Prevent startup on empty secret

cmd/budgeteer/main.go

@@ -29,11 +29,14 @@ func main() {
 		panic("couldn't open static files")
 	}
 
+	tokenVerifier, err := jwt.NewTokenVerifier(cfg.SessionSecret)
+	if err != nil {
+		panic("couldn't create token verifier")
+	}
+
 	handler := &server.Handler{
-		Service: queries,
-		TokenVerifier: &jwt.TokenVerifier{
-			Secret: cfg.SessionSecret,
-		},
+		Service:             queries,
+		TokenVerifier:       tokenVerifier,
 		CredentialsVerifier: &bcrypt.Verifier{},
 		StaticFS:            http.FS(static),
 	}