From be21b088f0d1b591cbd8dcfed1e06f2742a524d0 Mon Sep 17 00:00:00 2001
From: Owen Jacobson <owen@grimoire.ca>
Date: Mon, 27 Oct 2025 18:23:34 -0400
Subject: Convert the `Tokens` component into a freestanding struct.

As with the `Setup` component, I've generalized the associated middleware across anything that can provide a `Tokens`, where possible.
---
 src/token/app.rs              | 10 +++++-----
 src/token/extract/identity.rs | 24 +++++++++++++++++-------
 2 files changed, 22 insertions(+), 12 deletions(-)

(limited to 'src/token')

diff --git a/src/token/app.rs b/src/token/app.rs
index 1d68f32..332473d 100644
--- a/src/token/app.rs
+++ b/src/token/app.rs
@@ -12,13 +12,13 @@ use super::{
 };
 use crate::{clock::DateTime, db::NotFound as _, name};
 
-pub struct Tokens<'a> {
-    db: &'a SqlitePool,
-    token_events: &'a Broadcaster,
+pub struct Tokens {
+    db: SqlitePool,
+    token_events: Broadcaster,
 }
 
-impl<'a> Tokens<'a> {
-    pub const fn new(db: &'a SqlitePool, token_events: &'a Broadcaster) -> Self {
+impl Tokens {
+    pub const fn new(db: SqlitePool, token_events: Broadcaster) -> Self {
         Self { db, token_events }
     }
 
diff --git a/src/token/extract/identity.rs b/src/token/extract/identity.rs
index bee4e31..5c004ef 100644
--- a/src/token/extract/identity.rs
+++ b/src/token/extract/identity.rs
@@ -1,16 +1,18 @@
 use axum::{
-    extract::{FromRequestParts, OptionalFromRequestParts, State},
+    extract::{FromRef, FromRequestParts, OptionalFromRequestParts, State},
     http::request::Parts,
     response::{IntoResponse, Response},
 };
 
 use super::IdentityCookie;
 use crate::{
-    app::App,
     clock::RequestedAt,
     error::{Internal, Unauthorized},
     login::Login,
-    token::{Token, app::ValidateError},
+    token::{
+        Token,
+        app::{Tokens, ValidateError},
+    },
 };
 
 #[derive(Clone, Debug)]
@@ -19,7 +21,11 @@ pub struct Identity {
     pub login: Login,
 }
 
-impl FromRequestParts<App> for Identity {
+impl<App> FromRequestParts<App> for Identity
+where
+    Tokens: FromRef<App>,
+    App: Send + Sync,
+{
     type Rejection = LoginError<Internal>;
 
     async fn from_request_parts(parts: &mut Parts, state: &App) -> Result<Self, Self::Rejection> {
@@ -28,8 +34,8 @@ impl FromRequestParts<App> for Identity {
 
         let secret = cookie.secret().ok_or(LoginError::Unauthorized)?;
 
-        let app = State::<App>::from_request_parts(parts, state).await?;
-        app.tokens()
+        let tokens = State::<Tokens>::from_request_parts(parts, state).await?;
+        tokens
             .validate(&secret, &used_at)
             .await
             .map_err(|err| match err {
@@ -39,7 +45,11 @@ impl FromRequestParts<App> for Identity {
     }
 }
 
-impl OptionalFromRequestParts<App> for Identity {
+impl<App> OptionalFromRequestParts<App> for Identity
+where
+    Tokens: FromRef<App>,
+    App: Send + Sync,
+{
     type Rejection = LoginError<Internal>;
 
     async fn from_request_parts(
-- 
cgit v1.2.3