fix: use string as key

routers/web/auth/auth.go

@@ -82,7 +82,7 @@ func AutoSignIn(ctx *context.Context) (bool, error) {
 
 	isSucceed = true
 
-	if err := updateSession(ctx, nil, map[interface{}]interface{}{
+	if err := updateSession(ctx, nil, map[string]interface{}{
 		// Set session IDs
 		"uid":   u.ID,
 		"uname": u.Name,
@@ -245,7 +245,7 @@ func SignInPost(ctx *context.Context) {
 		return
 	}
 
-	updates := map[interface{}]interface{}{
+	updates := map[string]interface{}{
 		// User will need to use 2FA TOTP or WebAuthn, save data
 		"twofaUid":      u.ID,
 		"twofaRemember": form.Remember,
@@ -286,7 +286,7 @@ func handleSignInFull(ctx *context.Context, u *user_model.User, remember, obeyRe
 			setting.CookieRememberName, u.Name, days)
 	}
 
-	if err := updateSession(ctx, []interface{}{
+	if err := updateSession(ctx, []string{
 		// Delete the openid, 2fa and linkaccount data
 		"openid_verified_uri",
 		"openid_signin_remember",
@@ -295,7 +295,7 @@ func handleSignInFull(ctx *context.Context, u *user_model.User, remember, obeyRe
 		"twofaUid",
 		"twofaRemember",
 		"linkAccount",
-	}, map[interface{}]interface{}{
+	}, map[string]interface{}{
 		"uid":   u.ID,
 		"uname": u.Name,
 	}); err != nil {
@@ -734,7 +734,7 @@ func handleAccountActivation(ctx *context.Context, user *user_model.User) {
 
 	log.Trace("User activated: %s", user.Name)
 
-	if err := updateSession(ctx, nil, map[interface{}]interface{}{
+	if err := updateSession(ctx, nil, map[string]interface{}{
 		"uid":   user.ID,
 		"uname": user.Name,
 	}); err != nil {
@@ -780,7 +780,7 @@ func ActivateEmail(ctx *context.Context) {
 	ctx.Redirect(setting.AppSubURL + "/user/settings/account")
 }
 
-func updateSession(ctx *context.Context, deletes []interface{}, updates map[interface{}]interface{}) error {
+func updateSession(ctx *context.Context, deletes []string, updates map[string]interface{}) error {
 	if _, err := session.RegenerateSession(ctx.Resp, ctx.Req); err != nil {
 		return fmt.Errorf("regenerate session: %w", err)
 	}

routers/web/auth/linkaccount.go

@@ -155,7 +155,7 @@ func linkAccount(ctx *context.Context, u *user_model.User, gothUser goth.User, r
 		return
 	}
 
-	if err := updateSession(ctx, nil, map[interface{}]interface{}{
+	if err := updateSession(ctx, nil, map[string]interface{}{
 		// User needs to use 2FA, save data and redirect to 2FA page.
 		"twofaUid":      u.ID,
 		"twofaRemember": remember,

routers/web/auth/oauth.go

@@ -1026,7 +1026,7 @@ func setUserGroupClaims(loginSource *auth.Source, u *user_model.User, gothUser *
 }
 
 func showLinkingLogin(ctx *context.Context, gothUser goth.User) {
-	if err := updateSession(ctx, nil, map[interface{}]interface{}{
+	if err := updateSession(ctx, nil, map[string]interface{}{
 		"linkAccountGothUser": gothUser,
 	}); err != nil {
 		ctx.ServerError("RegenerateSession", err)
@@ -1069,7 +1069,7 @@ func handleOAuth2SignIn(ctx *context.Context, source *auth.Source, u *user_model
 	// If this user is enrolled in 2FA and this source doesn't override it,
 	// we can't sign the user in just yet. Instead, redirect them to the 2FA authentication page.
 	if !needs2FA {
-		if err := updateSession(ctx, nil, map[interface{}]interface{}{
+		if err := updateSession(ctx, nil, map[string]interface{}{
 			"uid":   u.ID,
 			"uname": u.Name,
 		}); err != nil {
@@ -1125,7 +1125,7 @@ func handleOAuth2SignIn(ctx *context.Context, source *auth.Source, u *user_model
 		}
 	}
 
-	if err := updateSession(ctx, nil, map[interface{}]interface{}{
+	if err := updateSession(ctx, nil, map[string]interface{}{
 		// User needs to use 2FA, save data and redirect to 2FA page.
 		"twofaUid":      u.ID,
 		"twofaRemember": false,

routers/web/auth/openid.go

@@ -234,7 +234,7 @@ func signInOpenIDVerify(ctx *context.Context) {
 	if u != nil {
 		nickname = u.LowerName
 	}
-	if err := updateSession(ctx, nil, map[interface{}]interface{}{
+	if err := updateSession(ctx, nil, map[string]interface{}{
 		"openid_verified_uri":        id,
 		"openid_determined_email":    email,
 		"openid_determined_username": nickname,