bugfix: return existing token instead of creating a new one every time

src/auth/mod.rs

@@ -84,7 +84,7 @@ impl UserAuthenticator {
     }
 
     #[instrument]
-    pub async fn create_user_token(
+    pub async fn get_user_token(
         &self,
         username: &str,
         password: &Password,
@@ -108,13 +108,23 @@ impl UserAuthenticator {
             return Err(AuthenticationError::InvalidUserOrPassword);
         };
 
-        let new_token =
+        // if a valid token exists, return it; if not, create a new one
-            UserToken::from(Alphanumeric.sample_string(&mut thread_rng(), Self::TOKEN_LEN));
-
         let mut db = self.db.lock().await;
-        db.save_token(&username, &new_token).await?;
+        let token =
+            if let Some(UserTokenEntry::Valid(old_token, _, _)) = db.get_token(&username).await? {
+                // TODO: update old_token's last_used value
 
-        Ok((username, new_token))
+                old_token
+            } else {
+                let new_token =
+                    UserToken::from(Alphanumeric.sample_string(&mut thread_rng(), Self::TOKEN_LEN));
+
+                db.save_token(&username, &new_token).await?;
+
+                new_token
+            };
+
+        Ok((username, token))
     }
 
     #[instrument]

src/server.rs

@@ -114,7 +114,7 @@ async fn api_login(
     event!(Level::INFO, "Generating user key");
 
     let (username, user_token) = user_authenticator
-        .create_user_token(&username, &password)
+        .get_user_token(&username, &password)
         .await?;
 
     Ok(Json(LoginResponse {