From 524606c4ae782d5c315b93f8094564fe19cf1647 Mon Sep 17 00:00:00 2001
From: "Laisky.Cai" <github@laisky.com>
Date: Fri, 20 Dec 2024 05:56:35 +0000
Subject: [PATCH] fix: improve session handling for non-base64 encoded session
 secrets

---
 main.go | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/main.go b/main.go
index c40afb01..97d712b8 100644
--- a/main.go
+++ b/main.go
@@ -104,12 +104,13 @@ func main() {
 	sessionSecret, err := base64.StdEncoding.DecodeString(config.SessionSecret)
 	if err != nil {
 		logger.SysLog("session secret is not base64 encoded, using raw value instead")
-		sessionSecret = []byte(config.SessionSecret)
+		store := cookie.NewStore([]byte(config.SessionSecret))
+		server.Use(sessions.Sessions("session", store))
+	} else {
+		store := cookie.NewStore(sessionSecret, sessionSecret)
+		server.Use(sessions.Sessions("session", store))
 	}
 
-	store := cookie.NewStore(sessionSecret, sessionSecret)
-	server.Use(sessions.Sessions("session", store))
-
 	router.SetRouter(server, buildFS)
 	var port = os.Getenv("PORT")
 	if port == "" {