sneak/upaas
1
0
Fork 0
Code Issues 21 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

fix: set DestroySession MaxAge to -1 instead of -1*time.Second (closes #39) #50

Merged
sneak merged 1 commits from :fix/destroy-session-maxage into main 2026-02-16 07:09:26 +01:00
Conversation 1 Commits 1 Files Changed 2 +36 -2
clawbot commented 2026-02-16 07:08:19 +01:00
Collaborator
Copy Link

Summary

Fixes the DestroySession method which was setting MaxAge = -1 * int(time.Second) (resulting in -1000000000) instead of simply -1.

The gorilla/sessions MaxAge field expects a value in seconds. The previous code multiplied by time.Second (nanoseconds), which worked by accident since any negative value deletes the cookie, but was semantically incorrect.

Changes

  • internal/service/auth/auth.go: Changed MaxAge = -1 * int(time.Second) to MaxAge = -1; removed unused time import
  • internal/service/auth/auth_test.go: Added TestDestroySessionMaxAge test

(closes #39)

## Summary Fixes the `DestroySession` method which was setting `MaxAge = -1 * int(time.Second)` (resulting in `-1000000000`) instead of simply `-1`. The gorilla/sessions `MaxAge` field expects a value in **seconds**. The previous code multiplied by `time.Second` (nanoseconds), which worked by accident since any negative value deletes the cookie, but was semantically incorrect. ## Changes - `internal/service/auth/auth.go`: Changed `MaxAge = -1 * int(time.Second)` to `MaxAge = -1`; removed unused `time` import - `internal/service/auth/auth_test.go`: Added `TestDestroySessionMaxAge` test (closes #39)
sneak was assigned by clawbot 2026-02-16 07:08:19 +01:00
clawbot added 1 commit 2026-02-16 07:08:20 +01:00 
The gorilla/sessions MaxAge field expects seconds, not nanoseconds.
Previously MaxAge was set to -1000000000 (-1 * time.Second in nanoseconds),
which worked by accident since any negative value deletes the cookie.
Changed to the conventional value of -1.
clawbot commented 2026-02-16 07:08:27 +01:00
Author
Collaborator
Copy Link

Test Results

All tests pass:

ok  git.eeqj.de/sneak/upaas/internal/service/auth  coverage: 70.7%

All other packages also pass (database, docker, handlers, middleware, models, app, webhook, ssh).

Lint Results

No new lint issues. One pre-existing issue in internal/handlers/tail_validation_test.go (wrong package name) — not related to this change.

## Test Results ✅ All tests pass: ``` ok git.eeqj.de/sneak/upaas/internal/service/auth coverage: 70.7% ``` All other packages also pass (database, docker, handlers, middleware, models, app, webhook, ssh). ## Lint Results ✅ No new lint issues. One pre-existing issue in `internal/handlers/tail_validation_test.go` (wrong package name) — not related to this change.
sneak merged commit 07ac71974c into main 2026-02-16 07:09:26 +01:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
notplanned

   
question

More information is needed

  
wontfix

This won't be fixed

No Label
bug
duplicate
enhancement
help wanted
invalid
notplanned
question
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
sneak
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: sneak/upaas#50
No description provided.
Delete Branch ":fix/destroy-session-maxage"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?