// Code generated by sqlc. DO NOT EDIT. // versions: // sqlc v1.31.1 // source: login_requests.sql package db import ( "context" ) const approveLoginRequest = `-- name: ApproveLoginRequest :execrows UPDATE login_requests SET status = 'approved', approver_user_id = ?, grant_scope = ?, grant_persist = ?, approved_at = ? WHERE id = ? AND status = 'pending' ` type ApproveLoginRequestParams struct { ApproverUserID string `json:"approver_user_id"` GrantScope string `json:"grant_scope"` GrantPersist string `json:"grant_persist"` ApprovedAt *int64 `json:"approved_at"` ID string `json:"id"` } // ApproveLoginRequest flips pending -> approved and records who approved it plus // the granted scope/persistence. execrows so the handler can tell whether it // actually transitioned (0 = already consumed / denied / gone). func (q *Queries) ApproveLoginRequest(ctx context.Context, arg ApproveLoginRequestParams) (int64, error) { result, err := q.db.ExecContext(ctx, approveLoginRequest, arg.ApproverUserID, arg.GrantScope, arg.GrantPersist, arg.ApprovedAt, arg.ID, ) if err != nil { return 0, err } return result.RowsAffected() } const consumeLoginRequest = `-- name: ConsumeLoginRequest :execrows UPDATE login_requests SET status = 'consumed' WHERE id = ? AND status = 'approved' ` // ConsumeLoginRequest flips approved -> consumed when the new device collects its // session, making the request single-use. func (q *Queries) ConsumeLoginRequest(ctx context.Context, id string) (int64, error) { result, err := q.db.ExecContext(ctx, consumeLoginRequest, id) if err != nil { return 0, err } return result.RowsAffected() } const createLoginRequest = `-- name: CreateLoginRequest :exec INSERT INTO login_requests (id, poll_secret, approval_code, status, new_device_name, new_device_type, user_agent, request_ip, created_at, expires_at) VALUES (?, ?, ?, 'pending', ?, ?, ?, ?, ?, ?) ` type CreateLoginRequestParams struct { ID string `json:"id"` PollSecret string `json:"poll_secret"` ApprovalCode string `json:"approval_code"` NewDeviceName string `json:"new_device_name"` NewDeviceType string `json:"new_device_type"` UserAgent string `json:"user_agent"` RequestIp string `json:"request_ip"` CreatedAt int64 `json:"created_at"` ExpiresAt int64 `json:"expires_at"` } // login_requests: pending scan-login (QR) approvals (AUTH.md 2.3, 4). poll_secret // is stored as its SHA-256 (the new device holds the plaintext); approval_code // travels in the QR. Short-lived; reaped by DeleteExpiredLoginRequests. // // ASCII only: sqlc 1.31.x miscomputes byte offsets on multibyte comments and // corrupts every generated SQL const in the file. Keep this file pure ASCII. func (q *Queries) CreateLoginRequest(ctx context.Context, arg CreateLoginRequestParams) error { _, err := q.db.ExecContext(ctx, createLoginRequest, arg.ID, arg.PollSecret, arg.ApprovalCode, arg.NewDeviceName, arg.NewDeviceType, arg.UserAgent, arg.RequestIp, arg.CreatedAt, arg.ExpiresAt, ) return err } const deleteExpiredLoginRequests = `-- name: DeleteExpiredLoginRequests :execrows DELETE FROM login_requests WHERE expires_at < ? ` func (q *Queries) DeleteExpiredLoginRequests(ctx context.Context, expiresAt int64) (int64, error) { result, err := q.db.ExecContext(ctx, deleteExpiredLoginRequests, expiresAt) if err != nil { return 0, err } return result.RowsAffected() } const denyLoginRequest = `-- name: DenyLoginRequest :execrows UPDATE login_requests SET status = 'denied' WHERE id = ? AND status = 'pending' ` func (q *Queries) DenyLoginRequest(ctx context.Context, id string) (int64, error) { result, err := q.db.ExecContext(ctx, denyLoginRequest, id) if err != nil { return 0, err } return result.RowsAffected() } const getLoginRequest = `-- name: GetLoginRequest :one SELECT id, poll_secret, approval_code, status, new_device_name, new_device_type, user_agent, request_ip, approver_user_id, grant_scope, grant_persist, created_at, expires_at, approved_at FROM login_requests WHERE id = ? ` func (q *Queries) GetLoginRequest(ctx context.Context, id string) (LoginRequest, error) { row := q.db.QueryRowContext(ctx, getLoginRequest, id) var i LoginRequest err := row.Scan( &i.ID, &i.PollSecret, &i.ApprovalCode, &i.Status, &i.NewDeviceName, &i.NewDeviceType, &i.UserAgent, &i.RequestIp, &i.ApproverUserID, &i.GrantScope, &i.GrantPersist, &i.CreatedAt, &i.ExpiresAt, &i.ApprovedAt, ) return i, err }