From 4eb63b8adda4559df3dadcf721e2bb0d1f65a01f Mon Sep 17 00:00:00 2001
From: Owen Jacobson <owen@grimoire.ca>
Date: Sun, 24 Aug 2025 03:48:17 -0400
Subject: Stop returning body data from `POST /api/auth/login`.

As with `/api/setup`, the response was an ad-hoc choice, which we are not using and which constrains future development just by existing.
---
 src/token/app.rs | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

(limited to 'src/token/app.rs')

diff --git a/src/token/app.rs b/src/token/app.rs
index 49f9a45..7d70534 100644
--- a/src/token/app.rs
+++ b/src/token/app.rs
@@ -32,7 +32,7 @@ impl<'a> Tokens<'a> {
         name: &Name,
         password: &Password,
         login_at: &DateTime,
-    ) -> Result<(User, Secret), LoginError> {
+    ) -> Result<Secret, LoginError> {
         let mut tx = self.db.begin().await?;
         let (user, stored_hash) = tx
             .auth()
@@ -47,18 +47,16 @@ impl<'a> Tokens<'a> {
         // if the account is deleted during that time.
         tx.commit().await?;
 
-        let snapshot = user.as_snapshot().ok_or(LoginError::Rejected)?;
+        user.as_snapshot().ok_or(LoginError::Rejected)?;
 
-        let token = if stored_hash.verify(password)? {
+        if stored_hash.verify(password)? {
             let mut tx = self.db.begin().await?;
-            let token = tx.tokens().issue(&user, login_at).await?;
+            let secret = tx.tokens().issue(&user, login_at).await?;
             tx.commit().await?;
-            token
+            Ok(secret)
         } else {
-            Err(LoginError::Rejected)?
-        };
-
-        Ok((snapshot, token))
+            Err(LoginError::Rejected)
+        }
     }
 
     pub async fn change_password(
-- 
cgit v1.2.3