summaryrefslogtreecommitdiff
path: root/src/login/routes.rs
diff options
context:
space:
mode:
Diffstat (limited to 'src/login/routes.rs')
-rw-r--r--src/login/routes.rs97
1 files changed, 0 insertions, 97 deletions
diff --git a/src/login/routes.rs b/src/login/routes.rs
deleted file mode 100644
index 6579ae6..0000000
--- a/src/login/routes.rs
+++ /dev/null
@@ -1,97 +0,0 @@
-use axum::{
- extract::{Json, State},
- http::StatusCode,
- response::{IntoResponse, Response},
- routing::post,
- Router,
-};
-
-use crate::{
- app::App,
- clock::RequestedAt,
- error::{Internal, Unauthorized},
- login::Password,
- token::{app, extract::IdentityToken},
-};
-
-#[cfg(test)]
-mod test;
-
-pub fn router() -> Router<App> {
- Router::new()
- .route("/api/auth/login", post(on_login))
- .route("/api/auth/logout", post(on_logout))
-}
-
-#[derive(serde::Deserialize)]
-struct LoginRequest {
- name: String,
- password: Password,
-}
-
-async fn on_login(
- State(app): State<App>,
- RequestedAt(now): RequestedAt,
- identity: IdentityToken,
- Json(request): Json<LoginRequest>,
-) -> Result<(IdentityToken, StatusCode), LoginError> {
- let token = app
- .tokens()
- .login(&request.name, &request.password, &now)
- .await
- .map_err(LoginError)?;
- let identity = identity.set(token);
- Ok((identity, StatusCode::NO_CONTENT))
-}
-
-#[derive(Debug)]
-struct LoginError(app::LoginError);
-
-impl IntoResponse for LoginError {
- fn into_response(self) -> Response {
- let Self(error) = self;
- match error {
- app::LoginError::Rejected => {
- // not error::Unauthorized due to differing messaging
- (StatusCode::UNAUTHORIZED, "invalid name or password").into_response()
- }
- other => Internal::from(other).into_response(),
- }
- }
-}
-
-#[derive(serde::Deserialize)]
-struct LogoutRequest {}
-
-async fn on_logout(
- State(app): State<App>,
- RequestedAt(now): RequestedAt,
- identity: IdentityToken,
- // This forces the only valid request to be `{}`, and not the infinite
- // variation allowed when there's no body extractor.
- Json(LogoutRequest {}): Json<LogoutRequest>,
-) -> Result<(IdentityToken, StatusCode), LogoutError> {
- if let Some(secret) = identity.secret() {
- let (token, _) = app.tokens().validate(&secret, &now).await?;
- app.tokens().logout(&token).await?;
- }
-
- let identity = identity.clear();
- Ok((identity, StatusCode::NO_CONTENT))
-}
-
-#[derive(Debug, thiserror::Error)]
-#[error(transparent)]
-enum LogoutError {
- ValidateError(#[from] app::ValidateError),
- DatabaseError(#[from] sqlx::Error),
-}
-
-impl IntoResponse for LogoutError {
- fn into_response(self) -> Response {
- match self {
- Self::ValidateError(app::ValidateError::InvalidToken) => Unauthorized.into_response(),
- other => Internal::from(other).into_response(),
- }
- }
-}
generated by cgit v1.2.3 (git 2.39.1) at 2026-01-02 15:13:36 +0000