~Use the warp-session crate if possible.~ Doesn't seem to be useful.
[x] Add an API function to login a user, setting the session id as cookie (maybe also username? Check what is best practice). This could be a separate URL, such that we don't have cookie setting part in the API functions
[ ] Pass that cookie internally via warp to the implementation of the API functions use the cookie to get the user struct and pass that to the API functions
[x] Check if the authentication cookie is valid before continuing, and update session timeout
[x] Logout API function to delete session
[ ] For each single API function, check what kind of authentication is needed instead, simply use the user struct in the API functions, and structure the database in a way that everything belongs to some user (for now)
[x] Logout function to delete all user sessions
[x] for each API request, extend the life time of the cookie
[x] Automatic deletion of old sessions from database
~Use the warp-session crate if possible.~ Doesn't seem to be useful.
[ ] Pass that cookie internally via warp to the implementation of the API functionsuse the cookie to get the user struct and pass that to the API functions[ ] For each single API function, check what kind of authentication is neededinstead, simply use the user struct in the API functions, and structure the database in a way that everything belongs to some user (for now)