Remove app state

It's not needed anymore since we're most likely going to go with some
sort of black-box end-to-end testing.

Author: GrantGryczan

backend/api.rs

@@ -5,7 +5,7 @@ use std::error::Error as _;
 use axum::{
     extract::{
         rejection::{JsonRejection, QueryRejection},
-        Request, State,
+        Request,
     },
     http::StatusCode,
     response::IntoResponse,
@@ -17,8 +17,6 @@ use strum_macros::IntoStaticStr;
 use thiserror::Error;
 use tower::ServiceExt;
 
-use crate::AppState;
-
 mod captcha;
 mod routes;
 mod validation;
@@ -192,17 +190,9 @@ struct Query<T>(pub T);
 type Response<T> = std::result::Result<(StatusCode, Json<T>), Error>;
 
 /// Routes a request to an API endpoint.
-pub(super) async fn handle(
-    State(state): State<AppState>,
-    request: Request,
-) -> axum::response::Response {
+pub(super) async fn handle(request: Request) -> axum::response::Response {
     // Calling the router needs a mutable reference to it (even though it shouldn't), so the router
     // must either have restricted access via a mutex or be cloned on each request. The former would
     // allow only one request at a time, so the latter is faster.
-    ROUTER
-        .clone()
-        .with_state(state)
-        .oneshot(request)
-        .await
-        .into_response()
+    ROUTER.clone().oneshot(request).await.into_response()
 }

backend/api/routes.rs

@@ -8,7 +8,7 @@ use axum::{
 };
 use tower_cookies::CookieManagerLayer;
 
-use crate::{api, AppState};
+use crate::api;
 
 mod v1 {
     //! The routes for version 1 of the HTTP API.
@@ -20,7 +20,7 @@ mod v1 {
 }
 
 /// The API router.
-pub(super) static ROUTER: LazyLock<Router<AppState>> = LazyLock::new(|| {
+pub(super) static ROUTER: LazyLock<Router> = LazyLock::new(|| {
     Router::new()
         .route(
             "/api/v1/email-verification",

backend/api/routes/v1/email_verification.rs

@@ -1,6 +1,6 @@
 //! The set of email verification requests for new users.
 
-use axum::{extract::State, http::StatusCode};
+use axum::http::StatusCode;
 use axum_macros::debug_handler;
 use lettre::message::Mailbox;
 use serde::{Deserialize, Serialize};
@@ -16,7 +16,7 @@ use crate::{
     db::{self, TxResult},
     email::{EmailTakenMessage, MessageTemplate, SendMessage, VerificationMessage},
     id::Token,
-    AppState, WEBSITE_ORIGIN,
+    WEBSITE_ORIGIN,
 };
 
 pub(crate) mod code;
@@ -47,25 +47,21 @@ pub(crate) enum GetQuery {
 ///
 /// See [`crate::api::Error`].
 #[debug_handler]
-pub(crate) async fn get(
-    State(state): State<AppState>,
-    Query(query): Query<GetQuery>,
-) -> Response<GetResponse> {
+pub(crate) async fn get(Query(query): Query<GetQuery>) -> Response<GetResponse> {
     let email = match query {
         GetQuery::Token { token } => {
             let token_hash = hash_without_salt(&token);
 
-            let Some(unverified_email) =
-                db::transaction!(&state.db_pool, async |tx| -> TxResult<_, api::Error> {
-                    Ok(sqlx::query!(
-                        "SELECT email FROM unverified_emails
-                            WHERE token_hash = $1 AND user_id IS NULL",
-                        token_hash.as_ref(),
-                    )
-                    .fetch_optional(tx.as_mut())
-                    .await?)
-                })
-                .await?
+            let Some(unverified_email) = db::transaction!(async |tx| -> TxResult<_, api::Error> {
+                Ok(sqlx::query!(
+                    "SELECT email FROM unverified_emails
+                        WHERE token_hash = $1 AND user_id IS NULL",
+                    token_hash.as_ref(),
+                )
+                .fetch_optional(tx.as_mut())
+                .await?)
+            })
+            .await?
             else {
                 return Err(api::Error::ResourceNotFound);
             };
@@ -74,19 +70,17 @@ pub(crate) async fn get(
         }
 
         GetQuery::EmailAndCode { email, code } => {
-            let Some(unverified_email) =
-                db::transaction!(&state.db_pool, async |tx| -> TxResult<_, api::Error> {
-                    Ok(sqlx::query!(
-                        r#"SELECT email, code_hash as "code_hash!" FROM unverified_emails
-                            WHERE user_id IS NULL AND email = $1 AND code_hash IS NOT NULL"#,
-                        email.as_str(),
-                    )
-                    .fetch_optional(tx.as_mut())
-                    .await?)
-                })
-                .await?
-                .filter(|unverified_email| verify_hash(&code, &unverified_email.code_hash))
-            else {
+            let Some(unverified_email) = db::transaction!(async |tx| -> TxResult<_, api::Error> {
+                Ok(sqlx::query!(
+                    r#"SELECT email, code_hash as "code_hash!" FROM unverified_emails
+                        WHERE user_id IS NULL AND email = $1 AND code_hash IS NOT NULL"#,
+                    email.as_str(),
+                )
+                .fetch_optional(tx.as_mut())
+                .await?)
+            })
+            .await?
+            .filter(|unverified_email| verify_hash(&code, &unverified_email.code_hash)) else {
                 return Err(api::Error::ResourceNotFound);
             };
 
