pub fn admin_login(
form: Form<LoginForm>,
cookies: &CookieJar<'_>,
pool: &State<DbPool>,
) -> RedirectExpand description
Processes sign-in (POST /admin/login): validates the token against auth.rerun_tokens; on
success opens a server-side session and sets the ADMIN_COOKIE cookie to its random
opaque id (HttpOnly, SameSite=Lax) — the cookie no longer carries the token — then redirects to
the validated next destination (default /admin). A bad token (or a DB hiccup opening the
session) returns to the sign-in page flagged, preserving next.