// Code generated by sqlc. DO NOT EDIT. // versions: // sqlc v1.30.0 // source: tokens.sql package sqlc import ( "context" "anchorage/internal/pkg/ids" "github.com/jackc/pgx/v5/pgtype" ) const addTokenDenylist = `-- name: AddTokenDenylist :exec INSERT INTO token_denylist (jti, expires_at, reason) VALUES ($1, $2, $3) ON CONFLICT (jti) DO NOTHING ` type AddTokenDenylistParams struct { Jti string ExpiresAt pgtype.Timestamptz Reason string } func (q *Queries) AddTokenDenylist(ctx context.Context, arg AddTokenDenylistParams) error { _, err := q.db.Exec(ctx, addTokenDenylist, arg.Jti, arg.ExpiresAt, arg.Reason) return err } const createAPIToken = `-- name: CreateAPIToken :one INSERT INTO api_tokens (jti, org_id, user_id, label, scopes, expires_at) VALUES ($1, $2, $3, $4, $5, $6) RETURNING jti, org_id, user_id, label, scopes, expires_at, revoked_at, last_used_at, created_at, updated_at ` type CreateAPITokenParams struct { Jti ids.TokenID OrgID ids.OrgID UserID ids.UserID Label string Scopes []string ExpiresAt pgtype.Timestamptz } func (q *Queries) CreateAPIToken(ctx context.Context, arg CreateAPITokenParams) (ApiToken, error) { row := q.db.QueryRow(ctx, createAPIToken, arg.Jti, arg.OrgID, arg.UserID, arg.Label, arg.Scopes, arg.ExpiresAt, ) var i ApiToken err := row.Scan( &i.Jti, &i.OrgID, &i.UserID, &i.Label, &i.Scopes, &i.ExpiresAt, &i.RevokedAt, &i.LastUsedAt, &i.CreatedAt, &i.UpdatedAt, ) return i, err } const getAPITokenByJTI = `-- name: GetAPITokenByJTI :one SELECT jti, org_id, user_id, label, scopes, expires_at, revoked_at, last_used_at, created_at, updated_at FROM api_tokens WHERE jti = $1 ` func (q *Queries) GetAPITokenByJTI(ctx context.Context, jti ids.TokenID) (ApiToken, error) { row := q.db.QueryRow(ctx, getAPITokenByJTI, jti) var i ApiToken err := row.Scan( &i.Jti, &i.OrgID, &i.UserID, &i.Label, &i.Scopes, &i.ExpiresAt, &i.RevokedAt, &i.LastUsedAt, &i.CreatedAt, &i.UpdatedAt, ) return i, err } const isTokenDenied = `-- name: IsTokenDenied :one SELECT EXISTS( SELECT 1 FROM token_denylist WHERE jti = $1 AND expires_at > now() ) ` func (q *Queries) IsTokenDenied(ctx context.Context, jti string) (bool, error) { row := q.db.QueryRow(ctx, isTokenDenied, jti) var exists bool err := row.Scan(&exists) return exists, err } const listAPITokensForUser = `-- name: ListAPITokensForUser :many SELECT jti, org_id, user_id, label, scopes, expires_at, revoked_at, last_used_at, created_at, updated_at FROM api_tokens WHERE org_id = $1 AND user_id = $2 AND revoked_at IS NULL ORDER BY created_at DESC ` type ListAPITokensForUserParams struct { OrgID ids.OrgID UserID ids.UserID } func (q *Queries) ListAPITokensForUser(ctx context.Context, arg ListAPITokensForUserParams) ([]ApiToken, error) { rows, err := q.db.Query(ctx, listAPITokensForUser, arg.OrgID, arg.UserID) if err != nil { return nil, err } defer rows.Close() var items []ApiToken for rows.Next() { var i ApiToken if err := rows.Scan( &i.Jti, &i.OrgID, &i.UserID, &i.Label, &i.Scopes, &i.ExpiresAt, &i.RevokedAt, &i.LastUsedAt, &i.CreatedAt, &i.UpdatedAt, ); err != nil { return nil, err } items = append(items, i) } if err := rows.Err(); err != nil { return nil, err } return items, nil } const pruneTokenDenylist = `-- name: PruneTokenDenylist :exec DELETE FROM token_denylist WHERE expires_at <= now() ` func (q *Queries) PruneTokenDenylist(ctx context.Context) error { _, err := q.db.Exec(ctx, pruneTokenDenylist) return err } const revokeAPIToken = `-- name: RevokeAPIToken :exec UPDATE api_tokens SET revoked_at = now() WHERE jti = $1 ` func (q *Queries) RevokeAPIToken(ctx context.Context, jti ids.TokenID) error { _, err := q.db.Exec(ctx, revokeAPIToken, jti) return err } const touchAPITokenLastUsed = `-- name: TouchAPITokenLastUsed :exec UPDATE api_tokens SET last_used_at = now() WHERE jti = $1 ` func (q *Queries) TouchAPITokenLastUsed(ctx context.Context, jti ids.TokenID) error { _, err := q.db.Exec(ctx, touchAPITokenLastUsed, jti) return err }