auth: Add a logout button

Add a logout button that clears the auth cookies, logging out the user.
It also tries to remove the auth token from the databse, but will ignore
any error during the database operation.

Do some include clean-ups as well.

src/auth.rs

@@ -185,6 +185,32 @@ pub async fn login(week: u8, form: Form<AuthForm>, mut db: Connection<Db>, cooki
     Redirect::to(uri!(week::week(week)))
 }
 
+#[post("/<week>/logout")]
+pub async fn logout(week: u8, mut db: Connection<Db>, cookies: &CookieJar<'_>) -> Redirect {
+    let auth_token: Option<String> = match cookies.get_private("auth_token") {
+        Some(cookie) => Some(cookie.value().to_string()),
+        None => None
+    };
+
+    // Should not be able to log out ?
+    if auth_token.is_none() {
+        return Redirect::to(uri!(week::week(week)))
+    }
+
+    match sqlx::query("DELETE FROM AuthTokens WHERE token == $1;")
+        .bind(auth_token)
+        .execute(&mut **db)
+        .await {
+        Ok(_) => debug!("Auth token deletion successful"),
+        Err(error) => debug!("Auth token could not be removed ({error}), proceeding anyway.")
+    }
+
+    cookies.remove_private("auth_token");
+    cookies.remove_private("auth_id");
+
+    Redirect::to(uri!(week::week(week)))
+}
+
 pub fn bypass_auth_debug(cookies: &CookieJar<'_>) {
     if cookies.get_private("auth_token").is_some() {
         return

src/main.rs

@@ -1,18 +1,13 @@
 #[macro_use] extern crate rocket;
 
-use rocket::{Rocket, Build, futures};
 use rocket::fs::{FileServer, relative};
-use rocket::http::CookieJar;
 use rocket::response::Redirect;
-use rocket::serde::{Serialize, Deserialize, json::Json};
 
-use rocket_dyn_templates::{Template, context};
+use rocket_dyn_templates::Template;
 
-use rocket_db_pools::{sqlx, sqlx::Row, Database, Connection};
+use rocket_db_pools::{sqlx, sqlx::Row, Connection};
-use sqlx::Error;
 
 mod auth;
-use auth::User;
 
 mod truth;
 mod vote;
@@ -21,7 +16,6 @@ mod week;
 
 mod database;
 mod database_records;
-use database_records::*;
 use database::Db;
 
 #[get("/")]
@@ -46,7 +40,7 @@ fn rocket() -> _ {
             vote::fetch_vote_data, vote::vote,
             truth::create_truth, truth::edit_truth,
             week::week, week::update_week, week::set_last_week, week::create_week,
-            auth::login])
+            auth::login, auth::logout])
         .attach(database::stage())
         .attach(Template::fairing())
 }

src/vote.rs

@@ -2,7 +2,6 @@ use std::collections::hash_map::Entry;
 use std::collections::HashMap;
 use rocket::fairing::AdHoc;
 use rocket::form::Form;
-use rocket::futures::TryFutureExt;
 use rocket::http::CookieJar;
 use rocket::response::Redirect;
 use rocket::serde::{Serialize, Deserialize};

templates/index.html.tera

@@ -43,7 +43,10 @@
 <div class="top_bar">
     <h1>{{ title }}</h1>
     {% if user.logged_in == true %}
-        <p>Connecté en tant que <b>{{ user.name }}</b></p>
+        <form class="login" id="logout" action="/{{ week_data.number }}/logout" method="POST">
+            Connecté en tant que <b>{{ user.name }}</b>
+            <button form="logout">Déconnecter</button>
+        </form>
     {% else %}
         <form class="login" id="login" action="/{{ week_data.number }}/login" method="POST">
             <label>Pseudo <input form="login" type="text" name="name"/></label>