склади и инструмент готовы
This commit is contained in:
@@ -0,0 +1,77 @@
|
||||
import { deriveKeyFromSecret, encryptJSON, decryptToJSON } from '/static/js/crypto.js';
|
||||
|
||||
async function getAppSecret() {
|
||||
const meta = document.querySelector('meta[name="app-secret"]');
|
||||
return meta ? meta.getAttribute('content') : null;
|
||||
}
|
||||
|
||||
export async function setCookie(name, value, days = 180) {
|
||||
const appSecret = await getAppSecret();
|
||||
|
||||
let cookieValue;
|
||||
|
||||
if (!appSecret) {
|
||||
console.warn('APP SECRET is missing — cookies will be stored without client-side encryption.');
|
||||
cookieValue = encodeURIComponent(JSON.stringify(value));
|
||||
} else {
|
||||
try {
|
||||
const key = await deriveKeyFromSecret(appSecret);
|
||||
cookieValue = await encryptJSON(key, value);
|
||||
} catch (error) {
|
||||
console.error('Encryption failed:', error);
|
||||
cookieValue = encodeURIComponent(JSON.stringify(value));
|
||||
}
|
||||
}
|
||||
|
||||
const secure = false; // TODO включить после тестов
|
||||
const sameSite = 'Lax';
|
||||
|
||||
const expires = new Date(Date.now() + days * 864e5).toUTCString();
|
||||
|
||||
let cookie = `${encodeURIComponent(name)}=${cookieValue}; expires=${expires}; path=/`;
|
||||
if (secure) cookie += '; Secure';
|
||||
if (sameSite) cookie += `; SameSite=${sameSite}`;
|
||||
|
||||
document.cookie = cookie;
|
||||
}
|
||||
|
||||
export async function getCookie(name) {
|
||||
const cookies = document.cookie ? document.cookie.split('; ') : [];
|
||||
|
||||
for (const c of cookies) {
|
||||
const parts = c.split('=');
|
||||
if (parts.length < 2) continue;
|
||||
|
||||
const cookieName = decodeURIComponent(parts[0]);
|
||||
if (cookieName !== name) continue;
|
||||
|
||||
const cookieValue = parts.slice(1).join('=');
|
||||
const appSecret = await getAppSecret();
|
||||
|
||||
if (appSecret) {
|
||||
try {
|
||||
const key = await deriveKeyFromSecret(appSecret);
|
||||
const decrypted = await decryptToJSON(key, cookieValue);
|
||||
return JSON.parse(decrypted);
|
||||
} catch (error) {
|
||||
console.error('Decryption failed for cookie', name, error);
|
||||
return
|
||||
}
|
||||
} else {
|
||||
try {
|
||||
return JSON.parse(decodeURIComponent(cookieValue));
|
||||
} catch (e) {
|
||||
return decodeURIComponent(cookieValue);
|
||||
}
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
export function deleteCookie(name) {
|
||||
try {
|
||||
document.cookie = `${encodeURIComponent(name)}=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`;
|
||||
} catch (e) {
|
||||
console.error(e)
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user