fix: encrypt the cookie in sessions

2025-10-28 12:45:47 +00:00 · 2025-07-04 01:08:17 +03:00
parent 7640e956c2
commit ebcf6e6aa6
4 changed files with 61 additions and 5 deletions
--- a/internal/types/config.go
+++ b/internal/types/config.go
@@ -80,12 +80,13 @@ type AuthConfig struct {
 	Users             Users
 	OauthWhitelist    string
 	SessionExpiry     int
-	Secret            string
 	CookieSecure      bool
 	Domain            string
 	LoginTimeout      int
 	LoginMaxRetries   int
 	SessionCookieName string
+	HMACSecret        string
+	EncryptionSecret  string
 }

 // HooksConfig is the configuration for the hooks service