From c9edd1a0183ef583d0eed9f4a9a0cdcc30833f38 Mon Sep 17 00:00:00 2001
From: Brad Rydzewski <brad.rydzewski@gmail.com>
Date: Wed, 8 Apr 2015 16:36:56 -0700
Subject: [PATCH] source session secret from config file

---
 server/session/session.go | 6 +++++-
 settings/settings.go      | 2 +-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/server/session/session.go b/server/session/session.go
index 88a5164b..2e8afa3f 100644
--- a/server/session/session.go
+++ b/server/session/session.go
@@ -23,8 +23,12 @@ type session struct {
 }
 
 func New(s *settings.Session) Session {
-	secret := securecookie.GenerateRandomKey(32)
+	// TODO (bradrydzewski) hook up the Session.Expires
+	secret := s.Secret
 	expire := time.Hour * 72
+	if len(secret) == 0 {
+		securecookie.GenerateRandomKey(32)
+	}
 	return &session{
 		secret: secret,
 		expire: expire,
diff --git a/settings/settings.go b/settings/settings.go
index 376d51d7..c19aadfe 100644
--- a/settings/settings.go
+++ b/settings/settings.go
@@ -73,7 +73,7 @@ type Server struct {
 // used to generate, validate and expire authentication
 // sessions.
 type Session struct {
-	Secret  string `toml:"secret"`
+	Secret  []byte `toml:"secret"`
 	Expires int64  `toml:"expires"`
 }