From 4e4bdf5bcd970b6ef2067d5dd5f67c202c855090 Mon Sep 17 00:00:00 2001
From: Florian Hoss <mail@florianhoss.de>
Date: Thu, 4 Apr 2024 09:25:59 +0200
Subject: [PATCH] Remove soo many dependencies

---
 components/user.templ       |  17 +++--
 go.mod                      |  27 +++-----
 go.sum                      | 105 +++++------------------------
 handlers/app.handlers.go    |  23 ++++++-
 handlers/auth.handlers.go   | 128 ++++++++++++++++++++++++++++--------
 handlers/routes.go          |  14 ++--
 handlers/session.go         |  25 +++++++
 internal/env/env.go         |  44 +++++--------
 main.go                     |  15 ++++-
 services/system.services.go |  12 +++-
 views/home/home.templ       |  14 ++--
 11 files changed, 230 insertions(+), 194 deletions(-)
 create mode 100644 handlers/session.go

diff --git a/components/user.templ b/components/user.templ
index c397fb2..3b2c9cb 100644
--- a/components/user.templ
+++ b/components/user.templ
@@ -6,8 +6,7 @@ import (
 	"strings"
 	"html/template"
 
-	"github.com/zitadel/oidc/v3/pkg/oidc"
-	openid "github.com/zitadel/zitadel-go/v3/pkg/authentication/oidc"
+	"github.com/logto-io/go/core"
 )
 
 var GravatarTemplate = template.Must(template.New("gravatar").Parse("<div class=\"avatar rounded w-10 h-10 bg-contain bg-center bg-origin-content bg-no-repeat opacity-90\" style=\"background-image: url({{ . }})\"></div>"))
@@ -19,7 +18,7 @@ func GetGravatarURL(email string, size uint) string {
 	return string(templ.URL(gravatarURL))
 }
 
-templ User(authCtx *openid.UserInfoContext[*oidc.IDTokenClaims, *oidc.UserInfo]) {
+templ User(claims *core.IdTokenClaims) {
 	<div
 		x-data="{
             open: false,
@@ -36,10 +35,10 @@ templ User(authCtx *openid.UserInfoContext[*oidc.IDTokenClaims, *oidc.UserInfo])
 	>
 		<div x-on:click="toggle()" class="flex items-center gap-2 hover:cursor-pointer opacity-80 hover:opacity-100 transition-opacity">
 			<div class="hidden md:flex flex-col items-end">
-				<div class="text-secondary text-sm font-bold whitespace-nowrap">{ authCtx.UserInfo.Name }</div>
-				<div class="text-gray-500 text-xs whitespace-nowrap">{ authCtx.UserInfo.Email }</div>
+				<div class="text-secondary text-sm font-bold whitespace-nowrap">{ claims.Name }</div>
+				<div class="text-gray-500 text-xs whitespace-nowrap">{ claims.Email }</div>
 			</div>
-			@templ.FromGoHTML(GravatarTemplate, GetGravatarURL(authCtx.UserInfo.Email, 100))
+			@templ.FromGoHTML(GravatarTemplate, GetGravatarURL(claims.Email, 100))
 		</div>
 		<ul
 			x-show="open"
@@ -48,10 +47,10 @@ templ User(authCtx *openid.UserInfoContext[*oidc.IDTokenClaims, *oidc.UserInfo])
 			style="display: none;"
 			class="z-50 absolute right-0 mt-2 menu bg-base-200 rounded-box"
 		>
-			<li class="md:hidden menu-title whitespace-nowrap">{ authCtx.UserInfo.Name }</li>
-			<li class="md:hidden menu-title whitespace-nowrap">{ authCtx.UserInfo.Email }</li>
+			<li class="md:hidden menu-title whitespace-nowrap">{ claims.Name }</li>
+			<li class="md:hidden menu-title whitespace-nowrap">{ claims.Email }</li>
 			<li>
-				<a href="/auth/logout"><span class="icon-[bi--box-arrow-left]"></span> Logout</a>
+				<a href="/sign-out"><span class="icon-[bi--box-arrow-left]"></span> Logout</a>
 			</li>
 		</ul>
 	</div>
diff --git a/go.mod b/go.mod
index 2387432..8283b06 100644
--- a/go.mod
+++ b/go.mod
@@ -1,46 +1,35 @@
 module gitlab.unjx.de/flohoss/godash
 
