Function login_user

pub async fn login_user(
    pool: &Pool<MySql>,
    email: &str,
    password: &str,
) -> Result<User>

Authenticates a user using email and password.

This function attempts to retrieve a user record with the provided email and hashed password combination. It’s used during login processes to verify user credentials.

Arguments

• pool - Database connection pool for executing the query
• email - Email address entered by the user
• password - Password entered by the user (should be pre-hashed)

Returns

• Ok(User) - Successfully authenticated user
• Err(anyhow::Error) - Authentication failed or user doesn’t exist

Security Considerations

This function expects the password to be pre-hashed before being passed in. It does not perform any password hashing itself, as this is typically handled by a higher-level security service that:

1. Retrieves the user and their salt using get_user_by_email
2. Uses the salt to hash the provided password
3. Calls this function with the properly hashed password

Error Handling

For security reasons, this function provides a generic error message regardless of whether the email wasn’t found or the password was incorrect. This prevents information leakage about existing email addresses.

Account Lockout

This function checks if the account is locked before attempting authentication.