From cce6662d635bb2115f9f2a7bab92cc105166e761 Mon Sep 17 00:00:00 2001
From: Owen Jacobson <owen@grimoire.ca>
Date: Wed, 18 Sep 2024 01:27:47 -0400
Subject: App methods now return errors that allow not-found cases to be
 distinguished.

---
 src/repo/login/extract.rs | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

(limited to 'src/repo/login/extract.rs')

diff --git a/src/repo/login/extract.rs b/src/repo/login/extract.rs
index a068bc0..a45a1cd 100644
--- a/src/repo/login/extract.rs
+++ b/src/repo/login/extract.rs
@@ -5,7 +5,12 @@ use axum::{
 };
 
 use super::Login;
-use crate::{app::App, clock::RequestedAt, error::InternalError, login::extract::IdentityToken};
+use crate::{
+    app::App,
+    clock::RequestedAt,
+    error::InternalError,
+    login::{app::ValidateError, extract::IdentityToken},
+};
 
 #[async_trait::async_trait]
 impl FromRequestParts<App> for Login {
@@ -22,9 +27,11 @@ impl FromRequestParts<App> for Login {
         let secret = identity_token.secret().ok_or(LoginError::Unauthorized)?;
 
         let app = State::<App>::from_request_parts(parts, state).await?;
-        let login = app.logins().validate(secret, used_at).await?;
-
-        login.ok_or(LoginError::Unauthorized)
+        match app.logins().validate(secret, used_at).await {
+            Ok(login) => Ok(login),
+            Err(ValidateError::InvalidToken) => Err(LoginError::Unauthorized),
+            Err(other) => Err(other.into()),
+        }
     }
 }
 
-- 
cgit v1.2.3