refactor: remove dependency on gin sessions

internal/api/api.go

@@ -11,8 +11,6 @@ import (
 	"tinyauth/internal/handlers"
 	"tinyauth/internal/types"
 
-	"github.com/gin-contrib/sessions"
-	"github.com/gin-contrib/sessions/cookie"
 	"github.com/gin-gonic/gin"
 	"github.com/rs/zerolog/log"
 )
@@ -51,21 +49,6 @@ func (api *API) Init() {
 	log.Debug().Msg("Setting up file server")
 	fileServer := http.FileServer(http.FS(dist))
 
-	// Setup cookie store
-	log.Debug().Msg("Setting up cookie store")
-	store := cookie.NewStore([]byte(api.Config.Secret))
-
-	// Use session middleware
-	store.Options(sessions.Options{
-		Domain:   api.Config.Domain,
-		Path:     "/",
-		HttpOnly: true,
-		Secure:   api.Config.CookieSecure,
-		MaxAge:   api.Config.SessionExpiry,
-	})
-
-	router.Use(sessions.Sessions("tinyauth", store))
-
 	// UI middleware
 	router.Use(func(c *gin.Context) {
 		// If not an API request, serve the UI

internal/api/api_test.go

@@ -21,11 +21,8 @@ import (
 
 // Simple API config for tests
 var apiConfig = types.APIConfig{
-	Port:          8080,
-	Address:       "0.0.0.0",
-	Secret:        "super-secret-api-thing-for-tests", // It is 32 chars long
-	CookieSecure:  false,
-	SessionExpiry: 3600,
+	Port:    8080,
+	Address: "0.0.0.0",
 }
 
 // Simple handlers config for tests
@@ -42,6 +39,8 @@ var handlersConfig = types.HandlersConfig{
 var authConfig = types.AuthConfig{
 	Users:           types.Users{},
 	OauthWhitelist:  []string{},
+	Secret:          "super-secret-api-thing-for-tests", // It is 32 chars long
+	CookieSecure:    false,
 	SessionExpiry:   3600,
 	LoginTimeout:    0,
 	LoginMaxRetries: 0,