refactor: rewrite entire codebase in axum instead of actix

Replaces actix with axum for web, allows us to use socket.io and gives us access to the tower ecosystem of middleware breaks compatibility with our current websocket implementation, needs to be reimplemented for socket.io
2025-07-16 16:36:22 +02:00 · 2025-07-16 16:36:22 +02:00 · 324137ce8b
commit 324137ce8b
parent 3647086adb
47 changed files with 1381 additions and 1129 deletions
--- a/src/api/v1/auth/logout.rs
+++ b/src/api/v1/auth/logout.rs
@ -1,9 +1,16 @@
-use actix_web::{HttpRequest, HttpResponse, get, web};
+use std::sync::Arc;
+
+use axum::{
+    extract::State,
+    http::{HeaderValue, StatusCode},
+    response::IntoResponse,
+};
+use axum_extra::extract::CookieJar;
 use diesel::{ExpressionMethods, delete};
 use diesel_async::RunQueryDsl;

 use crate::{
-    Data,
+    AppState,
    error::Error,
    schema::refresh_tokens::{self, dsl},
 };
@ -20,28 +27,49 @@ use crate::{
 ///
 /// 401 Unauthorized (no refresh token found)
 ///
-#[get("/logout")]
-pub async fn res(req: HttpRequest, data: web::Data<Data>) -> Result<HttpResponse, Error> {
-    let mut refresh_token_cookie = req.cookie("refresh_token").ok_or(Error::Unauthorized(
-        "request has no refresh token".to_string(),
-    ))?;
+pub async fn res(
+    State(app_state): State<Arc<AppState>>,
+    jar: CookieJar,
+) -> Result<impl IntoResponse, Error> {
+    let mut refresh_token_cookie = jar
+        .get("refresh_token")
+        .ok_or(Error::Unauthorized(
+            "request has no refresh token".to_string(),
+        ))?
+        .to_owned();

-    let refresh_token = String::from(refresh_token_cookie.value());
+    let access_token_cookie = jar.get("access_token");

-    let mut conn = data.pool.get().await?;
+    let refresh_token = String::from(refresh_token_cookie.value_trimmed());
+
+    let mut conn = app_state.pool.get().await?;

    let deleted = delete(refresh_tokens::table)
        .filter(dsl::token.eq(refresh_token))
        .execute(&mut conn)
        .await?;

-    refresh_token_cookie.make_removal();
+    let mut response;

    if deleted == 0 {
-        return Ok(HttpResponse::NotFound()
-            .cookie(refresh_token_cookie)
-            .finish());
+        response = StatusCode::NOT_FOUND.into_response();
+    } else {
+        response = StatusCode::OK.into_response();
    }

-    Ok(HttpResponse::Ok().cookie(refresh_token_cookie).finish())
+    refresh_token_cookie.make_removal();
+    response.headers_mut().append(
+        "Set-Cookie",
+        HeaderValue::from_str(&refresh_token_cookie.to_string())?,
+    );
+
+    if let Some(cookie) = access_token_cookie {
+        let mut cookie = cookie.clone();
+        cookie.make_removal();
+        response
+            .headers_mut()
+            .append("Set-Cookie2", HeaderValue::from_str(&cookie.to_string())?);
+    }
+
+    Ok(response)
 }