From 6c65e97e49d1d56380aa7d71abb0394b08ff60ca Mon Sep 17 00:00:00 2001
From: Owen Jacobson <owen@grimoire.ca>
Date: Sun, 24 Aug 2025 16:00:45 -0400
Subject: Return an identity, rather than the parts of an identity, when
 validating an identity token.

This is a small refactoring that's been possible for a while, and we only just noticed.
---
 src/token/extract/identity.rs | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

(limited to 'src/token/extract')

diff --git a/src/token/extract/identity.rs b/src/token/extract/identity.rs
index d1c0334..4d076d7 100644
--- a/src/token/extract/identity.rs
+++ b/src/token/extract/identity.rs
@@ -30,11 +30,13 @@ impl FromRequestParts<App> for Identity {
         let secret = cookie.secret().ok_or(LoginError::Unauthorized)?;
 
         let app = State::<App>::from_request_parts(parts, state).await?;
-        match app.tokens().validate(&secret, &used_at).await {
-            Ok((token, user)) => Ok(Identity { token, user }),
-            Err(ValidateError::InvalidToken) => Err(LoginError::Unauthorized),
-            Err(other) => Err(other.into()),
-        }
+        app.tokens()
+            .validate(&secret, &used_at)
+            .await
+            .map_err(|err| match err {
+                ValidateError::InvalidToken => LoginError::Unauthorized,
+                other => other.into(),
+            })
     }
 }
 
-- 
cgit v1.2.3