Finally get login working.

2025-03-26 08:36:11 +00:00
parent e55508661c
commit e3f3d73fdd
6 changed files with 96 additions and 28 deletions
--- a/helpers/session.go
+++ b/helpers/session.go
@@ -1,27 +1,34 @@
 package helpers

 import (
+	"encoding/gob"
 	"net/http"
 	"time"

 	"github.com/gorilla/sessions"
 )

-var store = sessions.NewCookieStore([]byte("super-secret-key")) // //ToDo make key global
+var authKey = []byte("12345678901234567890123456789012")    // ToDo: Make env var
+var encryptKey = []byte("abcdefghijklmnopqrstuvwx12345678") // ToDo: Make env var
+var sessionName = "synlotto-session"
+var store = sessions.NewCookieStore(authKey, encryptKey)
+
 const SessionTimeout = 30 * time.Minute

 func init() {
+	gob.Register(time.Time{})
+
 	store.Options = &sessions.Options{
 		Path:     "/",
 		MaxAge:   86400 * 1,
 		HttpOnly: true,
-		Secure:   true,
-		SameSite: http.SameSiteStrictMode,
+		Secure:   false, // TODO: make env-configurable
+		SameSite: http.SameSiteLaxMode,
 	}
 }

 func GetSession(w http.ResponseWriter, r *http.Request) (*sessions.Session, error) {
-	return store.Get(r, "session-name")
+	return store.Get(r, sessionName)
 }

 func IsSessionExpired(session *sessions.Session) bool {