-- Create a table to store OTP codes
CREATE TABLE IF NOT EXISTS public.auth_codes (
    id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
    user_id UUID REFERENCES auth.users(id) ON DELETE CASCADE NOT NULL,
    code TEXT NOT NULL,
    created_at TIMESTAMP WITH TIME ZONE DEFAULT timezone('utc'::text, now()) NOT NULL,
    expires_at TIMESTAMP WITH TIME ZONE NOT NULL
);

-- Enable Row Level Security
ALTER TABLE public.auth_codes ENABLE ROW LEVEL SECURITY;

-- Allow users to see only their own codes
CREATE POLICY "Users can see their own codes" ON public.auth_codes
    FOR SELECT USING (auth.uid() = user_id);

-- Allow server-side operations (Service Role will bypass RLS, but good to have)
CREATE POLICY "Users can insert their own codes" ON public.auth_codes
    FOR INSERT WITH CHECK (auth.uid() = user_id);