initial commit

[squeep-indie-auther] / src / db / postgres / sql / redeem-code.sql

diff --git a/src/db/postgres/sql/redeem-code.sql b/src/db/postgres/sql/redeem-code.sql
new file mode 100644 (file)
index 0000000..e61d503
--- /dev/null
+++ b/src/db/postgres/sql/redeem-code.sql
@@ -0,0 +1,30 @@
+--
+INSERT INTO token (
+       created,
+       code_id,
+       is_token,
+       client_id,
+       profile_id,
+       duration,
+       expires,
+       refresh_duration,
+       refresh_expires,
+       resource,
+       profile_data
+) SELECT
+       $(created)::timestamptz,
+       $(codeId),
+       $(isToken),
+       $(clientId),
+       p.profile_id,
+       $(lifespanSeconds)::text::interval,
+       CASE WHEN $(lifespanSeconds) IS NULL THEN NULL ELSE $(created)::timestamptz + $(lifespanSeconds)::text::interval END,
+       $(refreshLifespanSeconds)::text::interval,
+       CASE WHEN $(refreshLifespanSeconds) IS NULL THEN NULL ELSE $(created)::timestamptz + $(refreshLifespanSeconds)::text::interval END,
+       $(resource),
+       $(profileData)
+FROM profile p INNER JOIN authentication a USING (identifier_id)
+WHERE p.profile = $(profile) AND a.identifier = $(identifier)
+ON CONFLICT (code_id) DO UPDATE -- repeated redemption attempt invalidates existing token
+       SET is_revoked = true
+RETURNING *