helios/rooms
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Rename env vars to CLIENT_ID/CLIENT_SECRET and require at startup

Browse Source
This commit is contained in:
Ian Gulliver
2026-02-14 21:29:10 -08:00
parent 23083bf5a8
commit 9c0b78e78e
2 changed files with 8 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
main.go
View File

@@ -26,12 +26,13 @@ var schema string
var templates *template.Template
func main() {
dsn := os.Getenv("PGCONN")
if dsn == "" {
log.Fatal("PGCONN environment variable is required")
for _, key := range []string{"PGCONN", "CLIENT_ID", "CLIENT_SECRET"} {
if os.Getenv(key) == "" {
log.Fatalf("%s environment variable is required", key)
}
}
db, err := sql.Open("postgres", dsn)
db, err := sql.Open("postgres", os.Getenv("PGCONN"))
if err != nil {
log.Fatalf("failed to open database: %v", err)
}
@@ -114,7 +115,7 @@ func handleGoogleCallback(w http.ResponseWriter, r *http.Request) {
return
}
payload, err := idtoken.Validate(context.Background(), credential, os.Getenv("GOOGLE_CLIENT_ID"))
payload, err := idtoken.Validate(context.Background(), credential, os.Getenv("CLIENT_ID"))
if err != nil {
log.Println("failed to validate token:", err)
http.Error(w, "invalid token", http.StatusUnauthorized)
@@ -135,7 +136,7 @@ func handleGoogleCallback(w http.ResponseWriter, r *http.Request) {
}
func signEmail(email string) string {
h := hmac.New(sha256.New, []byte(os.Getenv("TOKEN_SECRET")))
h := hmac.New(sha256.New, []byte(os.Getenv("CLIENT_SECRET")))
h.Write([]byte(email))
sig := base64.RawURLEncoding.EncodeToString(h.Sum(nil))
return base64.RawURLEncoding.EncodeToString([]byte(email)) + "." + sig