-- Tables: Segurança / Auditoria
-- Gerado automaticamente em 2026-05-11T16:53:50.928Z
-- Total: 6

CREATE TABLE public.audit_logs (
    id bigint NOT NULL,
    tenant_id uuid NOT NULL,
    user_id uuid,
    entity_type text NOT NULL,
    entity_id text,
    action text NOT NULL,
    old_values jsonb,
    new_values jsonb,
    changed_fields text[],
    metadata jsonb DEFAULT '{}'::jsonb NOT NULL,
    created_at timestamp with time zone DEFAULT now() NOT NULL,
    CONSTRAINT audit_logs_action_check CHECK ((action = ANY (ARRAY['insert'::text, 'update'::text, 'delete'::text])))
);

CREATE TABLE public.math_challenges (
    id uuid DEFAULT gen_random_uuid() NOT NULL,
    question text NOT NULL,
    answer integer NOT NULL,
    used boolean DEFAULT false NOT NULL,
    created_at timestamp with time zone DEFAULT now() NOT NULL,
    expires_at timestamp with time zone DEFAULT (now() + '00:05:00'::interval) NOT NULL
);

CREATE TABLE public.patient_invite_attempts (
    id uuid DEFAULT gen_random_uuid() NOT NULL,
    token text NOT NULL,
    ok boolean NOT NULL,
    error_code text,
    error_msg text,
    client_info text,
    owner_id uuid,
    tenant_id uuid,
    created_at timestamp with time zone DEFAULT now() NOT NULL
);

CREATE TABLE public.public_submission_attempts (
    id uuid DEFAULT gen_random_uuid() NOT NULL,
    endpoint text NOT NULL,
    ip_hash text,
    success boolean NOT NULL,
    error_code text,
    error_msg text,
    blocked_by text,
    user_agent text,
    metadata jsonb,
    created_at timestamp with time zone DEFAULT now() NOT NULL
);

CREATE TABLE public.saas_security_config (
    id boolean DEFAULT true NOT NULL,
    honeypot_enabled boolean DEFAULT true NOT NULL,
    rate_limit_enabled boolean DEFAULT true NOT NULL,
    rate_limit_window_min integer DEFAULT 10 NOT NULL,
    rate_limit_max_attempts integer DEFAULT 5 NOT NULL,
    captcha_after_failures integer DEFAULT 3 NOT NULL,
    captcha_required_globally boolean DEFAULT false NOT NULL,
    block_duration_min integer DEFAULT 30 NOT NULL,
    captcha_required_window_min integer DEFAULT 60 NOT NULL,
    updated_at timestamp with time zone DEFAULT now() NOT NULL,
    updated_by uuid,
    CONSTRAINT saas_security_config_singleton CHECK ((id = true))
);

CREATE TABLE public.submission_rate_limits (
    ip_hash text NOT NULL,
    endpoint text NOT NULL,
    attempt_count integer DEFAULT 0 NOT NULL,
    fail_count integer DEFAULT 0 NOT NULL,
    window_start timestamp with time zone DEFAULT now() NOT NULL,
    blocked_until timestamp with time zone,
    requires_captcha_until timestamp with time zone,
    last_attempt_at timestamp with time zone DEFAULT now() NOT NULL,
    created_at timestamp with time zone DEFAULT now() NOT NULL
);