fix: encrypt the cookie in sessions (#225)

* fix: encrypt the cookie in sessions * tests: use new auth config in tests * fix: coderabbit suggestions
2025-10-28 12:45:47 +00:00 · 2025-07-04 01:43:36 +03:00
parent 7640e956c2
commit c10bff55de
5 changed files with 63 additions and 6 deletions
--- a/internal/types/config.go
+++ b/internal/types/config.go
@@ -80,12 +80,13 @@ type AuthConfig struct {
 	Users             Users
 	OauthWhitelist    string
 	SessionExpiry     int
-	Secret            string
 	CookieSecure      bool
 	Domain            string
 	LoginTimeout      int
 	LoginMaxRetries   int
 	SessionCookieName string
+	HMACSecret        string
+	EncryptionSecret  string
 }

 // HooksConfig is the configuration for the hooks service