From 0275f35242bfbdba934c3bfb5850458f01a9cca9 Mon Sep 17 00:00:00 2001
From: Chase Pierce <syntaqx@gmail.com>
Date: Sun, 30 Jun 2024 15:50:01 -0600
Subject: [PATCH] update docs to reflect that you should update your signing
 key

---
 README.md | 5 +++--
 cookie.go | 5 +++--
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index efac970..96b2c81 100644
--- a/README.md
+++ b/README.md
@@ -106,8 +106,9 @@ if err != nil {
 
 ### Signing Key
 
-By default, the signing key is set to `cookie.DefaultSigningKey`. If you want to
-change the signing key, you can set it using the `cookie.SigningKey` variable:
+By default, the signing key is set to `[]byte(cookie.DefaultSigningKey)`. You
+should change this signing key for your application by assigning the
+`cookie.SigningKey` variable to a secret value of your own:
 
 ```go
 cookie.SigningKey = []byte("my-secret-key")
diff --git a/cookie.go b/cookie.go
index a7ab4f4..1a85dab 100644
--- a/cookie.go
+++ b/cookie.go
@@ -15,12 +15,13 @@ import (
 )
 
 const (
-	CookieTag = "cookie"
+	CookieTag         = "cookie"
+	DefaultSigningKey = "default-signing-key"
 )
 
 var (
 	// SigningKey is the key used to sign cookies.
-	SigningKey = []byte("default-signing-key")
+	SigningKey = []byte(DefaultSigningKey)
 )
 
 var (