-go 1.22.0
+go 1.22
 
 require (
-	github.com/a-h/templ v0.2.639
+	github.com/a-h/templ v0.2.648
+	github.com/alexedwards/scs/v2 v2.8.0
 	github.com/caarlos0/env/v10 v10.0.0
-	github.com/dariubs/percent v1.0.0
 	github.com/go-playground/validator/v10 v10.19.0
+	github.com/logto-io/go v1.0.4
 	github.com/r3labs/sse/v2 v2.10.0
 	github.com/shirou/gopsutil v3.21.11+incompatible
-	github.com/zitadel/oidc/v3 v3.5.1
-	github.com/zitadel/zitadel-go/v3 v3.0.0-next.2
 	gopkg.in/yaml.v3 v3.0.1
 )
 
 require (
 	github.com/gabriel-vasile/mimetype v1.4.3 // indirect
-	github.com/go-jose/go-jose/v3 v3.0.1 // indirect
 	github.com/go-ole/go-ole v1.3.0 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
-	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/google/uuid v1.6.0 // indirect
-	github.com/gorilla/securecookie v1.1.2 // indirect
 	github.com/kr/pretty v0.3.1 // indirect
 	github.com/leodido/go-urn v1.4.0 // indirect
-	github.com/muhlemmer/gu v0.3.1 // indirect
 	github.com/rogpeppe/go-internal v1.12.0 // indirect
-	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/tklauser/go-sysconf v0.3.13 // indirect
 	github.com/tklauser/numcpus v0.7.0 // indirect
 	github.com/yusufpapurcu/wmi v1.2.4 // indirect
-	github.com/zitadel/logging v0.5.0 // indirect
-	github.com/zitadel/schema v1.3.0 // indirect
 	golang.org/x/crypto v0.21.0 // indirect
-	golang.org/x/exp v0.0.0-20240318143956-a85f2c67cd81 // indirect
-	golang.org/x/net v0.22.0 // indirect
-	golang.org/x/oauth2 v0.15.0 // indirect
+	golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8 // indirect
+	golang.org/x/net v0.23.0 // indirect
 	golang.org/x/sys v0.18.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
-	google.golang.org/appengine v1.6.8 // indirect
-	google.golang.org/protobuf v1.31.0 // indirect
 	gopkg.in/cenkalti/backoff.v1 v1.1.0 // indirect
-	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
+	gopkg.in/square/go-jose.v2 v2.6.0 // indirect
 )
diff --git a/go.sum b/go.sum
index 6686bc8..2af5c5d 100644
--- a/go.sum
+++ b/go.sum
@@ -1,23 +1,17 @@
-github.com/a-h/templ v0.2.639 h1:iNyjh6gllEshVDcj3taqtz7dltPKBtncvP+M8HNGdGQ=
-github.com/a-h/templ v0.2.639/go.mod h1:SA7mtYwVEajbIXFRh3vKdYm/4FYyLQAtPH1+KxzGPA8=
+github.com/a-h/templ v0.2.648 h1:A1ggHGIE7AONOHrFaDTM8SrqgqHL6fWgWCijQ21Zy9I=
+github.com/a-h/templ v0.2.648/go.mod h1:SA7mtYwVEajbIXFRh3vKdYm/4FYyLQAtPH1+KxzGPA8=
+github.com/agiledragon/gomonkey/v2 v2.10.1 h1:FPJJNykD1957cZlGhr9X0zjr291/lbazoZ/dmc4mS4c=
+github.com/agiledragon/gomonkey/v2 v2.10.1/go.mod h1:ap1AmDzcVOAz1YpeJ3TCzIgstoaWLA6jbbgxfB4w2iY=
+github.com/alexedwards/scs/v2 v2.8.0 h1:h31yUYoycPuL0zt14c0gd+oqxfRwIj6SOjHdKRZxhEw=
+github.com/alexedwards/scs/v2 v2.8.0/go.mod h1:ToaROZxyKukJKT/xLcVQAChi5k6+Pn1Gvmdl7h3RRj8=
 github.com/caarlos0/env/v10 v10.0.0 h1:yIHUBZGsyqCnpTkbjk8asUlx6RFhhEs+h7TOBdgdzXA=
 github.com/caarlos0/env/v10 v10.0.0/go.mod h1:ZfulV76NvVPw3tm591U4SwL3Xx9ldzBP9aGxzeN7G18=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
-github.com/dariubs/percent v1.0.0 h1:fY8q40FRYaCiFZ0gTOa73Cmp21hS32w+tSSmqbGnUzc=
-github.com/dariubs/percent v1.0.0/go.mod h1:NDZpkezJ8QqyIW/510MywB5T2KdC8v/0oTlEoPcMsRM=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/gabriel-vasile/mimetype v1.4.3 h1:in2uUcidCuFcDKtdcBxlR0rJ1+fsokWf+uqxgUFjbI0=
 github.com/gabriel-vasile/mimetype v1.4.3/go.mod h1:d8uq/6HKRL6CGdk+aubisF/M5GcPfT7nKyLpA0lbSSk=
-github.com/go-chi/chi/v5 v5.0.10 h1:rLz5avzKpjqxrYwXNfmjkrYYXOyLJd37pz53UFHC6vk=
-github.com/go-chi/chi/v5 v5.0.10/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
