Add partial index on keyAltNames for uniqueness

Also put the key vault inside the test database for easy tear down,
tested and working local.

Author: aclark4life

.github/workflows/encrypted_settings.py

@@ -5,12 +5,11 @@
 
 DATABASES["encrypted"] = {  # noqa: F405
     "ENGINE": "django_mongodb_backend",
-    "NAME": "djangotests-encrypted",
+    "NAME": "djangotests_encrypted",
     "OPTIONS": {
         "auto_encryption_opts": AutoEncryptionOpts(
-            key_vault_namespace="my_encrypted_database.keyvault",
+            key_vault_namespace="test_djangotests_encrypted.__keyVault",
             kms_providers={"local": {"key": os.urandom(96)}},
-            # crypt_shared_lib_path="lib/mongo_crypt_v1.so",
         ),
         "directConnection": True,
     },

django_mongodb_backend/schema.py

@@ -505,6 +505,11 @@ def _get_encrypted_fields(self, model, key_alt_name=None, path_prefix=None):
         key_vault_db, key_vault_coll = auto_encryption_opts._key_vault_namespace.split(".", 1)
         key_vault_collection = client[key_vault_db][key_vault_coll]
 
+        # Create partial unique index on keyAltNames
+        key_vault_collection.create_index(
+            "keyAltNames", unique=True, partialFilterExpression={"keyAltNames": {"$exists": True}}
+        )
+
         kms_provider = router.kms_provider(model)
         master_key = connection.settings_dict.get("KMS_CREDENTIALS", {}).get(kms_provider)
         client_encryption = self.connection.client_encryption