1 files changed, 13 insertions, 9 deletions

diff --git a/src/login/app.rs b/src/login/app.rs
index 292b95f..f7fec88 100644
--- a/src/login/app.rs
+++ b/src/login/app.rs
@@ -1,10 +1,10 @@
 use chrono::TimeDelta;
 use sqlx::sqlite::SqlitePool;
 
-use super::repo::auth::Provider as _;
+use super::{extract::IdentitySecret, repo::auth::Provider as _};
 use crate::{
     clock::DateTime,
-    password::StoredHash,
+    password::Password,
     repo::{
         error::NotFound as _,
         login::{Login, Provider as _},
@@ -24,9 +24,9 @@ impl<'a> Logins<'a> {
     pub async fn login(
         &self,
         name: &str,
-        password: &str,
+        password: &Password,
         login_at: &DateTime,
-    ) -> Result<String, LoginError> {
+    ) -> Result<IdentitySecret, LoginError> {
         let mut tx = self.db.begin().await?;
 
         let login = if let Some((login, stored_hash)) = tx.auth().for_name(name).await? {
@@ -38,7 +38,7 @@ impl<'a> Logins<'a> {
                 return Err(LoginError::Rejected);
             }
         } else {
-            let password_hash = StoredHash::new(password)?;
+            let password_hash = password.hash()?;
             tx.logins().create(name, &password_hash).await?
         };
 
@@ -49,8 +49,8 @@ impl<'a> Logins<'a> {
     }
 
     #[cfg(test)]
-    pub async fn create(&self, name: &str, password: &str) -> Result<Login, CreateError> {
-        let password_hash = StoredHash::new(password)?;
+    pub async fn create(&self, name: &str, password: &Password) -> Result<Login, CreateError> {
+        let password_hash = password.hash()?;
 
         let mut tx = self.db.begin().await?;
         let login = tx.logins().create(name, &password_hash).await?;
@@ -59,7 +59,11 @@ impl<'a> Logins<'a> {
         Ok(login)
     }
 
-    pub async fn validate(&self, secret: &str, used_at: &DateTime) -> Result<Login, ValidateError> {
+    pub async fn validate(
+        &self,
+        secret: &IdentitySecret,
+        used_at: &DateTime,
+    ) -> Result<Login, ValidateError> {
         let mut tx = self.db.begin().await?;
         let login = tx
             .tokens()
@@ -82,7 +86,7 @@ impl<'a> Logins<'a> {
         Ok(())
     }
 
-    pub async fn logout(&self, secret: &str) -> Result<(), ValidateError> {
+    pub async fn logout(&self, secret: &IdentitySecret) -> Result<(), ValidateError> {
         let mut tx = self.db.begin().await?;
         tx.tokens()
             .revoke(secret)