-github.com/go-jose/go-jose/v3 v3.0.1 h1:pWmKFVtt+Jl0vBZTIpz/eAKwsm6LkIxDVVbFHKkchhA=
-github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8=
-github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY=
-github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
-github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
-github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
 github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
 github.com/go-ole/go-ole v1.3.0 h1:Dt6ye7+vXGIKZ7Xtk4s6/xVdGDQynvom7xCFEdWr6uE=
 github.com/go-ole/go-ole v1.3.0/go.mod h1:5LS6F96DhAwUc7C+1HLexzMXY1xGRSryjyPPKW6zv78=
@@ -29,32 +23,18 @@ github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJn
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
 github.com/go-playground/validator/v10 v10.19.0 h1:ol+5Fu+cSq9JD7SoSqe04GMI92cbn0+wvQ3bZ8b/AU4=
 github.com/go-playground/validator/v10 v10.19.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM=
-github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
-github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
-github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
-github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
-github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
-github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
-github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
-github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
-github.com/jeremija/gosubmit v0.2.7 h1:At0OhGCFGPXyjPYAsCchoBUhE099pcBXmsb4iZqROIc=
-github.com/jeremija/gosubmit v0.2.7/go.mod h1:Ui+HS073lCFREXBbdfrJzMB57OI/bdxTiLtrDHHhFPI=
+github.com/jarcoal/httpmock v1.3.1 h1:iUx3whfZWVf3jT01hQTO/Eo5sAYtB2/rqaUuOtpInww=
+github.com/jarcoal/httpmock v1.3.1/go.mod h1:3yb8rc4BI7TCBhFY8ng0gjuLKJNquuDNiPaZjnENuYg=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
 github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
-github.com/muhlemmer/gu v0.3.1 h1:7EAqmFrW7n3hETvuAdmFmn4hS8W+z3LgKtrnow+YzNM=
-github.com/muhlemmer/gu v0.3.1/go.mod h1:YHtHR+gxM+bKEIIs7Hmi9sPT3ZDUvTN/i88wQpZkrdM=
-github.com/muhlemmer/httpforwarded v0.1.0 h1:x4DLrzXdliq8mprgUMR0olDvHGkou5BJsK/vWUetyzY=
-github.com/muhlemmer/httpforwarded v0.1.0/go.mod h1:yo9czKedo2pdZhoXe+yDkGVbU0TJ0q9oQ90BVoDEtw0=
+github.com/logto-io/go v1.0.4 h1:yErBaDjjBVYhSV+i+4dbL4aHnKJJdpixdc1FyUXCK08=
+github.com/logto-io/go v1.0.4/go.mod h1:boXm1vNHQ4ugp3LautprjGYLJ+7XybKiJrTPD0Ob1AM=
 github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
@@ -63,14 +43,9 @@ github.com/r3labs/sse/v2 v2.10.0/go.mod h1:Igau6Whc+F17QUgML1fYe1VPZzTV6EMCnYktE
 github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
 github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
 github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
-github.com/rs/cors v1.10.1 h1:L0uuZVXIKlI1SShY2nhFfo44TYvDPQ1w4oFkUJNfhyo=
-github.com/rs/cors v1.10.1/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU=
 github.com/shirou/gopsutil v3.21.11+incompatible h1:+1+c1VGhc88SSonWP6foOcLhvnKlUeu/erjjvaPEYiI=
 github.com/shirou/gopsutil v3.21.11+incompatible/go.mod h1:5b4v6he4MtMOwMlS0TUMTu2PcXUg8+E1lC7eC3UO/RA=
-github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
-github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
 github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
@@ -78,79 +53,31 @@ github.com/tklauser/go-sysconf v0.3.13 h1:GBUpcahXSpR2xN01jhkNAbTLRk2Yzgggk8IM08
 github.com/tklauser/go-sysconf v0.3.13/go.mod h1:zwleP4Q4OehZHGn4CYZDipCgg9usW5IJePewFCGVEa0=
 github.com/tklauser/numcpus v0.7.0 h1:yjuerZP127QG9m5Zh/mSO4wqurYil27tHrqwRoRjpr4=
