refactor(auth): replace JWT authentication with server-side sessions

Migrate from stateless JWT tokens to server-side session management backed by PostgreSQL. Sessions are hashed with SHA-256 before storage, cleaned up periodically, and invalidated on logout. This removes the need for JWT_SECRET/COOKIE_SECRET environment variables and the golang-jwt dependency. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
author: nsfisis <nsfisis@gmail.com> 2026-02-15 11:12:50 +0900
committer: nsfisis <nsfisis@gmail.com> 2026-02-15 11:14:28 +0900
commit: 96fad1a4e78c7209e5a0f3496e8b59d591fbe500 (patch)
tree: 8e43fb3918cd7401fe68cac933fe943c794b7634 /.env.example
parent: 2f1a8a1c599300d0964d7fbbfd824e2d74f0bf4a (diff)
download: phperkaigi-2026-albatross-96fad1a4e78c7209e5a0f3496e8b59d591fbe500.tar.gz
phperkaigi-2026-albatross-96fad1a4e78c7209e5a0f3496e8b59d591fbe500.tar.zst
phperkaigi-2026-albatross-96fad1a4e78c7209e5a0f3496e8b59d591fbe500.zip
1 files changed, 0 insertions, 2 deletions
diff --git a/.env.example b/.env.example
index 216818e..6f176d9 100644
--- a/.env.example
+++ b/.env.example
@@ -1,3 +1 @@
 ALBATROSS_BASE_PATH=/iosdc-japan/2025/code-battle/
-ALBATROSS_JWT_SECRET=[your_secret_key]
-ALBATROSS_COOKIE_SECRET=[your_secret_key]
author	nsfisis <nsfisis@gmail.com>	2026-02-15 11:12:50 +0900
committer	nsfisis <nsfisis@gmail.com>	2026-02-15 11:14:28 +0900
commit	96fad1a4e78c7209e5a0f3496e8b59d591fbe500 (patch)
tree	8e43fb3918cd7401fe68cac933fe943c794b7634 /.env.example
parent	2f1a8a1c599300d0964d7fbbfd824e2d74f0bf4a (diff)
download	phperkaigi-2026-albatross-96fad1a4e78c7209e5a0f3496e8b59d591fbe500.tar.gz phperkaigi-2026-albatross-96fad1a4e78c7209e5a0f3496e8b59d591fbe500.tar.zst phperkaigi-2026-albatross-96fad1a4e78c7209e5a0f3496e8b59d591fbe500.zip