Matthias Hinrichs
32 lines
705 B
Go
32 lines
705 B
Go
package session
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"log"
|
|
|
|
"github.com/gorilla/sessions"
|
|
)
|
|
|
|
var Store *sessions.CookieStore
|
|
|
|
func init() {
|
|
// Generate a secure 32-byte key for session authentication
|
|
authKey := make([]byte, 32)
|
|
_, err := rand.Read(authKey)
|
|
if err != nil {
|
|
// Fallback to a static key if random generation fails
|
|
authKey = []byte("your-32-byte-long-auth-key-here!!")
|
|
log.Println("Warning: Using static session key. Generate a secure key for production!")
|
|
}
|
|
|
|
Store = sessions.NewCookieStore(authKey)
|
|
|
|
// Configure session options
|
|
Store.Options = &sessions.Options{
|
|
Path: "/",
|
|
MaxAge: 86400 * 7, // 7 days
|
|
HttpOnly: true,
|
|
Secure: false, // Set to true if using HTTPS
|
|
}
|
|
}
|