From 437755b65421408c049ff9e4b8bd247ffaac76ee Mon Sep 17 00:00:00 2001
From: EleisonC <ckalule7@gmail.com>
Date: Wed, 20 May 2026 00:14:28 -0400
Subject: [PATCH 1/2] update alpine version and verify_2fa, logout & login
 return type

---
 app-service/Dockerfile                |  8 ++--
 auth-service/Dockerfile               |  8 ++--
 auth-service/src/routes/login.rs      | 53 ++++++++++++++-------------
 auth-service/src/routes/logout.rs     | 10 ++---
 auth-service/src/routes/verify_2fa.rs | 18 ++++-----
 5 files changed, 47 insertions(+), 50 deletions(-)

diff --git a/app-service/Dockerfile b/app-service/Dockerfile
index 66b518bda..7c647dc7f 100644
--- a/app-service/Dockerfile
+++ b/app-service/Dockerfile
@@ -1,10 +1,8 @@
 # Start with image that has the Rust toolchain installed
-FROM rust:1.90-alpine AS chef
+FROM rust:1.91-alpine AS chef
 USER root
 # Add cargo-chef to cache dependencies
-RUN apk add --no-cache musl-dev
-RUN rustup update stable
-RUN cargo install cargo-chef --locked
+RUN apk add --no-cache musl-dev && cargo install cargo-chef --locked
 WORKDIR /app
 
 FROM chef AS planner
@@ -27,4 +25,4 @@ WORKDIR /app
 COPY --from=builder /app/target/release/app-service /usr/local/bin
 COPY --from=builder /app/assets /app/assets
 ENV AUTH_SERVICE_HOST_NAME=auth-service
-ENTRYPOINT ["/usr/local/bin/app-service"]
\ No newline at end of file
+ENTRYPOINT ["/usr/local/bin/app-service"]
diff --git a/auth-service/Dockerfile b/auth-service/Dockerfile
index e666b5513..e40355abd 100644
--- a/auth-service/Dockerfile
+++ b/auth-service/Dockerfile
@@ -1,10 +1,8 @@
 # Start with image that has the Rust toolchain installed
-FROM rust:1.90-alpine AS chef
+FROM rust:1.91-alpine AS chef
 USER root
 # Add cargo-chef to cache dependencies
-RUN apk add --no-cache musl-dev
-RUN rustup update stable
-RUN cargo install cargo-chef --locked
+RUN apk add --no-cache musl-dev && cargo install cargo-chef --locked
 WORKDIR /app
 
 FROM chef AS planner
@@ -26,4 +24,4 @@ FROM debian:buster-slim AS runtime
 WORKDIR /app
 COPY --from=builder /app/target/release/auth-service /usr/local/bin
 COPY --from=builder /app/assets /app/assets
-ENTRYPOINT ["/usr/local/bin/auth-service"]
\ No newline at end of file
+ENTRYPOINT ["/usr/local/bin/auth-service"]
diff --git a/auth-service/src/routes/login.rs b/auth-service/src/routes/login.rs
index 5dbbd3f03..6c80b9d59 100644
--- a/auth-service/src/routes/login.rs
+++ b/auth-service/src/routes/login.rs
@@ -1,4 +1,9 @@
-use axum::{extract::State, http::StatusCode, response::IntoResponse, Json};
+use axum::{
+    extract::State,
+    http::StatusCode,
+    response::{IntoResponse, Response},
+    Json,
+};
 use axum_extra::extract::CookieJar;
 use serde::{Deserialize, Serialize};
 
@@ -12,26 +17,26 @@ pub async fn login(
     State(state): State<AppState>,
     jar: CookieJar,
     Json(request): Json<LoginRequest>,
-) -> (CookieJar, Result<impl IntoResponse, AuthAPIError>) {
+) -> Result<(CookieJar, impl IntoResponse), AuthAPIError> {
     let password = match Password::parse(request.password) {
         Ok(password) => password,
-        Err(_) => return (jar, Err(AuthAPIError::InvalidCredentials)),
+        Err(_) => return Err(AuthAPIError::InvalidCredentials),
     };
 
     let email = match Email::parse(request.email) {
         Ok(email) => email,
-        Err(_) => return (jar, Err(AuthAPIError::InvalidCredentials)),
+        Err(_) => return Err(AuthAPIError::InvalidCredentials),
     };
 
     let user_store = &state.user_store.read().await;
 
     if user_store.validate_user(&email, &password).await.is_err() {
-        return (jar, Err(AuthAPIError::IncorrectCredentials));
+        return Err(AuthAPIError::IncorrectCredentials);
     }
 
     let user = match user_store.get_user(&email).await {
         Ok(user) => user,
-        Err(_) => return (jar, Err(AuthAPIError::IncorrectCredentials)),
+        Err(_) => return Err(AuthAPIError::IncorrectCredentials),
     };
 
     match user.requires_2fa {
@@ -44,10 +49,7 @@ async fn handle_2fa(
     email: &Email,
     state: &AppState,
     jar: CookieJar,
-) -> (
-    CookieJar,
-    Result<(StatusCode, Json<LoginResponse>), AuthAPIError>,
-) {
+) -> Result<(CookieJar, Response), AuthAPIError> {
     let login_attempt_id = LoginAttemptId::default();
     let two_fa_code = TwoFACode::default();
 
