75 lines
3.2 KiB
SQL
75 lines
3.2 KiB
SQL
-- ============================================================================
|
|
-- OrbiQuant IA - Trading Platform
|
|
-- Schema: auth
|
|
-- File: tables/08-auth_logs.sql
|
|
-- Description: Authentication event audit logging with optional partitioning
|
|
-- ============================================================================
|
|
|
|
CREATE TABLE auth.auth_logs (
|
|
-- Primary Key
|
|
id UUID DEFAULT gen_random_uuid(),
|
|
|
|
-- Event Information
|
|
event_type auth.auth_event_type NOT NULL,
|
|
user_id UUID,
|
|
email CITEXT,
|
|
|
|
-- Request Context
|
|
ip_address INET,
|
|
user_agent TEXT,
|
|
session_id UUID,
|
|
|
|
-- Event Details
|
|
success BOOLEAN NOT NULL DEFAULT false,
|
|
failure_reason VARCHAR(255),
|
|
|
|
-- Additional Metadata
|
|
metadata JSONB DEFAULT '{}'::jsonb,
|
|
|
|
-- Timestamp (partition key)
|
|
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
|
|
|
|
-- Primary Key includes partition key for partitioned tables
|
|
PRIMARY KEY (id, created_at)
|
|
) PARTITION BY RANGE (created_at);
|
|
|
|
-- Create initial partitions for current and next month
|
|
-- These should be created dynamically by a maintenance job in production
|
|
|
|
-- Current month partition
|
|
CREATE TABLE auth.auth_logs_current PARTITION OF auth.auth_logs
|
|
FOR VALUES FROM (DATE_TRUNC('month', CURRENT_DATE))
|
|
TO (DATE_TRUNC('month', CURRENT_DATE + INTERVAL '1 month'));
|
|
|
|
-- Next month partition
|
|
CREATE TABLE auth.auth_logs_next PARTITION OF auth.auth_logs
|
|
FOR VALUES FROM (DATE_TRUNC('month', CURRENT_DATE + INTERVAL '1 month'))
|
|
TO (DATE_TRUNC('month', CURRENT_DATE + INTERVAL '2 months'));
|
|
|
|
-- Indexes for Performance (will be inherited by partitions)
|
|
CREATE INDEX idx_auth_logs_user_id ON auth.auth_logs(user_id, created_at DESC);
|
|
CREATE INDEX idx_auth_logs_email ON auth.auth_logs(email, created_at DESC);
|
|
CREATE INDEX idx_auth_logs_event_type ON auth.auth_logs(event_type, created_at DESC);
|
|
CREATE INDEX idx_auth_logs_ip_address ON auth.auth_logs(ip_address, created_at DESC);
|
|
CREATE INDEX idx_auth_logs_session_id ON auth.auth_logs(session_id);
|
|
CREATE INDEX idx_auth_logs_created_at ON auth.auth_logs(created_at DESC);
|
|
CREATE INDEX idx_auth_logs_failures ON auth.auth_logs(user_id, created_at DESC)
|
|
WHERE success = false;
|
|
CREATE INDEX idx_auth_logs_metadata ON auth.auth_logs USING gin(metadata);
|
|
|
|
-- Table Comments
|
|
COMMENT ON TABLE auth.auth_logs IS 'Authentication event audit logging with monthly partitioning for performance';
|
|
|
|
-- Column Comments
|
|
COMMENT ON COLUMN auth.auth_logs.id IS 'Unique identifier for the log entry';
|
|
COMMENT ON COLUMN auth.auth_logs.event_type IS 'Type of authentication event';
|
|
COMMENT ON COLUMN auth.auth_logs.user_id IS 'Reference to the user (null for failed logins)';
|
|
COMMENT ON COLUMN auth.auth_logs.email IS 'Email address associated with the event';
|
|
COMMENT ON COLUMN auth.auth_logs.ip_address IS 'IP address of the request';
|
|
COMMENT ON COLUMN auth.auth_logs.user_agent IS 'User agent string from the request';
|
|
COMMENT ON COLUMN auth.auth_logs.session_id IS 'Session ID if applicable';
|
|
COMMENT ON COLUMN auth.auth_logs.success IS 'Whether the event was successful';
|
|
COMMENT ON COLUMN auth.auth_logs.failure_reason IS 'Reason for failure if applicable';
|
|
COMMENT ON COLUMN auth.auth_logs.metadata IS 'Additional event metadata as JSON';
|
|
COMMENT ON COLUMN auth.auth_logs.created_at IS 'Timestamp when event occurred (partition key)';
|