feat: read HMAC_SESSION_SECRET env variable

author: mo khan <mo@mokhan.ca> 2025-05-09 12:25:02 -0600
committer: mo khan <mo@mokhan.ca> 2025-05-11 21:21:38 -0600
commit: 9feb9387bda8e4227a3f7d5d7b2c6c8cf4a15d92 (patch)
tree: c5d6c130652d807c3ae976361f29a6a03e1e84d3 /pkg/web/cookie.go
parent: cb3f6782aa8b627eab37e10cc2a234ce44c6ebb0 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/pkg/web/cookie.go b/pkg/web/cookie.go
index 0c39735..7a2426f 100644
--- a/pkg/web/cookie.go
+++ b/pkg/web/cookie.go
@@ -9,11 +9,13 @@ import (
 
 	"github.com/xlgmokha/x/pkg/cookie"
 	"github.com/xlgmokha/x/pkg/crypt"
+	"github.com/xlgmokha/x/pkg/env"
 	"github.com/xlgmokha/x/pkg/pls"
 	"github.com/xlgmokha/x/pkg/x"
 )
 
-var key []byte = x.Must(pls.GenerateRandomBytes(32)) // TODO:: https://gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/-/issues/2
+// TODO:: https://gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/-/issues/2
+var key []byte = []byte(env.Fetch("HMAC_SESSION_SECRET", string(x.Must(pls.GenerateRandomBytes(32)))))
 var Signer *crypt.HMACSigner = x.New[*crypt.HMACSigner](crypt.WithKey(key), crypt.WithAlgorithm(sha256.New))
 var delimiter string = "--"
author	mo khan <mo@mokhan.ca>	2025-05-09 12:25:02 -0600
committer	mo khan <mo@mokhan.ca>	2025-05-11 21:21:38 -0600
commit	9feb9387bda8e4227a3f7d5d7b2c6c8cf4a15d92 (patch)
tree	c5d6c130652d807c3ae976361f29a6a03e1e84d3 /pkg/web/cookie.go
parent	cb3f6782aa8b627eab37e10cc2a234ce44c6ebb0 (diff)