@@ -59,7 +61,7 @@ async fn handle_2fa(
         .await
         .is_err()
     {
-        return (jar, Err(AuthAPIError::UnexpectedError));
+        return Err(AuthAPIError::UnexpectedError);
     }
 
     if state
@@ -68,35 +70,34 @@ async fn handle_2fa(
         .await
         .is_err()
     {
-        return (jar, Err(AuthAPIError::UnexpectedError));
+        return Err(AuthAPIError::UnexpectedError);
     }
 
-    let response = Json(LoginResponse::TwoFactorAuth(TwoFactorAuthResponse {
-        message: "2FA required".to_owned(),
-        login_attempt_id: login_attempt_id.as_ref().to_owned(),
-    }));
+    let response = (
+        StatusCode::PARTIAL_CONTENT,
+        Json(LoginResponse::TwoFactorAuth(TwoFactorAuthResponse {
+            message: "2FA required".to_owned(),
+            login_attempt_id: login_attempt_id.as_ref().to_owned(),
+        })),
+    )
+        .into_response();
 
-    (jar, Ok((StatusCode::PARTIAL_CONTENT, response)))
+    Ok((jar, response))
 }
 
 async fn handle_no_2fa(
     email: &Email,
     jar: CookieJar,
-) -> (
-    CookieJar,
-    Result<(StatusCode, Json<LoginResponse>), AuthAPIError>,
-) {
+) -> Result<(CookieJar, Response), AuthAPIError> {
     let auth_cookie = match generate_auth_cookie(email) {
         Ok(cookie) => cookie,
-        Err(_) => return (jar, Err(AuthAPIError::UnexpectedError)),
+        Err(_) => return Err(AuthAPIError::UnexpectedError),
     };
 
     let updated_jar = jar.add(auth_cookie);
+    let response = (StatusCode::OK, Json(LoginResponse::RegularAuth)).into_response();
 
-    (
-        updated_jar,
-        Ok((StatusCode::OK, Json(LoginResponse::RegularAuth))),
-    )
+    Ok((updated_jar, response))
 }
 
 #[derive(Deserialize)]
diff --git a/auth-service/src/routes/logout.rs b/auth-service/src/routes/logout.rs
index 66de33789..9b1d4b5c0 100644
--- a/auth-service/src/routes/logout.rs
+++ b/auth-service/src/routes/logout.rs
@@ -10,17 +10,17 @@ use crate::{
 pub async fn logout(
     State(state): State<AppState>,
     jar: CookieJar,
-) -> (CookieJar, Result<impl IntoResponse, AuthAPIError>) {
+) -> Result<(CookieJar, impl IntoResponse), AuthAPIError> {
     let cookie = match jar.get(JWT_COOKIE_NAME) {
         Some(cookie) => cookie,
-        None => return (jar, Err(AuthAPIError::MissingToken)),
+        None => return Err(AuthAPIError::MissingToken),
     };
 
     // Validate token
     let token = cookie.value().to_owned();
     let _ = match validate_token(&token, state.banned_token_store.clone()).await {
         Ok(claims) => claims,
-        Err(_) => return (jar, Err(AuthAPIError::InvalidToken)),
+        Err(_) => return Err(AuthAPIError::InvalidToken),
     };
 
     // Add token to banned list
@@ -32,11 +32,11 @@ pub async fn logout(
         .await
         .is_err()
     {
-        return (jar, Err(AuthAPIError::UnexpectedError));
+        return Err(AuthAPIError::UnexpectedError);
     }
 
     // Remove jwt cookie
     let jar = jar.remove(cookie::Cookie::from(JWT_COOKIE_NAME));
 