 github.com/tklauser/numcpus v0.7.0/go.mod h1:bb6dMVcj8A42tSE7i32fsIUCbQNllK5iDguyOZRUzAY=
-github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0=
 github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
-github.com/zitadel/logging v0.5.0 h1:Kunouvqse/efXy4UDvFw5s3vP+Z4AlHo3y8wF7stXHA=
-github.com/zitadel/logging v0.5.0/go.mod h1:IzP5fzwFhzzyxHkSmfF8dsyqFsQRJLLcQmwhIBzlGsE=
-github.com/zitadel/oidc/v3 v3.5.1 h1:7gyrxRNqX5eZYai2KhzPj8MhBZ7I3YpviQeX1Lp4j4U=
-github.com/zitadel/oidc/v3 v3.5.1/go.mod h1:R8sF5DPR98QQnOoyySsaNqI4NcF/VFMkf/XoYiBUuXQ=
-github.com/zitadel/schema v1.3.0 h1:kQ9W9tvIwZICCKWcMvCEweXET1OcOyGEuFbHs4o5kg0=
-github.com/zitadel/schema v1.3.0/go.mod h1:NptN6mkBDFvERUCvZHlvWmmME+gmZ44xzwRXwhzsbtc=
-github.com/zitadel/zitadel-go/v3 v3.0.0-next.2 h1:w0lnLvijwQwkrUEA74loenNR9udRAaq6rccjlMSA+4U=
-github.com/zitadel/zitadel-go/v3 v3.0.0-next.2/go.mod h1:SY9IZuDw/766mwEobCX7JNwXawIQxVseo679JG1U0c0=
-go.opentelemetry.io/otel v1.21.0 h1:hzLeKBZEL7Okw2mGzZ0cc4k/A7Fta0uoPgaJCr8fsFc=
-go.opentelemetry.io/otel v1.21.0/go.mod h1:QZzNPQPm1zLX4gZK4cMi+71eaorMSGT3A4znnUvNNEo=
-go.opentelemetry.io/otel/metric v1.21.0 h1:tlYWfeo+Bocx5kLEloTjbcDwBuELRrIFxwdQ36PlJu4=
-go.opentelemetry.io/otel/metric v1.21.0/go.mod h1:o1p3CA8nNHW8j5yuQLdc1eeqEaPfzug24uvsyIEJRWM=
-go.opentelemetry.io/otel/trace v1.21.0 h1:WD9i5gzvoUPuXIXH24ZNBudiarZDKuekPqi/E8fpfLc=
-go.opentelemetry.io/otel/trace v1.21.0/go.mod h1:LGbsEB0f9LGjN+OZaQQ26sohbOmiMR+BaslueVtS/qQ=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
 golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
-golang.org/x/exp v0.0.0-20240318143956-a85f2c67cd81 h1:6R2FC06FonbXQ8pK11/PDFY6N6LWlf9KlzibaCapmqc=
-golang.org/x/exp v0.0.0-20240318143956-a85f2c67cd81/go.mod h1:CQ1k9gNrJ50XIzaKCRR2hssIjF07kZFEiieALBM/ARQ=
-golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8 h1:aAcj0Da7eBAtrTp03QXWvm88pSyOt+UgdZw2BFZ+lEw=
+golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8/go.mod h1:CQ1k9gNrJ50XIzaKCRR2hssIjF07kZFEiieALBM/ARQ=
 golang.org/x/net v0.0.0-20191116160921-f9c825593386/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
-golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc=
-golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
-golang.org/x/oauth2 v0.15.0 h1:s8pnnxNVzjWyrvYdFUQq5llS1PX2zhPXmccZv99h7uQ=
-golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM=
-golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs=
+golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
 golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
 golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
-golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
-golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM=
-google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds=
-google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
-google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
-google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
 gopkg.in/cenkalti/backoff.v1 v1.1.0 h1:Arh75ttbsvlpVA7WtVpH4u9h6Zl46xuptxqLxPiSo4Y=
 gopkg.in/cenkalti/backoff.v1 v1.1.0/go.mod h1:J6Vskwqd+OMVJl8C33mmtxTBs2gyzfv7UDAkHu8BrjI=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
-gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
+gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI=
+gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
diff --git a/handlers/app.handlers.go b/handlers/app.handlers.go
index 1dfb23c..3fd6297 100644
--- a/handlers/app.handlers.go
+++ b/handlers/app.handlers.go
@@ -1,8 +1,12 @@
 package handlers
 
