
+    #[command(
         about = "Get details for a specific IAM object",
         long_about = "Get\n\nGet details for a specific IAM object"
     )]
@@ -312,6 +320,9 @@ pub enum CreateObject {
 }
 
 #[derive(Subcommand)]
+pub enum DevObject {}
+
+#[derive(Subcommand)]
 pub enum ValidationMethod {
     /// An email address to which the validation will be sent
     Email {
diff --git a/crates/secd/src/client/email.rs b/crates/secd/src/client/email.rs
index fc48702..2712037 100644
--- a/crates/secd/src/client/email.rs
+++ b/crates/secd/src/client/email.rs
@@ -1,6 +1,7 @@
 use std::{path::PathBuf, str::FromStr};
 
 use email_address::EmailAddress;
+use time::OffsetDateTime;
 
 use super::{
     EmailMessenger, EmailMessengerError, EmailType, EMAIL_TEMPLATE_DEFAULT_LOGIN,
@@ -51,8 +52,12 @@ impl EmailMessenger for LocalEmailStubber {
 
         // TODO: write to the system mailbox instead?
         std::fs::write(
-            PathBuf::from_str(&format!("/tmp/{}.localmail", validation_id))
-                .map_err(|_| EmailMessengerError::Unknown)?,
+            PathBuf::from_str(&format!(
+                "/tmp/{}_{}.localmail",
+                OffsetDateTime::now_utc(),
+                validation_id
+            ))
+            .map_err(|_| EmailMessengerError::Unknown)?,
             body,
         )
         .map_err(|_| EmailMessengerError::FailedToSendEmail)?;
diff --git a/crates/secd/src/lib.rs b/crates/secd/src/lib.rs
index 9eb7f0e..4feda04 100644
--- a/crates/secd/src/lib.rs
+++ b/crates/secd/src/lib.rs
@@ -46,16 +46,16 @@ pub struct Identity {
 #[derive(sqlx::FromRow, Debug, Serialize)]
 pub struct Session {
     #[sqlx(rename = "identity_public_id")]
-    identity_id: IdentityId,
+    pub identity_id: IdentityId,
     #[serde(skip_serializing_if = "Option::is_none")]
     #[sqlx(default)]
-    secret: Option<SessionSecret>,
+    pub secret: Option<SessionSecret>,
     #[serde(with = "time::serde::timestamp")]
-    created_at: OffsetDateTime,
+    pub created_at: OffsetDateTime,
     #[serde(with = "time::serde::timestamp")]
-    expires_at: OffsetDateTime,
+    pub expires_at: OffsetDateTime,
     #[serde(skip_serializing_if = "Option::is_none")]
-    revoked_at: Option<OffsetDateTime>,
+    pub revoked_at: Option<OffsetDateTime>,
 }
 
 #[derive(sqlx::FromRow, Debug)]
diff --git a/crates/secd/store/pg/migrations/20221116062550_bootstrap.sql b/crates/secd/store/pg/migrations/20221116062550_bootstrap.sql
index 7a1bf07..3f5fb40 100644
--- a/crates/secd/store/pg/migrations/20221116062550_bootstrap.sql
+++ b/crates/secd/store/pg/migrations/20221116062550_bootstrap.sql
@@ -1,8 +1,8 @@
 create extension if not exists pgcrypto;
 create extension if not exists citext;
-create schema if not exists auth;
+create schema if not exists secd;
 
-create table if not exists auth.identity (
+create table if not exists secd.identity (
        identity_id          bigserial          primary key
        , identity_public_id uuid
        , data text
@@ -10,24 +10,24 @@ create table if not exists auth.identity (
        , unique(identity_public_id)
 );
 
-create table if not exists auth.email (
+create table if not exists secd.email (
        email_id bigserial primary key
        , address text not null
        , unique(address)
 );
 
-create table if not exists auth.identity_email (
+create table if not exists secd.identity_email (
        identity_email_id bigserial primary key
-       , identity_id bigint not null references auth.identity(identity_id)
-       , email_id bigint not null references auth.email(email_id)
+       , identity_id bigint not null references secd.identity(identity_id)
+       , email_id bigint not null references secd.email(email_id)
        , created_at timestamptz not null
        , deleted_at timestamptz
 );
 