-    (jar, Ok(StatusCode::OK))
+    Ok((jar, StatusCode::OK))
 }
diff --git a/auth-service/src/routes/verify_2fa.rs b/auth-service/src/routes/verify_2fa.rs
index a015b6501..8865ce4d4 100644
--- a/auth-service/src/routes/verify_2fa.rs
+++ b/auth-service/src/routes/verify_2fa.rs
@@ -12,45 +12,45 @@ pub async fn verify_2fa(
     State(state): State<AppState>,
     jar: CookieJar,
     Json(request): Json<Verify2FARequest>,
-) -> (CookieJar, Result<impl IntoResponse, AuthAPIError>) {
+) -> Result<(CookieJar, impl IntoResponse), AuthAPIError> {
     let email = match Email::parse(request.email.clone()) {
         Ok(email) => email,
-        Err(_) => return (jar, Err(AuthAPIError::InvalidCredentials)),
+        Err(_) => return Err(AuthAPIError::InvalidCredentials),
     };
 
     let login_attempt_id = match LoginAttemptId::parse(request.login_attempt_id.clone()) {
         Ok(login_attempt_id) => login_attempt_id,
-        Err(_) => return (jar, Err(AuthAPIError::InvalidCredentials)),
+        Err(_) => return Err(AuthAPIError::InvalidCredentials),
     };
 
     let two_fa_code = match TwoFACode::parse(request.two_fa_code) {
         Ok(two_fa_code) => two_fa_code,
-        Err(_) => return (jar, Err(AuthAPIError::InvalidCredentials)),
+        Err(_) => return Err(AuthAPIError::InvalidCredentials),
     };
 
     let mut two_fa_code_store = state.two_fa_code_store.write().await;
 
     let code_tuple = match two_fa_code_store.get_code(&email).await {
         Ok(code_tuple) => code_tuple,
-        Err(_) => return (jar, Err(AuthAPIError::IncorrectCredentials)),
+        Err(_) => return Err(AuthAPIError::IncorrectCredentials),
     };
 
     if !code_tuple.0.eq(&login_attempt_id) || !code_tuple.1.eq(&two_fa_code) {
-        return (jar, Err(AuthAPIError::IncorrectCredentials));
+        return Err(AuthAPIError::IncorrectCredentials);
     }
 
     if two_fa_code_store.remove_code(&email).await.is_err() {
-        return (jar, Err(AuthAPIError::UnexpectedError));
+        return Err(AuthAPIError::UnexpectedError);
     }
 
     let cookie = match generate_auth_cookie(&email) {
         Ok(cookie) => cookie,
-        Err(_) => return (jar, Err(AuthAPIError::UnexpectedError)),
+        Err(_) => return Err(AuthAPIError::UnexpectedError),
     };
 
     let updated_jar = jar.add(cookie);
 
-    (updated_jar, Ok(()))
+    Ok((updated_jar, ()))
 }
 
 #[derive(Debug, Deserialize)]

From fd589ba261c632fd859c6719135dbc805b63a6ac Mon Sep 17 00:00:00 2001
From: EleisonC <ckalule7@gmail.com>
Date: Wed, 20 May 2026 15:43:27 -0400
Subject: [PATCH 2/2] update alpine handle_no_2fa, handle_2fa return types

---
 auth-service/src/routes/login.rs | 16 +++++-----------
 1 file changed, 5 insertions(+), 11 deletions(-)

diff --git a/auth-service/src/routes/login.rs b/auth-service/src/routes/login.rs
index 6c80b9d59..f69a2b5f1 100644
--- a/auth-service/src/routes/login.rs
+++ b/auth-service/src/routes/login.rs
@@ -1,9 +1,4 @@
-use axum::{
-    extract::State,
-    http::StatusCode,
-    response::{IntoResponse, Response},
-    Json,
-};
+use axum::{extract::State, http::StatusCode, response::IntoResponse, Json};
 use axum_extra::extract::CookieJar;
 use serde::{Deserialize, Serialize};
 
@@ -49,7 +44,7 @@ async fn handle_2fa(
     email: &Email,
     state: &AppState,
     jar: CookieJar,
-) -> Result<(CookieJar, Response), AuthAPIError> {
+) -> Result<(CookieJar, (StatusCode, Json<LoginResponse>)), AuthAPIError> {
     let login_attempt_id = LoginAttemptId::default();
     let two_fa_code = TwoFACode::default();
 
@@ -79,8 +74,7 @@ async fn handle_2fa(
             message: "2FA required".to_owned(),
             login_attempt_id: login_attempt_id.as_ref().to_owned(),
         })),
-    )
-        .into_response();
+    );
 
     Ok((jar, response))
 }
@@ -88,14 +82,14 @@ async fn handle_2fa(
 async fn handle_no_2fa(
     email: &Email,
     jar: CookieJar,
-) -> Result<(CookieJar, Response), AuthAPIError> {
+) -> Result<(CookieJar, (StatusCode, Json<LoginResponse>)), AuthAPIError> {
     let auth_cookie = match generate_auth_cookie(email) {
         Ok(cookie) => cookie,
         Err(_) => return Err(AuthAPIError::UnexpectedError),
     };
 
     let updated_jar = jar.add(auth_cookie);
-    let response = (StatusCode::OK, Json(LoginResponse::RegularAuth)).into_response();
+    let response = (StatusCode::OK, Json(LoginResponse::RegularAuth));
 
     Ok((updated_jar, response))
 }