 import (
+	"log/slog"
 	"net/http"
 
+	"github.com/logto-io/go/client"
+	"github.com/logto-io/go/core"
+
 	"gitlab.unjx.de/flohoss/godash/internal/env"
 	"gitlab.unjx.de/flohoss/godash/services"
 	"gitlab.unjx.de/flohoss/godash/views/home"
@@ -45,9 +49,24 @@ func (bh *AppHandler) appHandler(w http.ResponseWriter, r *http.Request) {
 	liveSystem := bh.systemService.GetLiveInformation()
 	weather := bh.weatherService.GetCurrentWeather()
 
-	authCtx := bh.authHandler.mw.Context(r.Context())
+	var claims *core.IdTokenClaims
+	if bh.authHandler.sessionManager != nil {
+		logtoClient := client.NewLogtoClient(
+			bh.authHandler.logtoConfig,
+			&SessionStorage{
+				sessionManager: bh.authHandler.sessionManager,
+				write:          w,
+				request:        r,
+			},
+		)
+		c, err := logtoClient.GetIdTokenClaims()
+		if err != nil {
+			slog.Warn("cannot get id token claims", "err", err)
+		}
+		claims = &c
+	}
 
 	titlePage := bh.env.Title
 
-	home.HomeIndex(titlePage, bh.env.Version, home.Home(titlePage, authCtx, bookmarks, staticSystem, liveSystem, weather)).Render(r.Context(), w)
+	home.HomeIndex(titlePage, bh.env.Version, home.Home(titlePage, claims, bookmarks, staticSystem, liveSystem, weather)).Render(r.Context(), w)
 }
diff --git a/handlers/auth.handlers.go b/handlers/auth.handlers.go
index d7ade40..9a1a35e 100644
--- a/handlers/auth.handlers.go
+++ b/handlers/auth.handlers.go
@@ -1,41 +1,111 @@
 package handlers
 
 import (
-	"context"
-	"log/slog"
-	"os"
+	"net/http"
+
+	"github.com/alexedwards/scs/v2"
+	"github.com/logto-io/go/client"
+	"github.com/logto-io/go/core"
 
 	"gitlab.unjx.de/flohoss/godash/internal/env"
-
-	"github.com/zitadel/oidc/v3/pkg/oidc"
-	"github.com/zitadel/zitadel-go/v3/pkg/authentication"
-	openid "github.com/zitadel/zitadel-go/v3/pkg/authentication/oidc"
-	"github.com/zitadel/zitadel-go/v3/pkg/zitadel"
 )
 
-func NewAuthHandler(env *env.Config) *AuthHandler {
-	ah := AuthHandler{
-		redirectUri: env.OIDCRedirectUri,
+func NewAuthHandler(env *env.Config, sessionManager *scs.SessionManager) *AuthHandler {
+	return &AuthHandler{
+		logtoConfig: &client.LogtoConfig{
+			Endpoint:  env.OIDCIssuerUrl,
+			AppId:     env.OIDCClientId,
+			AppSecret: env.OIDCClientSecret,
+			Scopes: []string{
+				core.UserScopeProfile,
+				core.UserScopeEmail,
+				core.UserScopeCustomData,
+				core.UserScopeIdentities,
+				core.UserScopeRoles,
+			},
+		},
+		sessionManager:         sessionManager,
+		redirectUri:            env.OIDCRedirectUri,
+		postSignOutRedirectUri: env.OIDCPostSignOutRedirectUri,
 	}
-
-	if env.OIDCIssuerUrl != "" {
-		ctx := context.Background()
-		var err error
-		ah.oidc, err = authentication.New(ctx, zitadel.New(env.OIDCIssuerUrl), env.OIDCKey,
-			openid.DefaultAuthentication(env.OIDCClientId, env.OIDCRedirectUri, env.OIDCKey),
-		)
-		if err != nil {
-			slog.Error("zitadel sdk could not initialize", "error", err)
-			os.Exit(1)
-		}
-		ah.mw = authentication.Middleware(ah.oidc)
-	}
-
-	return &ah
 }
 