@@ -128,16 +122,13 @@ pub(crate) struct PostRequest {
 ///
 /// See [`crate::api::Error`].
 #[debug_handler]
-pub(crate) async fn post(
-    State(state): State<AppState>,
-    Json(body): Json<PostRequest>,
-) -> Response<PostResponse> {
+pub(crate) async fn post(Json(body): Json<PostRequest>) -> Response<PostResponse> {
     // We don't want bots creating accounts or spamming people with verification emails.
     if !captcha::verify(&body.captcha_token).await? {
         return Err(api::Error::CaptchaFailed);
     }
 
-    db::transaction!(&state.db_pool, async |tx| -> TxResult<_, api::Error> {
+    db::transaction!(async |tx| -> TxResult<_, api::Error> {
         let existing_user = sqlx::query!(
             "SELECT name FROM users
                 WHERE email = $1",

backend/api/routes/v1/email_verification/code.rs

@@ -1,6 +1,6 @@
 //! The verification code of a new user's email verification request.
 
-use axum::{extract::State, http::StatusCode};
+use axum::http::StatusCode;
 use axum_macros::debug_handler;
 use serde::{Deserialize, Serialize};
 
@@ -9,7 +9,6 @@ use crate::{
     crypto::{generate_short_code, hash_with_salt, hash_without_salt},
     db::{self, TxResult},
     id::Token,
-    AppState,
 };
 
 /// A `POST` request query for this API route.
@@ -26,29 +25,25 @@ pub(crate) struct PostQuery {
 ///
 /// See [`crate::api::Error`].
 #[debug_handler]
-pub(crate) async fn post(
-    State(state): State<AppState>,
-    Query(query): Query<PostQuery>,
-) -> Response<PostResponse> {
+pub(crate) async fn post(Query(query): Query<PostQuery>) -> Response<PostResponse> {
     let token_hash = hash_without_salt(&query.token);
 
     let code = generate_short_code();
     let code_hash = hash_with_salt(&code);
 
-    let Some(unverified_email) =
-        db::transaction!(&state.db_pool, async |tx| -> TxResult<_, api::Error> {
-            Ok(sqlx::query!(
-                "UPDATE unverified_emails
-                    SET code_hash = $1
-                    WHERE token_hash = $2 AND user_id IS NULL
-                    RETURNING email",
-                code_hash,
-                token_hash.as_ref(),
-            )
-            .fetch_optional(tx.as_mut())
-            .await?)
-        })
-        .await?
+    let Some(unverified_email) = db::transaction!(async |tx| -> TxResult<_, api::Error> {
+        Ok(sqlx::query!(
+            "UPDATE unverified_emails
+                SET code_hash = $1
+                WHERE token_hash = $2 AND user_id IS NULL
+                RETURNING email",
+            code_hash,
+            token_hash.as_ref(),
+        )
+        .fetch_optional(tx.as_mut())
+        .await?)
+    })
+    .await?
     else {
         return Err(api::Error::ResourceNotFound);
     };

backend/api/routes/v1/password_reset.rs

@@ -1,6 +1,6 @@
 //! The set of email verification requests for new users.
 
-use axum::{extract::State, http::StatusCode};
+use axum::http::StatusCode;
 use axum_macros::debug_handler;
 use lettre::message::Mailbox;
 use serde::{Deserialize, Serialize};
@@ -16,7 +16,7 @@ use crate::{
     db::{self, TxResult},
     email::{MessageTemplate, PasswordResetFailedMessage, PasswordResetMessage, SendMessage},
     id::Token,
-    AppState, WEBSITE_ORIGIN,
+    WEBSITE_ORIGIN,
 };
 
 pub(crate) mod password;
@@ -35,24 +35,20 @@ pub(crate) struct GetQuery {
 ///
 /// See [`crate::api::Error`].
 #[debug_handler]
-pub(crate) async fn get(
-    State(state): State<AppState>,
-    Query(query): Query<GetQuery>,
-) -> Response<GetResponse> {
+pub(crate) async fn get(Query(query): Query<GetQuery>) -> Response<GetResponse> {
     let token_hash = hash_without_salt(&query.token);
 
