-- ============================================================================ -- OrbiQuant IA - Trading Platform -- Schema: auth -- File: tables/08-auth_logs.sql -- Description: Authentication event audit logging with optional partitioning -- ============================================================================ CREATE TABLE auth.auth_logs ( -- Primary Key id UUID DEFAULT gen_random_uuid(), -- Event Information event_type auth.auth_event_type NOT NULL, user_id UUID, email CITEXT, -- Request Context ip_address INET, user_agent TEXT, session_id UUID, -- Event Details success BOOLEAN NOT NULL DEFAULT false, failure_reason VARCHAR(255), -- Additional Metadata metadata JSONB DEFAULT '{}'::jsonb, -- Timestamp (partition key) created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(), -- Primary Key includes partition key for partitioned tables PRIMARY KEY (id, created_at) ) PARTITION BY RANGE (created_at); -- Create initial partitions for current and next month -- These should be created dynamically by a maintenance job in production -- Current month partition CREATE TABLE auth.auth_logs_current PARTITION OF auth.auth_logs FOR VALUES FROM (DATE_TRUNC('month', CURRENT_DATE)) TO (DATE_TRUNC('month', CURRENT_DATE + INTERVAL '1 month')); -- Next month partition CREATE TABLE auth.auth_logs_next PARTITION OF auth.auth_logs FOR VALUES FROM (DATE_TRUNC('month', CURRENT_DATE + INTERVAL '1 month')) TO (DATE_TRUNC('month', CURRENT_DATE + INTERVAL '2 months')); -- Indexes for Performance (will be inherited by partitions) CREATE INDEX idx_auth_logs_user_id ON auth.auth_logs(user_id, created_at DESC); CREATE INDEX idx_auth_logs_email ON auth.auth_logs(email, created_at DESC); CREATE INDEX idx_auth_logs_event_type ON auth.auth_logs(event_type, created_at DESC); CREATE INDEX idx_auth_logs_ip_address ON auth.auth_logs(ip_address, created_at DESC); CREATE INDEX idx_auth_logs_session_id ON auth.auth_logs(session_id); CREATE INDEX idx_auth_logs_created_at ON auth.auth_logs(created_at DESC); CREATE INDEX idx_auth_logs_failures ON auth.auth_logs(user_id, created_at DESC) WHERE success = false; CREATE INDEX idx_auth_logs_metadata ON auth.auth_logs USING gin(metadata); -- Table Comments COMMENT ON TABLE auth.auth_logs IS 'Authentication event audit logging with monthly partitioning for performance'; -- Column Comments COMMENT ON COLUMN auth.auth_logs.id IS 'Unique identifier for the log entry'; COMMENT ON COLUMN auth.auth_logs.event_type IS 'Type of authentication event'; COMMENT ON COLUMN auth.auth_logs.user_id IS 'Reference to the user (null for failed logins)'; COMMENT ON COLUMN auth.auth_logs.email IS 'Email address associated with the event'; COMMENT ON COLUMN auth.auth_logs.ip_address IS 'IP address of the request'; COMMENT ON COLUMN auth.auth_logs.user_agent IS 'User agent string from the request'; COMMENT ON COLUMN auth.auth_logs.session_id IS 'Session ID if applicable'; COMMENT ON COLUMN auth.auth_logs.success IS 'Whether the event was successful'; COMMENT ON COLUMN auth.auth_logs.failure_reason IS 'Reason for failure if applicable'; COMMENT ON COLUMN auth.auth_logs.metadata IS 'Additional event metadata as JSON'; COMMENT ON COLUMN auth.auth_logs.created_at IS 'Timestamp when event occurred (partition key)';