 type AuthHandler struct {
-	oidc        *authentication.Authenticator[*openid.UserInfoContext[*oidc.IDTokenClaims, *oidc.UserInfo]]
-	mw          *authentication.Interceptor[*openid.UserInfoContext[*oidc.IDTokenClaims, *oidc.UserInfo]]
-	redirectUri string
+	logtoConfig            *client.LogtoConfig
+	sessionManager         *scs.SessionManager
+	redirectUri            string
+	postSignOutRedirectUri string
+}
+
+func (ah *AuthHandler) authRequired(handler http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if ah.sessionManager == nil {
+			handler.ServeHTTP(w, r)
+			return
+		}
+		logtoClient := client.NewLogtoClient(
+			ah.logtoConfig,
+			&SessionStorage{
+				sessionManager: ah.sessionManager,
+				write:          w,
+				request:        r,
+			},
+		)
+		if !logtoClient.IsAuthenticated() {
+			http.Redirect(w, r, "/sign-in", http.StatusTemporaryRedirect)
+			return
+		}
+		handler.ServeHTTP(w, r)
+	})
+}
+
+func (ah *AuthHandler) signInHandler(w http.ResponseWriter, r *http.Request) {
+	logtoClient := client.NewLogtoClient(
+		ah.logtoConfig,
+		&SessionStorage{
+			sessionManager: ah.sessionManager,
+			write:          w,
+			request:        r,
+		},
+	)
+	signInUri, err := logtoClient.SignIn(ah.redirectUri)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	http.Redirect(w, r, signInUri, http.StatusTemporaryRedirect)
+}
+
+func (ah *AuthHandler) signInCallbackHandler(w http.ResponseWriter, r *http.Request) {
+	logtoClient := client.NewLogtoClient(
+		ah.logtoConfig,
+		&SessionStorage{
+			sessionManager: ah.sessionManager,
+			write:          w,
+			request:        r,
+		},
+	)
+	err := logtoClient.HandleSignInCallback(r)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	http.Redirect(w, r, "/", http.StatusTemporaryRedirect)
+}
+
+func (ah *AuthHandler) signOutHandler(w http.ResponseWriter, r *http.Request) {
+	logtoClient := client.NewLogtoClient(
+		ah.logtoConfig,
+		&SessionStorage{
+			sessionManager: ah.sessionManager,
+			write:          w,
+			request:        r,
+		},
+	)
+	signOutUri, err := logtoClient.SignOut(ah.postSignOutRedirectUri)
+	if err != nil {
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+		return
+	}
+	http.Redirect(w, r, signOutUri, http.StatusTemporaryRedirect)
 }
diff --git a/handlers/routes.go b/handlers/routes.go
index 4c120a2..706cf26 100644
--- a/handlers/routes.go
+++ b/handlers/routes.go
@@ -7,16 +7,18 @@ import (
 )
 
 func SetupRoutes(router *http.ServeMux, sse *sse.Server, appHandler *AppHandler, authHandler *AuthHandler) {
-	if authHandler.oidc != nil {
-		router.Handle("/auth/", authHandler.oidc)
+	if authHandler.sessionManager != nil {
+		router.HandleFunc("/sign-in", authHandler.signInHandler)
+		router.HandleFunc("/sign-in-callback", authHandler.signInCallbackHandler)
+		router.HandleFunc("/sign-out", authHandler.signOutHandler)
 	}
-	router.Handle("/sse", authHandler.mw.RequireAuthentication()(http.HandlerFunc(sse.ServeHTTP)))
+	router.Handle("/sse", authHandler.authRequired(http.HandlerFunc(sse.ServeHTTP)))
 
 	fsAssets := http.FileServer(http.Dir("assets"))
-	router.Handle("/assets/", http.StripPrefix("/assets/", fsAssets))
+	router.Handle("/assets/", authHandler.authRequired(http.StripPrefix("/assets/", fsAssets)))
 
 	fsIcons := http.FileServer(http.Dir("storage/icons"))
-	router.Handle("/storage/icons/", http.StripPrefix("/storage/icons/", fsIcons))
+	router.Handle("/storage/icons/", authHandler.authRequired(http.StripPrefix("/storage/icons/", fsIcons)))
 
-	router.Handle("/", authHandler.mw.RequireAuthentication()(http.HandlerFunc(appHandler.appHandler)))
+	router.Handle("/", authHandler.authRequired(http.HandlerFunc(appHandler.appHandler)))
 }
diff --git a/handlers/session.go b/handlers/session.go
new file mode 100644
index 0000000..82018ab
--- /dev/null
+++ b/handlers/session.go
@@ -0,0 +1,25 @@
+package handlers
+
+import (
+	"net/http"
+
+	"github.com/alexedwards/scs/v2"
+)
+
+type SessionStorage struct {
+	sessionManager *scs.SessionManager
+	write          http.ResponseWriter
+	request        *http.Request
+}
+
+func NewSessionStorage(w http.ResponseWriter, r *http.Request) *SessionStorage {
+	return &SessionStorage{write: w, request: r}
+}
+
+func (s *SessionStorage) GetItem(key string) string {
+	return s.sessionManager.GetString(s.request.Context(), key)
+}
+
+func (s *SessionStorage) SetItem(key, value string) {
+	s.sessionManager.Put(s.request.Context(), key, value)
+}
diff --git a/internal/env/env.go b/internal/env/env.go
index 6976991..ffa96e2 100644
--- a/internal/env/env.go
+++ b/internal/env/env.go
@@ -1,8 +1,6 @@
 package env
 
 import (
-	"crypto/rand"
-	"encoding/hex"
 	"errors"
 
