insert into auth.session (
       identity_id
       , secret_hash
       , created_at
       , touched_at
       , expires_at
       , revoked_at
) values (
         (select identity_id from auth.identity where identity_public_id = $1)
       , $2
       , $3
       , $4
       , $5
       , $6
) on conflict (secret_hash) do update
  set touched_at = excluded.touched_at
      , revoked_at = excluded.revoked_at;
--