From 65627a86621861ab8f6b3ef629ec18cb4a28a4c0 Mon Sep 17 00:00:00 2001
From: ZhenYi <434836402@qq.com>
Date: Mon, 27 Apr 2026 16:40:20 +0800
Subject: [PATCH] fix(app): fix session key to use SHA-512 (64 bytes)

cookie::Key requires exactly 64 bytes, SHA-256 only produces 32 bytes
Change to SHA-512 and slice to 64 bytes for correct key length
---
 apps/app/Cargo.toml  | 1 +
 apps/app/src/main.rs | 7 ++++---
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/apps/app/Cargo.toml b/apps/app/Cargo.toml
index ad3a1bc..580f0bf 100644
--- a/apps/app/Cargo.toml
+++ b/apps/app/Cargo.toml
@@ -18,6 +18,7 @@ uuid = { workspace = true }
 service = { workspace = true }
 observability = { workspace = true }
 room = { workspace = true }
+sha2 = { workspace = true }
 api = { workspace = true }
 session = { workspace = true }
 config = { workspace = true }
diff --git a/apps/app/src/main.rs b/apps/app/src/main.rs
index 0608d58..3c27a56 100644
--- a/apps/app/src/main.rs
+++ b/apps/app/src/main.rs
@@ -114,11 +114,12 @@ fn build_session_key(cfg: &AppConfig) -> anyhow::Result<Key> {
             );
             return Ok(Key::generate());
         }
-        use sha2::{Digest, Sha256};
-        let mut hasher = Sha256::new();
+        use sha2::{Digest, Sha512};
+        let mut hasher = Sha512::new();
         hasher.update(secret.as_bytes());
         let hash = hasher.finalize();
-        return Ok(Key::from(hash.as_slice()));
+        // cookie::Key requires exactly 64 bytes; SHA-512 produces 64 bytes
+        return Ok(Key::from(&hash[..64]));
     }
     Ok(Key::generate())
 }