+
+ let user = get_current_user(&req, &connection);
+ let (client_ip, client_user_agent) = get_ip_and_user_agent(&req);
+
+ match connection.sign_in(&form.email, &form.password, &client_ip, &client_user_agent) {
+ Ok(db::SignInResult::AccountNotValidated) =>
+ error_response(SignInError::AccountNotValidated, &form, user),
+ Ok(db::SignInResult::UserNotFound) | Ok(db::SignInResult::WrongPassword) => {
+ error_response(SignInError::AuthenticationFailed, &form, user)
+ },
+ Ok(db::SignInResult::Ok(token, user_id)) => {
+ let cookie = Cookie::new(COOKIE_AUTH_TOKEN_NAME, token);
+ let mut response =
+ HttpResponse::Found()
+ .insert_header((header::LOCATION, "/"))
+ .finish();
+ if let Err(error) = response.add_cookie(&cookie) {
+ eprintln!("Unable to set cookie after sign in: {:?}", error);
+ };
+ response
+ },
+ Err(error) => {
+ eprintln!("Signin error: {:?}", error);
+ error_response(SignInError::AuthenticationFailed, &form, user)
+ },
+ }
+}
+
+
+///// SIGN OUT /////
+
+#[get("/signout")]
+async fn sign_out(req: HttpRequest, connection: web::Data<db::Connection>) -> impl Responder {
+ let mut response =
+ HttpResponse::Found()
+ .insert_header((header::LOCATION, "/"))
+ .finish();
+
+ if let Some(token_cookie) = req.cookie(COOKIE_AUTH_TOKEN_NAME) {
+ if let Err(error) = connection.sign_out(token_cookie.value()) {
+ eprintln!("Unable to sign out: {:?}", error);
+ };
+
+ if let Err(error) = response.add_removal_cookie(&Cookie::new(COOKIE_AUTH_TOKEN_NAME, "")) {
+ eprintln!("Unable to set a removal cookie after sign out: {:?}", error);
+ };
+ };
+ response