 	"github.com/caarlos0/env/v10"
@@ -10,37 +8,27 @@ import (
 )
 
 type Config struct {
-	TimeZone          string  `env:"TZ" envDefault:"Etc/UTC" validate:"timezone"`
-	Title             string  `env:"TITLE" envDefault:"goDash"`
-	Port              int     `env:"PORT" envDefault:"4000" validate:"min=1024,max=49151"`
-	Version           string  `env:"APP_VERSION"`
-	LocationLatitude  float32 `env:"LOCATION_LATITUDE" envDefault:"48.780331609463815" validate:"latitude"`
-	LocationLongitude float32 `env:"LOCATION_LONGITUDE" envDefault:"9.177968320179422" validate:"longitude"`
-	WeatherKey        string  `env:"WEATHER_KEY"`
-	WeatherUnits      string  `env:"WEATHER_UNITS" envDefault:"metric"`
-	WeatherLanguage   string  `env:"WEATHER_LANG" envDefault:"en" validate:"bcp47_language_tag"`
-	WeatherDigits     bool    `env:"WEATHER_DIGITS" envDefault:"false"`
-	OIDCIssuerUrl     string  `env:"OIDC_ISSUER_URL" default:"" validate:"omitempty,fqdn"`
-	OIDCRedirectUri   string  `env:"OIDC_REDIRECT_URI" validate:"omitempty,url"`
-	OIDCClientId      string  `env:"OIDC_CLIENT_ID,unset"`
-	OIDCKey           string  `env:"OIDC_KEY,unset"`
+	TimeZone                   string  `env:"TZ" envDefault:"Etc/UTC" validate:"timezone"`
+	Title                      string  `env:"TITLE" envDefault:"goDash"`
+	Port                       int     `env:"PORT" envDefault:"4000" validate:"min=1024,max=49151"`
+	Version                    string  `env:"APP_VERSION"`
+	LocationLatitude           float32 `env:"LOCATION_LATITUDE" envDefault:"48.780331609463815" validate:"latitude"`
+	LocationLongitude          float32 `env:"LOCATION_LONGITUDE" envDefault:"9.177968320179422" validate:"longitude"`
+	WeatherKey                 string  `env:"WEATHER_KEY"`
+	WeatherUnits               string  `env:"WEATHER_UNITS" envDefault:"metric"`
+	WeatherLanguage            string  `env:"WEATHER_LANG" envDefault:"en" validate:"bcp47_language_tag"`
+	WeatherDigits              bool    `env:"WEATHER_DIGITS" envDefault:"false"`
+	OIDCIssuerUrl              string  `env:"OIDC_ISSUER_URL" default:"" validate:"omitempty,url"`
+	OIDCRedirectUri            string  `env:"OIDC_REDIRECT_URI" validate:"omitempty,url"`
+	OIDCPostSignOutRedirectUri string  `env:"OIDC_POST_SIGN_OUT_REDIRECT_URI" validate:"omitempty,url"`
+	OIDCClientId               string  `env:"OIDC_CLIENT_ID,unset"`
+	OIDCClientSecret           string  `env:"OIDC_CLIENT_SECRET,unset"`
 }
 
 var errParse = errors.New("error parsing environment variables")
 
-func generateRandomKey(size int) string {
-	key := make([]byte, size)
-	_, err := rand.Read(key)
-	if err != nil {
-		panic(err)
-	}
-	return hex.EncodeToString(key)
-}
-
 func Parse() (*Config, error) {
-	cfg := &Config{
-		OIDCKey: generateRandomKey(16),
-	}
+	cfg := &Config{}
 	if err := env.Parse(cfg); err != nil {
 		return cfg, err
 	}
diff --git a/main.go b/main.go
index 4a1399c..c2473a6 100644
--- a/main.go
+++ b/main.go
@@ -6,7 +6,9 @@ import (
 	"log/slog"
 	"net/http"
 	"os"
+	"time"
 
+	"github.com/alexedwards/scs/v2"
 	"github.com/r3labs/sse/v2"
 
 	"gitlab.unjx.de/flohoss/godash/handlers"
@@ -21,6 +23,11 @@ func main() {
 		os.Exit(1)
 	}
 
