create_rust_app::auth::controller

Function refresh

Source 
pub fn refresh(
    db: &Database,
    refresh_token_str: Option<&str>,
) -> Result<(String, String), (u16, &'static str)>
Expand description

/refresh

refreshes the user session associated with the clients refresh_token cookie

§Returns Result

  • Ok([AccessToken], [RefreshToken])
    • an access token that should be sent to the user in the response body,
    • a reset token that should be sent as a secure, http-only, and same_site=strict cookie.
  • Err([StatusCode], [Message])

§Errors

  • 401: Invalid session
  • 401: Invalid token
  • 500: Could not update session
  • 500: An internal server error occurred

§Panics

  • could not connect to database
  • could not get SECRET_KEY from environment

TODO: don’t panic if db connection fails, just return an error