A deployable markdown editor that connects with your self hosted files and lets you edit in a beautiful interface
Fix gothic session store initialization
- Initialize gothic.Store with CookieStore using SESSION_SECRET
- Configure session options for gothic (MaxAge, HttpOnly, Secure)
- This fixes the 'hash key is not set' error
- Gothic needs its own session store separate from our custom session management
+24
+24
backend/internal/auth/github.go
+24
backend/internal/auth/github.go
···
4
4
"fmt"
5
5
"os"
6
6
7
+
"github.com/gorilla/sessions"
7
8
"github.com/markbates/goth"
9
+
"github.com/markbates/goth/gothic"
8
10
"github.com/markbates/goth/providers/github"
9
11
)
10
12
···
13
15
githubClientID := os.Getenv("GITHUB_CLIENT_ID")
14
16
githubClientSecret := os.Getenv("GITHUB_CLIENT_SECRET")
15
17
githubCallbackURL := os.Getenv("GITHUB_REDIRECT_URL")
18
+
sessionSecret := os.Getenv("SESSION_SECRET")
16
19
17
20
if githubClientID == "" || githubClientSecret == "" {
18
21
return fmt.Errorf("GitHub OAuth credentials not configured")
19
22
}
20
23
24
+
if sessionSecret == "" {
25
+
return fmt.Errorf("SESSION_SECRET not configured")
26
+
}
27
+
28
+
if len(sessionSecret) < 32 {
29
+
return fmt.Errorf("SESSION_SECRET must be at least 32 characters")
30
+
}
31
+
21
32
if githubCallbackURL == "" {
22
33
githubCallbackURL = "http://localhost:8080/api/auth/github/callback"
23
34
}
35
+
36
+
// Initialize gothic's session store (required by gothic.BeginAuthHandler)
37
+
key := []byte(sessionSecret)
38
+
maxAge := 86400 // 24 hours
39
+
isProd := os.Getenv("SESSION_SECURE") == "true"
40
+
41
+
store := sessions.NewCookieStore(key)
42
+
store.MaxAge(maxAge)
43
+
store.Options.Path = "/"
44
+
store.Options.HttpOnly = true
45
+
store.Options.Secure = isProd
46
+
47
+
gothic.Store = store
24
48
25
49
// Initialize GitHub provider
26
50
goth.UseProviders(