clean: remove OTPSession table

Author: costowell

migrations/versions/fdb69cd98e19_remove_otpsession_table.py

@@ -0,0 +1,33 @@
+"""Remove OTPSession table
+
+Revision ID: fdb69cd98e19
+Revises: a541afdca952
+Create Date: 2025-12-21 15:34:01.851353
+
+"""
+from alembic import op
+import sqlalchemy as sa
+from sqlalchemy.dialects import postgresql
+
+# revision identifiers, used by Alembic.
+revision = 'fdb69cd98e19'
+down_revision = 'a541afdca952'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_table('otp_session')
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table('otp_session',
+    sa.Column('secret', sa.VARCHAR(length=100), autoincrement=False, nullable=False),
+    sa.Column('form', postgresql.BYTEA(), autoincrement=False, nullable=True),
+    sa.Column('session', postgresql.BYTEA(), autoincrement=False, nullable=True),
+    sa.PrimaryKeyConstraint('secret', name=op.f('otp_session_pkey'))
+    )
+    # ### end Alembic commands ###

selfservice/models.py

@@ -53,19 +53,6 @@ class PhoneVerification(db.Model):
     code = Column(String(6), primary_key=True)
     session = Column(String(36), ForeignKey("session.id"))
 
-
-class OTPSession(db.Model):
-    """
-    Once an OTP secret has been generated for a user, we pickle their session
-    so that we can retrieve it and eventually verify their token.
-    """
-
-    __tablename__ = "otp_session"
-    secret = Column(String(100), primary_key=True)
-    form = Column(LargeBinary)
-    session = Column(LargeBinary)
-
-
 class AppSpecificPassword(db.Model):
     """
     Allows users to authenticate to applications that don't support two factor