-- +goose Up
-- +goose StatementBegin
CREATE TABLE service_sessions (
    id UUID PRIMARY KEY DEFAULT gen_random_uuid (),
    service_id UUID REFERENCES api_services (id) NOT NULL,
    client_id TEXT NOT NULL,
    user_id UUID REFERENCES users (id), -- user on behalf of whom the service is acting, nullable for direct use with client creds
    issued_at TIMESTAMP
    WITH
        TIME ZONE NOT NULL DEFAULT NOW (),
        expires_at TIMESTAMP
    WITH
        TIME ZONE,
        last_active TIMESTAMP
    WITH
        TIME ZONE,
        ip_address VARCHAR(45),
        user_agent TEXT,
        access_token_id UUID,
        refresh_token_id UUID,
        is_active BOOLEAN NOT NULL DEFAULT TRUE,
        revoked_at TIMESTAMP
    WITH
        TIME ZONE,
        scope TEXT, -- what scopes/permissions this session was issued for
        claims JSONB -- snapshot of claims at session start, optional
);

CREATE INDEX IF NOT EXISTS idx_service_sessions_client_id ON service_sessions (client_id);

CREATE INDEX IF NOT EXISTS idx_service_sessions_user_id ON service_sessions (user_id);

-- +goose StatementEnd
-- +goose Down
-- +goose StatementBegin
DROP TABLE IF EXISTS service_sessions;

-- +goose StatementEnd