+	var sessionManager *scs.SessionManager
+	if env.OIDCIssuerUrl != "" {
+		sessionManager = scs.New()
+		sessionManager.Lifetime = 168 * time.Hour
+	}
 	router := http.NewServeMux()
 	sse := sse.New()
 	sse.AutoReplay = false
@@ -29,13 +36,17 @@ func main() {
 	w := services.NewWeatherService(sse, env)
 	b := services.NewBookmarkService()
 
-	authHandler := handlers.NewAuthHandler(env)
+	authHandler := handlers.NewAuthHandler(env, sessionManager)
 	appHandler := handlers.NewAppHandler(env, authHandler, s, w, b)
 	handlers.SetupRoutes(router, sse, appHandler, authHandler)
 
 	lis := fmt.Sprintf(":%d", env.Port)
 	slog.Info("server listening, press ctrl+c to stop", "addr", "http://localhost"+lis)
-	err = http.ListenAndServe(lis, router)
+	if sessionManager != nil {
+		err = http.ListenAndServe(lis, sessionManager.LoadAndSave(router))
+	} else {
+		err = http.ListenAndServe(lis, router)
+	}
 	if !errors.Is(err, http.ErrServerClosed) {
 		slog.Error("server terminated", "error", err)
 		os.Exit(1)
diff --git a/services/system.services.go b/services/system.services.go
index ab925fe..58bc0d7 100644
--- a/services/system.services.go
+++ b/services/system.services.go
@@ -7,7 +7,6 @@ import (
 	"strconv"
 	"time"
 
-	"github.com/dariubs/percent"
 	"github.com/r3labs/sse/v2"
 	"github.com/shirou/gopsutil/cpu"
 	"github.com/shirou/gopsutil/disk"
@@ -16,6 +15,13 @@ import (
 	"gitlab.unjx.de/flohoss/godash/internal/readable"
 )
 
+func calculatePercentage(used, total uint64) float64 {
+	if total == 0 {
+		return 0.0
+	}
+	return (float64(used) / float64(total)) * 100
+}
+
 func NewSystemService(sse *sse.Server) *SystemService {
 	s := SystemService{
 		sse: sse,
@@ -98,7 +104,7 @@ func (s *SystemService) liveRam() {
 		return
 	}
 	s.Live.Ram.Value = readable.ReadableSize(r.Used)
-	s.Live.Ram.Percentage = math.RoundToEven(percent.PercentOfFloat(float64(r.Used), float64(r.Total)))
+	s.Live.Ram.Percentage = math.RoundToEven(calculatePercentage(r.Used, r.Total))
 }
 
 func staticDisk() Disk {
@@ -122,7 +128,7 @@ func (s *SystemService) liveDisk() {
 		return
 	}
 	s.Live.Disk.Value = readable.ReadableSize(d.Used)
-	s.Live.Disk.Percentage = math.RoundToEven(percent.PercentOfFloat(float64(d.Used), float64(d.Total)))
+	s.Live.Disk.Percentage = math.RoundToEven(calculatePercentage(d.Used, d.Total))
 }
 
 func (s *SystemService) uptime() {
diff --git a/views/home/home.templ b/views/home/home.templ
index b033524..e76a262 100644
--- a/views/home/home.templ
+++ b/views/home/home.templ
@@ -1,21 +1,21 @@
 package home
 
 import (
+	"fmt"
+
+	"github.com/logto-io/go/core"
+
 	"gitlab.unjx.de/flohoss/godash/services"
 	"gitlab.unjx.de/flohoss/godash/views/layout"
-	"fmt"
 	"gitlab.unjx.de/flohoss/godash/components"
-
-	"github.com/zitadel/oidc/v3/pkg/oidc"
-	openid "github.com/zitadel/zitadel-go/v3/pkg/authentication/oidc"
 )
 
-templ Home(title string, authCtx *openid.UserInfoContext[*oidc.IDTokenClaims, *oidc.UserInfo], bookmarks *services.Bookmarks, static *services.StaticInformation, live *services.LiveInformation, weather *services.OpenWeather) {
+templ Home(title string, claims *core.IdTokenClaims, bookmarks *services.Bookmarks, static *services.StaticInformation, live *services.LiveInformation, weather *services.OpenWeather) {
 	<section class="grid gap-10">
 		<div class="flex w-full justify-between items-center">
 			@components.Weather(weather)
-			if authCtx != nil {
-				@components.User(authCtx)
+			if claims != nil {
+				@components.User(claims)
 			}
 		</div>
 		<div class="grid grid-cols-1 sm:grid-cols-2 xl:grid-cols-4 gap-3 select-none">