feat: Integrate auth.sessions with RPC functions

supabase/migrations/20251014182457_4bf3c634-1654-485d-b089-cc669a637e20.sql

@@ -0,0 +1,57 @@
+-- Create function to get user's own sessions from auth.sessions
+CREATE OR REPLACE FUNCTION public.get_my_sessions()
+RETURNS TABLE (
+  id uuid,
+  created_at timestamptz,
+  updated_at timestamptz,
+  refreshed_at timestamptz,
+  user_agent text,
+  ip inet,
+  not_after timestamptz,
+  aal auth.aal_level
+)
+SECURITY DEFINER
+SET search_path = auth, public
+LANGUAGE plpgsql
+AS $$
+BEGIN
+  -- Only return sessions for the authenticated user
+  RETURN QUERY
+  SELECT 
+    s.id,
+    s.created_at,
+    s.updated_at,
+    s.refreshed_at,
+    s.user_agent,
+    s.ip,
+    s.not_after,
+    s.aal
+  FROM auth.sessions s
+  WHERE s.user_id = auth.uid()
+  ORDER BY s.refreshed_at DESC NULLS LAST, s.created_at DESC;
+END;
+$$;
+
+-- Grant execute to authenticated users
+GRANT EXECUTE ON FUNCTION public.get_my_sessions() TO authenticated;
+
+-- Create function to revoke user's own session
+CREATE OR REPLACE FUNCTION public.revoke_my_session(session_id uuid)
+RETURNS void
+SECURITY DEFINER
+SET search_path = auth, public
+LANGUAGE plpgsql
+AS $$
+BEGIN
+  -- Only delete own sessions
+  DELETE FROM auth.sessions
+  WHERE id = session_id
+    AND user_id = auth.uid();
+END;
+$$;
+
+-- Grant execute to authenticated users
+GRANT EXECUTE ON FUNCTION public.revoke_my_session(uuid) TO authenticated;
+
+-- Drop the unused public.user_sessions table
+DROP TABLE IF EXISTS public.user_sessions CASCADE;