ryan/games
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 9 Wiki Activity

fix: convert auth flows from SSE to standard HTTP to fix session cookies
Some checks failed
CI / Deploy / test (pull_request) Successful in 33s
Details
CI / Deploy / lint (pull_request) Failing after 38s
Details
CI / Deploy / deploy (pull_request) Has been skipped
Details

Browse Source 
Datastar's NewSSE() flushes HTTP headers before SCS's session middleware
can attach the Set-Cookie header, so the session cookie never reaches the
browser after login/register/logout.

Convert login, register, and logout to standard HTML forms with HTTP
redirects, which lets SCS write cookies normally. Also fix return_url
capture on the login page (was never being stored in the session).

Add handler tests covering login, register, and logout flows.
This commit is contained in:
Ryan Hamamura
2026-03-11 10:10:28 -10:00
parent 8573e87bf6
commit 72d31fd143
7 changed files with 424 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
features/auth/routes.go
View File

@@ -9,7 +9,7 @@ import (
)
func SetupRoutes(router chi.Router, queries *repository.Queries, sessions *scs.SessionManager) {
router.Get("/login", HandleLoginPage())
router.Get("/login", HandleLoginPage(sessions))
router.Get("/register", HandleRegisterPage())
router.Post("/auth/login", HandleLogin(queries, sessions))
router.Post("/auth/register", HandleRegister(queries, sessions))