-create table if not exists auth.email_validation (
+create table if not exists secd.email_validation (
        email_validation_id bigserial primary key
        , email_validation_public_id uuid not null
-       , identity_email_id integer not null references auth.identity_email(identity_email_id)
+       , identity_email_id integer not null references secd.identity_email(identity_email_id)
        , attempts integer not null
        , code text
        , is_validated boolean not null default false
@@ -37,9 +37,9 @@ create table if not exists auth.email_validation (
        , unique(email_validation_public_id)
 );
 
-create table if not exists auth.session (
+create table if not exists secd.session (
        session_id bigserial primary key
-       , identity_id bigint not null references auth.identity(identity_id)
+       , identity_id bigint not null references secd.identity(identity_id)
        , secret_hash bytea not null
        , created_at timestamptz not null
        , touched_at timestamptz not null
diff --git a/crates/secd/store/pg/sql/find_email_validation.sql b/crates/secd/store/pg/sql/find_email_validation.sql
index d16d8e7..96a8cc4 100644
--- a/crates/secd/store/pg/sql/find_email_validation.sql
+++ b/crates/secd/store/pg/sql/find_email_validation.sql
@@ -8,10 +8,10 @@ select
         , ev.created_at
         , ev.expires_at
         , ev.revoked_at
-from auth.email_validation ev
-join auth.identity_email   ie using (identity_email_id)
-join auth.email            e  using (email_id)
-join auth.identity         i  using (identity_id)
+from secd.email_validation ev
+join secd.identity_email   ie using (identity_email_id)
+join secd.email            e  using (email_id)
+join secd.identity         i  using (identity_id)
 where (($1 is null) or (email_validation_public_id = $1))
 and   (($2 is null) or (code = $2));
 --
diff --git a/crates/secd/store/pg/sql/find_identity.sql b/crates/secd/store/pg/sql/find_identity.sql
index 3a86a83..f4c9cbf 100644
--- a/crates/secd/store/pg/sql/find_identity.sql
+++ b/crates/secd/store/pg/sql/find_identity.sql
@@ -2,8 +2,8 @@ select
         identity_public_id,
         data,
         i.created_at
-from auth.identity       i
-join auth.identity_email ie using (identity_id)
-join auth.email          e  using (email_id)
+from secd.identity       i
+join secd.identity_email ie using (identity_id)
+join secd.email          e  using (email_id)
 where (($1 is null) or (i.identity_public_id = $1))
 and   (($2 is null) or (e.address = $2))
diff --git a/crates/secd/store/pg/sql/find_identity_by_code.sql b/crates/secd/store/pg/sql/find_identity_by_code.sql
index 9df6614..e016a0e 100644
--- a/crates/secd/store/pg/sql/find_identity_by_code.sql
+++ b/crates/secd/store/pg/sql/find_identity_by_code.sql
@@ -1,11 +1,11 @@
 select identity_email_id
-from auth.email_validation
+from secd.email_validation
 where email_validation_public_id = $1::uuid
 --
 select
         identity_public_id
         , data
         , i.created_at
-from auth.identity            i
-left join auth.identity_email ie using (identity_id)
+from secd.identity            i
+left join secd.identity_email ie using (identity_id)
 where ie.identity_email_id = $1;
diff --git a/crates/secd/store/pg/sql/read_email_raw_id.sql b/crates/secd/store/pg/sql/read_email_raw_id.sql
index f62331c..6604fb0 100644
--- a/crates/secd/store/pg/sql/read_email_raw_id.sql
+++ b/crates/secd/store/pg/sql/read_email_raw_id.sql
@@ -1 +1 @@
-select email_id from auth.email where address = $1
+select email_id from secd.email where address = $1
diff --git a/crates/secd/store/pg/sql/read_identity_raw_id.sql b/crates/secd/store/pg/sql/read_identity_raw_id.sql
index d550cc0..5b5d95c 100644
--- a/crates/secd/store/pg/sql/read_identity_raw_id.sql
