From 09afc35b3275602fd52e6e4f7caf32c4f623ac15 Mon Sep 17 00:00:00 2001
From: Denis Mishankov <mishankov@mail.com>
Date: Sun, 1 Mar 2026 22:29:30 +0300
Subject: [PATCH] fix new gosec issues

---
 auth/handler_login.go    | 2 +-
 auth/handler_register.go | 2 +-
 auth/model.go            | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/auth/handler_login.go b/auth/handler_login.go
index db8e731..88fb7a2 100644
--- a/auth/handler_login.go
+++ b/auth/handler_login.go
@@ -24,7 +24,7 @@ func (h *LoginHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 
 	var req struct {
 		Login    string `json:"login"`
-		Password string `json:"password"`
+		Password string `json:"password"` //nolint:gosec // Password in request
 	}
 
 	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
diff --git a/auth/handler_register.go b/auth/handler_register.go
index 6ed9410..1fe9d74 100644
--- a/auth/handler_register.go
+++ b/auth/handler_register.go
@@ -24,7 +24,7 @@ func (h *RegisterHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 
 	var req struct {
 		Login    string `json:"login"`
-		Password string `json:"password"`
+		Password string `json:"password"` //nolint:gosec // Password in request
 	}
 
 	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
diff --git a/auth/model.go b/auth/model.go
index 3dd16f1..177ef8e 100644
--- a/auth/model.go
+++ b/auth/model.go
@@ -13,7 +13,7 @@ const (
 type User struct {
 	ID       string    `db:"id"       json:"id"`
 	Username string    `db:"username" json:"username"`
-	Password string    `db:"password" json:"password"`
+	Password string    `db:"password" json:"password"` //nolint:gosec // Not exposed via handlers
 	Salt     string    `db:"salt"     json:"salt"`
 	Created  time.Time `db:"created"  json:"created"`
 	Updated  time.Time `db:"updated"  json:"updated"`