first commit
This commit is contained in:
Matthias Hinrichs
@@ -0,0 +1,31 @@
|
||||
package session
|
||||
|
||||
import (
|
||||
"crypto/rand"
|
||||
"log"
|
||||
|
||||
"github.com/gorilla/sessions"
|
||||
)
|
||||
|
||||
var Store *sessions.CookieStore
|
||||
|
||||
func init() {
|
||||
// Generate a secure 32-byte key for session authentication
|
||||
authKey := make([]byte, 32)
|
||||
_, err := rand.Read(authKey)
|
||||
if err != nil {
|
||||
// Fallback to a static key if random generation fails
|
||||
authKey = []byte("your-32-byte-long-auth-key-here!!")
|
||||
log.Println("Warning: Using static session key. Generate a secure key for production!")
|
||||
}
|
||||
|
||||
Store = sessions.NewCookieStore(authKey)
|
||||
|
||||
// Configure session options
|
||||
Store.Options = &sessions.Options{
|
||||
Path: "/",
|
||||
MaxAge: 86400 * 7, // 7 days
|
||||
HttpOnly: true,
|
||||
Secure: false, // Set to true if using HTTPS
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user