feat: solve session collision bug with new API design#96
Merged
Conversation
- Replace NewCookieSession/NewBearerToken with NewSession requiring unique sessionID - Add NewHeadlessSession for stateless JWT tokens - Introduce ToCookie/ToAuth for HTTP transport layer separation - Replace LoadCookie/LoadBearer/LoadHeadless with FromCookie/FromAuth - Fix LogoutCookie to use Decommission(token) instead of Revoke(key) - Fix LogoutAuth to handle both bearer and headless tokens properly - Update all tests to use new API and verify session isolation This design prevents session collisions by requiring users to provide unique session IDs, and separates session logic from HTTP transport. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Replace LoadBearer/LoadCookie/LoadHeadless calls with FromAuth/FromCookie - Maintains backward compatibility for existing API middleware 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Replace interface{} with any type alias for Go 1.18+ compatibility
- Standardize error message capitalization
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Emphasize creating logical commit history over just saving work - Add requirement to analyze changes with git status/diff first - Clarify that unrelated changes should never be batched together - Add explicit guidance for documentation and maintenance commits 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Fix phrasing to emphasize logical organization over preservation - Strengthen requirement to always analyze changes first - Add explicit separation of documentation and maintenance commits 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This design prevents session collisions by requiring users to provide unique session IDs, and separates session logic from HTTP transport.
🤖 Generated with Claude Code