From 887ed241d64ba5db3fd3d87194fb5595e5ad7d73 Mon Sep 17 00:00:00 2001 From: r Date: Tue, 25 Oct 2022 13:40:49 +0000 Subject: Use cookies for session storage Remove the server side session storage and store all the session related data in the client side cookies. This decreases the exposure of the auth tokens. It also simplifies the installation process as bloat no longer requires write access to the filesystem. This is a breaking change, all the existing sessions will stop working. --- main.go | 24 +----------------------- 1 file changed, 1 insertion(+), 23 deletions(-) (limited to 'main.go') diff --git a/main.go b/main.go index 3b5ccba..b717b7d 100644 --- a/main.go +++ b/main.go @@ -12,9 +12,7 @@ import ( "bloat/config" "bloat/renderer" - "bloat/repo" "bloat/service" - "bloat/util" ) var ( @@ -48,26 +46,6 @@ func main() { errExit(err) } - err = os.Mkdir(config.DatabasePath, 0755) - if err != nil && !os.IsExist(err) { - errExit(err) - } - - sessionDBPath := filepath.Join(config.DatabasePath, "session") - sessionDB, err := util.NewDatabse(sessionDBPath) - if err != nil { - errExit(err) - } - - appDBPath := filepath.Join(config.DatabasePath, "app") - appDB, err := util.NewDatabse(appDBPath) - if err != nil { - errExit(err) - } - - sessionRepo := repo.NewSessionRepo(sessionDB) - appRepo := repo.NewAppRepo(appDB) - customCSS := config.CustomCSS if len(customCSS) > 0 && !strings.HasPrefix(customCSS, "http://") && !strings.HasPrefix(customCSS, "https://") { @@ -89,7 +67,7 @@ func main() { s := service.NewService(config.ClientName, config.ClientScope, config.ClientWebsite, customCSS, config.SingleInstance, - config.PostFormats, renderer, sessionRepo, appRepo) + config.PostFormats, renderer) handler := service.NewHandler(s, logger, config.StaticDirectory) logger.Println("listening on", config.ListenAddress) -- cgit v1.2.3