mirror of https://github.com/kortix-ai/suna.git
54 lines
1.8 KiB
PL/PgSQL
54 lines
1.8 KiB
PL/PgSQL
BEGIN;
|
|
|
|
-- =====================================================
|
|
-- API KEYS TABLE MIGRATION (CORRECTED VERSION)
|
|
-- =====================================================
|
|
-- Streamlined API keys table for high-performance authentication
|
|
|
|
-- Enum for API key status
|
|
DO $$ BEGIN
|
|
CREATE TYPE api_key_status AS ENUM ('active', 'revoked', 'expired');
|
|
EXCEPTION
|
|
WHEN duplicate_object THEN null;
|
|
END $$;
|
|
|
|
-- Create API keys table
|
|
CREATE TABLE IF NOT EXISTS api_keys (
|
|
key_id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
|
|
public_key VARCHAR(64) NOT NULL UNIQUE,
|
|
secret_key_hash VARCHAR(64) NOT NULL,
|
|
account_id UUID NOT NULL REFERENCES basejump.accounts(id) ON DELETE CASCADE,
|
|
title VARCHAR(255) NOT NULL,
|
|
description TEXT,
|
|
status api_key_status DEFAULT 'active',
|
|
expires_at TIMESTAMPTZ,
|
|
last_used_at TIMESTAMPTZ,
|
|
created_at TIMESTAMPTZ DEFAULT NOW(),
|
|
|
|
-- Essential constraints
|
|
CONSTRAINT api_keys_title_not_empty CHECK (LENGTH(TRIM(title)) > 0),
|
|
CONSTRAINT api_keys_public_key_format CHECK (public_key ~ '^pk_[a-zA-Z0-9]{32}$')
|
|
);
|
|
|
|
-- Essential indexes for performance
|
|
CREATE INDEX IF NOT EXISTS idx_api_keys_account_id ON api_keys(account_id);
|
|
CREATE INDEX IF NOT EXISTS idx_api_keys_public_key ON api_keys(public_key);
|
|
|
|
-- Enable RLS
|
|
ALTER TABLE api_keys ENABLE ROW LEVEL SECURITY;
|
|
|
|
-- RLS policy with explicit schema qualification (avoids basejump function issues)
|
|
CREATE POLICY "Users can manage their own API keys" ON api_keys
|
|
FOR ALL USING (
|
|
account_id IN (
|
|
SELECT wu.account_id
|
|
FROM basejump.account_user wu
|
|
WHERE wu.user_id = auth.uid()
|
|
)
|
|
);
|
|
|
|
-- Grant necessary permissions
|
|
GRANT SELECT, INSERT, UPDATE, DELETE ON api_keys TO authenticated;
|
|
GRANT SELECT, INSERT, UPDATE, DELETE ON api_keys TO service_role;
|
|
|
|
COMMIT; |