refactor: oauth flow (#726)

* wip * feat: add oauth session impl in auth service * feat: move oauth logic into auth service and handle multiple sessions * tests: fix tests * fix: review comments * fix: prevent ddos attacks in oauth rate limit
2026-03-24 15:37:53 +00:00 · 2026-03-22 21:03:32 +02:00
parent d71a8e03cc
commit f26c217161
15 changed files with 520 additions and 558 deletions
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -73,6 +73,7 @@ var BuildTimestamp = "0000-00-00T00:00:00Z"
 var SessionCookieName = "tinyauth-session"
 var CSRFCookieName = "tinyauth-csrf"
 var RedirectCookieName = "tinyauth-redirect"
+var OAuthSessionCookieName = "tinyauth-oauth"

 // Main app config