tidy up db stuff

src/db.rs

@@ -1,5 +1,6 @@
 use std::time::Duration;
 
+use async_session::SessionStore;
 use axum_login::{
     axum_sessions::{PersistencePolicy, SessionLayer},
     AuthLayer, SqliteStore, SqlxStore,
@@ -46,6 +47,15 @@ pub async fn session_layer(pool: SqlitePool, secret: &[u8]) -> SessionLayer<Sqli
         .migrate()
         .await
         .expect("Calling `migrate()` should be reliable, is the DB gone?");
+
+    // since the secret is new every time the server starts, old sessions won't be
+    // valid anymore; if there were ever more than one service host or there were
+    // managed secrets, this would need to go away.
+    store
+        .clear_store()
+        .await
+        .unwrap_or_else(|e| tracing::error!("Could not delete old sessions; got error: {e}"));
+
     SessionLayer::new(store, secret)
         .with_secure(true)
         .with_session_ttl(Some(SESSION_TTL))
@@ -65,8 +75,10 @@ pub async fn auth_layer(
 // Session store sub-module, not a public lib.
 //-************************************************************************
 mod session_store {
-    use async_session::{async_trait, chrono::Utc, log, serde_json, Result, Session, SessionStore};
+    use async_session::{async_trait, chrono::Utc, log, serde_json, Result, Session};
-    use sqlx::{pool::PoolConnection, sqlite::SqlitePool, Sqlite};
+    use sqlx::{pool::PoolConnection, Sqlite};
+
+    use super::*;
 
     // NOTE! This code was straight stolen from
     // https://github.com/jbr/async-sqlx-session/blob/30d00bed44ab2034082698f098eba48b21600f36/src/sqlite.rs

src/main.rs

@@ -51,8 +51,9 @@ async fn main() {
         .layer(session_layer)
         .with_state(pool);
 
+    let addr = ([127, 0, 0, 1], 3000);
     tracing::debug!("binding to 0.0.0.0:3000");
-    axum::Server::bind(&SocketAddr::from(([0, 0, 0, 0], 3000)))
+    axum::Server::bind(&SocketAddr::from(addr))
         .serve(app.into_make_service())
         .await
         .unwrap();