2 files changed, 24 insertions, 12 deletions

diff --git a/src/login/extract/login.rs b/src/login/extract/login.rs
index ce820f1..b756fa6 100644
--- a/src/login/extract/login.rs
+++ b/src/login/extract/login.rs
@@ -22,6 +22,10 @@ impl FromRequestParts<SqlitePool> for Login {
         parts: &mut Parts,
         state: &SqlitePool,
     ) -> Result<Self, Self::Rejection> {
+        // After Rust 1.82 (and #[feature(min_exhaustive_patterns)] lands on
+        // stable), the following can be replaced:
+        //
+        // let Ok(identity_token) = IdentityToken::from_request_parts(parts, state).await;
         let identity_token = IdentityToken::from_request_parts(parts, state).await?;
         let requested_at = RequestedAt::from_request_parts(parts, state).await?;
 
diff --git a/src/login/routes.rs b/src/login/routes.rs
index 2269ea6..ce4e491 100644
--- a/src/login/routes.rs
+++ b/src/login/routes.rs
@@ -1,7 +1,7 @@
 use axum::{
     extract::{Form, State},
     http::StatusCode,
-    response::IntoResponse,
+    response::{IntoResponse, Redirect, Response},
     routing::post,
     Router,
 };
@@ -32,10 +32,6 @@ async fn on_login(
     identity: IdentityToken,
     Form(form): Form<Login>,
 ) -> Result<impl IntoResponse, InternalError> {
-    if identity.token().is_some() {
-        return Ok((StatusCode::BAD_REQUEST, identity, "already logged in"));
-    }
-
     let mut tx = db.begin().await?;
 
     // Spelling the following in the more conventional form,
@@ -67,18 +63,30 @@ async fn on_login(
 
     let resp = if let Some(token) = token {
         let identity = identity.set(&token);
-        (StatusCode::OK, identity, "logged in")
+        (identity, LoginResponse::Successful)
     } else {
-        (
-            StatusCode::UNAUTHORIZED,
-            identity,
-            "invalid name or password",
-        )
+        (identity, LoginResponse::Rejected)
     };
 
     Ok(resp)
 }
 
+enum LoginResponse {
+    Rejected,
+    Successful,
+}
+
+impl IntoResponse for LoginResponse {
+    fn into_response(self) -> Response {
+        match self {
+            Self::Rejected => {
+                (StatusCode::UNAUTHORIZED, "invalid name or password").into_response()
+            }
+            Self::Successful => Redirect::to("/").into_response(),
+        }
+    }
+}
+
 async fn on_logout(
     State(db): State<SqlitePool>,
     identity: IdentityToken,
@@ -91,5 +99,5 @@ async fn on_logout(
 
     let identity = identity.clear();
 
-    Ok((StatusCode::OK, identity, "logged out"))
+    Ok((identity, Redirect::to("/")))
 }