fix: cookie in appsnewhandler

alby.go

@@ -149,14 +149,15 @@ func (svc *AlbyOAuthService) SendPaymentSync(ctx context.Context, senderPubkey,
 
 func (svc *AlbyOAuthService) AuthHandler(c echo.Context) error {
 	// clear current session
-	sess, _ := session.Get("nwc_session", c)
-	sess.Values["user_id"] = ""
-	delete(sess.Values, "user_id")
-	sess.Options.MaxAge = -1
-	if svc.cfg.CookieDomain != "" {
-		sess.Options.Domain = svc.cfg.CookieDomain
+	sess, _ := session.Get("alby_nwc_session", c)
+	if (sess.Values["user_id"] != nil) {
+		delete(sess.Values, "return_to")
+		sess.Options.MaxAge = 0
+		if svc.cfg.CookieDomain != "" {
+			sess.Options.Domain = svc.cfg.CookieDomain
+		}
+		sess.Save(c.Request(), c.Response())
 	}
-	sess.Save(c.Request(), c.Response())
 
 	url := svc.oauthConf.AuthCodeURL("")
 	return c.Redirect(302, url)
@@ -200,7 +201,7 @@ func (svc *AlbyOAuthService) CallbackHandler(c echo.Context) error {
 	user.LightningAddress = me.LightningAddress
 	svc.db.Save(&user)
 
-	sess, _ := session.Get("nwc_session", c)
+	sess, _ := session.Get("alby_nwc_session", c)
 	sess.Options.MaxAge = 0
 	if svc.cfg.CookieDomain != "" {
 		sess.Options.Domain = svc.cfg.CookieDomain

echo_handlers.go

@@ -81,14 +81,18 @@ func (svc *Service) RegisterSharedRoutes(e *echo.Echo) {
 }
 
 func (svc *Service) IndexHandler(c echo.Context) error {
-	sess, _ := session.Get("nwc_session", c)
+	sess, _ := session.Get("alby_nwc_session", c)
 	returnTo := sess.Values["return_to"]
 	user, err := svc.GetUser(c)
 	if err != nil {
 		return err
 	}
 	if user != nil && returnTo != nil {
 		delete(sess.Values, "return_to")
+		sess.Options.MaxAge = 0
+		if svc.cfg.CookieDomain != "" {
+			sess.Options.Domain = svc.cfg.CookieDomain
+		}
 		sess.Save(c.Request(), c.Response())
 		return c.Redirect(302, fmt.Sprintf("%s", returnTo))
 	}
@@ -219,8 +223,12 @@ func (svc *Service) AppsNewHandler(c echo.Context) error {
 		return err
 	}
 	if user == nil {
-		sess, _ := session.Get("nwc_session", c)
+		sess, _ := session.Get("alby_nwc_session", c)
 		sess.Values["return_to"] = c.Path() + "?" + c.QueryString()
+		sess.Options.MaxAge = 0
+		if svc.cfg.CookieDomain != "" {
+			sess.Options.Domain = svc.cfg.CookieDomain
+		}
 		sess.Save(c.Request(), c.Response())
 		return c.Redirect(302, fmt.Sprintf("/%s/auth", strings.ToLower(svc.cfg.LNBackendType)))
 	}
@@ -346,7 +354,7 @@ func (svc *Service) AppsDeleteHandler(c echo.Context) error {
 }
 
 func (svc *Service) LogoutHandler(c echo.Context) error {
-	sess, _ := session.Get("nwc_session", c)
+	sess, _ := session.Get("alby_nwc_session", c)
 	sess.Options.MaxAge = -1
 	if svc.cfg.CookieDomain != "" {
 		sess.Options.Domain = svc.cfg.CookieDomain

lnd.go

@@ -32,7 +32,7 @@ func (svc *LNDService) AuthHandler(c echo.Context) error {
 		return err
 	}
 
-	sess, _ := session.Get("nwc_session", c)
+	sess, _ := session.Get("alby_nwc_session", c)
 	sess.Values["user_id"] = user.ID
 	sess.Save(c.Request(), c.Response())
 	return c.Redirect(302, "/")

service.go

@@ -25,7 +25,7 @@ type Service struct {
 }
 
 func (svc *Service) GetUser(c echo.Context) (user *User, err error) {
-	sess, _ := session.Get("nwc_session", c)
+	sess, _ := session.Get("alby_nwc_session", c)
 	userID := sess.Values["user_id"]
 	if svc.cfg.LNBackendType == LNDBackendType {
 		//if we self-host, there is always only one user