migrations/20251223_add_passkeys_totp.sql at 2cddf065b3511a91f3ac0435fb125578f65ea84b · lewis.moe/bspds-sandbox

lewis.moe / bspds-sandbox

this repo has no description

bspds-sandbox / migrations / 20251223_add_passkeys_totp.sql

at 2cddf065b3511a91f3ac0435fb125578f65ea84b 1.4 kB view raw

 1CREATE TABLE user_totp (
 2    did TEXT PRIMARY KEY REFERENCES users(did) ON DELETE CASCADE,
 3    secret_encrypted BYTEA NOT NULL,
 4    encryption_version INTEGER NOT NULL DEFAULT 1,
 5    verified BOOLEAN NOT NULL DEFAULT FALSE,
 6    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
 7    last_used TIMESTAMPTZ
 8);
 9
10CREATE TABLE backup_codes (
11    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
12    did TEXT NOT NULL REFERENCES users(did) ON DELETE CASCADE,
13    code_hash TEXT NOT NULL,
14    used_at TIMESTAMPTZ,
15    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
16);
17CREATE INDEX idx_backup_codes_did ON backup_codes(did);
18
19CREATE TABLE passkeys (
20    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
21    did TEXT NOT NULL REFERENCES users(did) ON DELETE CASCADE,
22    credential_id BYTEA NOT NULL UNIQUE,
23    public_key BYTEA NOT NULL,
24    sign_count INTEGER NOT NULL DEFAULT 0,
25    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
26    last_used TIMESTAMPTZ,
27    friendly_name TEXT,
28    aaguid BYTEA,
29    transports TEXT[]
30);
31CREATE INDEX idx_passkeys_did ON passkeys(did);
32
33CREATE TABLE webauthn_challenges (
34    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
35    did TEXT NOT NULL,
36    challenge BYTEA NOT NULL,
37    challenge_type TEXT NOT NULL,
38    state_json TEXT NOT NULL,
39    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
40    expires_at TIMESTAMPTZ NOT NULL
41);
42CREATE INDEX idx_webauthn_challenges_did ON webauthn_challenges(did);