-- Migration: 010_security_events.sql
-- Security events table for audit logging.
-- Created: 2026-04-13

CREATE TABLE IF NOT EXISTS security_events (
  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
  event_type TEXT NOT NULL,
  ip_address TEXT,
  path TEXT,
  detail TEXT,
  created_at TIMESTAMPTZ DEFAULT NOW()
);
CREATE INDEX IF NOT EXISTS idx_se_type ON security_events(event_type);
CREATE INDEX IF NOT EXISTS idx_se_time ON security_events(created_at);
ALTER TABLE security_events ENABLE ROW LEVEL SECURITY;
CREATE POLICY se_svc ON security_events FOR ALL USING (auth.role() = 'service_role');