turf_saas/api_tokens_db.py

#!/usr/bin/env python3
"""
api_tokens_db.py — DB migration for personal API tokens + user webhooks
HRT-80: API Token personnel + Webhook alertes (Pro)
"""

import logging
import os
import sqlite3

DB_PATH = os.environ.get("TURF_SAAS_DB", "/home/h3r7/turf_saas/turf_saas.db")
logger = logging.getLogger("turf_saas.api_tokens_db")


def get_db() -> sqlite3.Connection:
    conn = sqlite3.connect(DB_PATH)
    conn.row_factory = sqlite3.Row
    return conn


def migrate_api_tokens_tables() -> None:
    """Idempotent migration: create user_api_tokens and user_webhooks."""
    conn = get_db()
    c = conn.cursor()
    c.executescript("""
        CREATE TABLE IF NOT EXISTS user_api_tokens (
            id           INTEGER  PRIMARY KEY AUTOINCREMENT,
            user_id      TEXT     NOT NULL,
            token_hash   TEXT     NOT NULL UNIQUE,
            token_prefix TEXT     NOT NULL,
            created_at   DATETIME NOT NULL DEFAULT (datetime('now')),
            last_used_at DATETIME,
            revoked      INTEGER  NOT NULL DEFAULT 0
        );
        CREATE INDEX IF NOT EXISTS idx_api_tokens_user ON user_api_tokens(user_id);
        CREATE INDEX IF NOT EXISTS idx_api_tokens_hash ON user_api_tokens(token_hash);

        CREATE TABLE IF NOT EXISTS user_webhooks (
            id         INTEGER  PRIMARY KEY AUTOINCREMENT,
            user_id    TEXT     NOT NULL UNIQUE,
            url        TEXT     NOT NULL,
            secret     TEXT     NOT NULL,
            created_at DATETIME NOT NULL DEFAULT (datetime('now'))
        );
        CREATE INDEX IF NOT EXISTS idx_webhooks_user ON user_webhooks(user_id);
    """)
    conn.commit()
    conn.close()
    logger.info(
        "[api_tokens_db] Tables user_api_tokens + user_webhooks created/verified."
    )


if __name__ == "__main__":
    logging.basicConfig(level=logging.INFO)
    migrate_api_tokens_tables()
    print("[api_tokens_db] Migration complete.")