+++ b/crates/secd/store/pg/sql/read_identity_raw_id.sql
@@ -1,2 +1,2 @@
-select identity_id from auth.identity where identity_public_id = $1;
+select identity_id from secd.identity where identity_public_id = $1;
 --
diff --git a/crates/secd/store/pg/sql/read_session.sql b/crates/secd/store/pg/sql/read_session.sql
index febc1ab..e5fd26d 100644
--- a/crates/secd/store/pg/sql/read_session.sql
+++ b/crates/secd/store/pg/sql/read_session.sql
@@ -3,6 +3,6 @@ select
         , s.created_at
         , s.expires_at
         , s.revoked_at
-from auth.session  s
-join auth.identity i using (identity_id)
+from secd.session  s
+join secd.identity i using (identity_id)
 where secret_hash = $1;
diff --git a/crates/secd/store/pg/sql/write_email.sql b/crates/secd/store/pg/sql/write_email.sql
index 75fc494..cdcc971 100644
--- a/crates/secd/store/pg/sql/write_email.sql
+++ b/crates/secd/store/pg/sql/write_email.sql
@@ -1,11 +1,11 @@
-insert into auth.email (
+insert into secd.email (
        address
 ) values (
        $1
 ) on conflict (address) do nothing
 returning email_id;
 --
-select email_id from auth.email where address = $1;
+select email_id from secd.email where address = $1;
 --
-insert into auth.identity_email (identity_id, email_id, created_at) values ($1, $2, $3);
+insert into secd.identity_email (identity_id, email_id, created_at) values ($1, $2, $3);
 --
diff --git a/crates/secd/store/pg/sql/write_email_validation.sql b/crates/secd/store/pg/sql/write_email_validation.sql
index 98fc60e..d99a04c 100644
--- a/crates/secd/store/pg/sql/write_email_validation.sql
+++ b/crates/secd/store/pg/sql/write_email_validation.sql
@@ -1,4 +1,4 @@
-insert into auth.email_validation
+insert into secd.email_validation
        (
            email_validation_public_id
            , identity_email_id
@@ -12,7 +12,7 @@ values (
            $1
            , (
                select identity_email_id
-               from auth.identity_email
+               from secd.identity_email
                where identity_id = $2
                and email_id = $3
            )
diff --git a/crates/secd/store/pg/sql/write_identity.sql b/crates/secd/store/pg/sql/write_identity.sql
index eed1710..7d53ee1 100644
--- a/crates/secd/store/pg/sql/write_identity.sql
+++ b/crates/secd/store/pg/sql/write_identity.sql
@@ -1,4 +1,4 @@
-insert into auth.identity (
+insert into secd.identity (
        identity_public_id,
        data,
        created_at
diff --git a/crates/secd/store/pg/sql/write_session.sql b/crates/secd/store/pg/sql/write_session.sql
index cd5892b..86cde55 100644
--- a/crates/secd/store/pg/sql/write_session.sql
+++ b/crates/secd/store/pg/sql/write_session.sql
@@ -1,4 +1,4 @@
-insert into auth.session (
+insert into secd.session (
        identity_id
        , secret_hash
        , created_at
@@ -6,7 +6,7 @@ insert into auth.session (
        , expires_at
        , revoked_at
 ) values (
-         (select identity_id from auth.identity where identity_public_id = $1)
+         (select identity_id from secd.identity where identity_public_id = $1)
        , $2
        , $3
        , $4
diff --git a/crates/secd/store/sqlite/sql/find_identity_by_code.sql b/crates/secd/store/sqlite/sql/find_identity_by_code.sql
index e1a6050..77844ff 100644
--- a/crates/secd/store/sqlite/sql/find_identity_by_code.sql
+++ b/crates/secd/store/sqlite/sql/find_identity_by_code.sql
@@ -1,11 +1,11 @@
 select identity_email_id
-from auth.email_validation
+from secd.email_validation
 where email_validation_public_id = ?1;
 --
 select
         identity_public_id
         , data
         , i.created_at
-from auth.identity            i
-left join auth.identity_email ie using (identity_id)
+from secd.identity            i
+left join secd.identity_email ie using (identity_id)
 where ie.identity_email_id = ?1;