autogenerate token.

internal/api/members/controler.go

@@ -65,7 +65,10 @@ func (h *MembersHandler) membersCreate(w http.ResponseWriter, r *http.Request) {
 		}
 	}
 
-	session, err := h.sessions.Create(data.ID, *data.MemberProfile)
+	// TODO: Refactor.
+	// data.ID
+
+	session, err := h.sessions.Create(*data.MemberProfile)
 	if err != nil {
 		utils.HttpInternalServerError(w, err)
 		return

internal/api/session.go

@@ -30,10 +30,8 @@ func (api *ApiManagerCtx) Login(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	token := data.Secret
-
 	// TODO: Proper login.
-	session, err := api.sessions.Create(token, types.MemberProfile{
+	session, err := api.sessions.Create(types.MemberProfile{
 		Name:               data.ID,
 		IsAdmin:            true,
 		CanLogin:           true,
@@ -55,7 +53,7 @@ func (api *ApiManagerCtx) Login(w http.ResponseWriter, r *http.Request) {
 
 	http.SetCookie(w, &http.Cookie{
 		Name:     "NEKO_SESSION",
-		Value:    token,
+		Value:    session.ID(),
 		Expires:  CookieExpirationDate,
 		Secure:   !UnsecureCookies,
 		SameSite: sameSite,

internal/session/manager.go

@@ -35,9 +35,13 @@ type SessionManagerCtx struct {
 	emmiter    events.EventEmmiter
 }
 
-func (manager *SessionManagerCtx) Create(id string, profile types.MemberProfile) (types.Session, error) {
+func (manager *SessionManagerCtx) Create(profile types.MemberProfile) (types.Session, error) {
-	manager.sessionsMu.Lock()
+	id, err := utils.NewUID(32)
+	if err != nil {
+		return nil, err
+	}
 
+	manager.sessionsMu.Lock()
 	_, ok := manager.sessions[id]
 	if ok {
 		manager.sessionsMu.Unlock()

internal/types/session.go

@@ -59,7 +59,7 @@ type Session interface {
 }
 
 type SessionManager interface {
-	Create(id string, profile MemberProfile) (Session, error)
+	Create(profile MemberProfile) (Session, error)
 	Update(id string, profile MemberProfile) error
 	Get(id string) (Session, bool)
 	Delete(id string) error