-    let Some(password_reset) =
-        db::transaction!(&state.db_pool, async |tx| -> TxResult<_, api::Error> {
-            Ok(sqlx::query!(
-                "SELECT users.email
-                    FROM password_resets JOIN users ON users.id = password_resets.user_id
-                    WHERE password_resets.token_hash = $1",
-                token_hash.as_ref(),
-            )
-            .fetch_optional(tx.as_mut())
-            .await?)
-        })
-        .await?
+    let Some(password_reset) = db::transaction!(async |tx| -> TxResult<_, api::Error> {
+        Ok(sqlx::query!(
+            "SELECT users.email
+                FROM password_resets JOIN users ON users.id = password_resets.user_id
+                WHERE password_resets.token_hash = $1",
+            token_hash.as_ref(),
+        )
+        .fetch_optional(tx.as_mut())
+        .await?)
+    })
+    .await?
     else {
         return Err(api::Error::ResourceNotFound);
     };
@@ -91,16 +87,13 @@ pub(crate) struct PostRequest {
 ///
 /// See [`crate::api::Error`].
 #[debug_handler]
-pub(crate) async fn post(
-    State(state): State<AppState>,
-    Json(body): Json<PostRequest>,
-) -> Response<PostResponse> {
+pub(crate) async fn post(Json(body): Json<PostRequest>) -> Response<PostResponse> {
     // We don't want bots spamming people with password reset emails.
     if !captcha::verify(&body.captcha_token).await? {
         return Err(api::Error::CaptchaFailed);
     }
 
-    db::transaction!(&state.db_pool, async |tx| -> TxResult<_, api::Error> {
+    db::transaction!(async |tx| -> TxResult<_, api::Error> {
         let Some(user) = sqlx::query!(
             "SELECT id, name FROM users
                 WHERE email = $1",

backend/api/routes/v1/password_reset/password.rs

@@ -1,6 +1,6 @@
 //! The new password for a user's password reset request.
 
-use axum::{extract::State, http::StatusCode};
+use axum::http::StatusCode;
 use axum_macros::debug_handler;
 use serde::{Deserialize, Serialize};
 
@@ -9,7 +9,6 @@ use crate::{
     crypto::{hash_with_salt, hash_without_salt},
     db::{self, TxError, TxResult},
     id::Token,
-    AppState,
 };
 
 /// A `POST` request query for this API route.
@@ -35,15 +34,14 @@ pub(crate) struct PostRequest {
 /// See [`crate::api::Error`].
 #[debug_handler]
 pub(crate) async fn post(
-    State(state): State<AppState>,
     Query(query): Query<PostQuery>,
     Json(body): Json<PostRequest>,
 ) -> Response<PostResponse> {
     let token_hash = hash_without_salt(&query.token);
 
     let password_hash = hash_with_salt(&body.password);
 
-    db::transaction!(&state.db_pool, async |tx| -> TxResult<_, api::Error> {
+    db::transaction!(async |tx| -> TxResult<_, api::Error> {
         let Some(password_reset) = sqlx::query!(
             "DELETE FROM password_resets
                 WHERE token_hash = $1

backend/api/routes/v1/sessions.rs

@@ -2,7 +2,7 @@
 
 use std::sync::LazyLock;
 
-use axum::{extract::State, http::StatusCode};
+use axum::http::StatusCode;
 use axum_macros::debug_handler;
 use serde::{Deserialize, Serialize};
 use sqlx::Acquire;
@@ -20,7 +20,7 @@ use crate::{
     crypto::{hash_without_salt, verify_hash},
     db::{self, TxResult},
     id::Token,
-    AppState, WEBSITE_ORIGIN,
+    WEBSITE_ORIGIN,
 };
 
 /// The domain for the website.
@@ -47,11 +47,10 @@ pub(crate) struct PostRequest {
 /// See [`crate::api::Error`].
 #[debug_handler]
 pub(crate) async fn post(
-    State(state): State<AppState>,
     cookies: Cookies,
     Json(body): Json<PostRequest>,
 ) -> Response<PostResponse> {
-    let token = db::transaction!(&state.db_pool, async |tx| -> TxResult<_, api::Error> {
+    let token = db::transaction!(async |tx| -> TxResult<_, api::Error> {
         let Some(user) = sqlx::query!(
             "SELECT id, password_hash FROM users
                 WHERE email = $1",

backend/api/routes/v1/users.rs

@@ -1,6 +1,6 @@
 //! The set of all users.
 
-use axum::{extract::State, http::StatusCode};
+use axum::http::StatusCode;
 use axum_macros::debug_handler;
 use serde::{Deserialize, Serialize};
 use sqlx::Acquire;
@@ -14,7 +14,6 @@ use crate::{
     crypto::{hash_with_salt, verify_hash},
     db::{self, TxError, TxResult},
     id::NewUserId,
-    AppState,
 };
 
 /// A `POST` request body for this API route.
@@ -40,15 +39,12 @@ pub(crate) struct PostRequest {
 ///
 /// See [`crate::api::Error`].
 #[debug_handler]
-pub(crate) async fn post(
-    State(state): State<AppState>,
-    Json(body): Json<PostRequest>,
-) -> Response<PostResponse> {
+pub(crate) async fn post(Json(body): Json<PostRequest>) -> Response<PostResponse> {
     let mut user_id = NewUserId::generate();
 
     let password_hash = hash_with_salt(&body.password);
 
-    db::transaction!(&state.db_pool, async |tx| -> TxResult<_, api::Error> {
+    db::transaction!(async |tx| -> TxResult<_, api::Error> {
         let Some(unverified_email) = sqlx::query!(
             "DELETE FROM unverified_emails
                 WHERE user_id IS NULL AND email = $1