gendesign/tradein-mvp/backend/data/sql/027_cian_session_cookies.sql
lekss361 1ad2565af1 feat(tradein): SQL migrations 019-028 — Cian schema + matching + cookies
- 019: ALTER listings (windows_view_type, wcs counts, ceiling_height,
       repair_type, views, living_area, bedrooms, balconies, loggias,
       description_minhash, cadastral_number, phones, bargain_allowed,
       sale_type, house_source/ext_id, metro_stations)
- 020: ALTER houses (BTI: series_name, entrances, flat_count, is_emergency,
       heat/gas/overlap types; Cian: cian_internal_house_id,
       management_company_id, transport_accessibility_rate,
       advantages/banks/builders/houses_by_turn jsonb + GIN indexes)
- 021: CREATE management_companies + FK to houses.management_company_id
- 022: CREATE agents table + agent_id_fk on listings
- 023: CREATE offer_price_history (per-listing price change timeline)
- 024: CREATE houses_price_dynamics (monthly price/sqm series)
- 025: CREATE house_reliability_checks (наш.дом.рф checks)
- 026: CREATE external_valuations (unified Avito IMV + Cian Valuation cache)
- 027: CREATE EXTENSION pgcrypto + cian_session_cookies (encrypted)
- 028: CREATE house_sources, listing_sources, house_address_aliases
       + address_fingerprint/canonical/merged_into alters

Refs: decisions/CianScraper_v1_Implementation_Plan.md Stage 1
      decisions/Schema_Cian_SERP_Inventory.md sec 16, 20.3, 26
      decisions/Cross_Source_Matching_Strategy.md sec 2
2026-05-23 15:14:49 +03:00

39 lines
1.7 KiB
PL/PgSQL

-- 027_cian_session_cookies.sql
-- Purpose: Encrypted storage for Cian browser session cookies needed to call
-- the Valuation Calculator endpoint (auth required).
-- Uses pgcrypto pgp_sym_encrypt for AES encryption at rest.
-- Dependencies:
-- - pgcrypto extension (installed here via CREATE EXTENSION IF NOT EXISTS)
-- Deploy order: Apply after 026.
--
-- Security notes:
-- - cookies_encrypted stores AES-encrypted JSON blob via pgp_sym_encrypt.
-- - Encryption key lives in .env.runtime (COOKIE_ENCRYPTION_KEY), never in DB.
-- - Access restricted to admin-token-gated API endpoint only.
--
-- Sources: CianScraper_v1_Implementation_Plan (Cookie auth section)
BEGIN;
CREATE EXTENSION IF NOT EXISTS pgcrypto;
CREATE TABLE IF NOT EXISTS cian_session_cookies (
account_user_id bigint PRIMARY KEY, -- Cian user_id extracted from state.user.userId
cookies_encrypted bytea NOT NULL, -- pgp_sym_encrypt(json_cookies, key)
expires_at_estimate timestamptz NOT NULL, -- estimated expiry (~30 days from upload)
uploaded_at timestamptz NOT NULL DEFAULT NOW(),
last_used_at timestamptz, -- set on each successful valuation call
last_invalid_at timestamptz, -- set when isAuthenticated=false detected
notes text -- e.g. 'Account: lekss361@cian.ru'
);
-- Most recent upload first (admin dashboard ordering)
CREATE INDEX IF NOT EXISTS cian_cookies_uploaded_idx
ON cian_session_cookies (uploaded_at DESC);
-- Active session lookup (non-expired and not invalidated)
CREATE INDEX IF NOT EXISTS cian_cookies_active_idx
ON cian_session_cookies (expires_at_estimate)
WHERE last_invalid_at IS NULL;
COMMIT;