import { deriveKeyFromSecret, encryptJSON, decryptToJSON } from '/static/js/crypto.js'; async function getAppSecret() { const meta = document.querySelector('meta[name="app-secret"]'); return meta ? meta.getAttribute('content') : null; } export async function setCookie(name, value, days = 180) { const appSecret = await getAppSecret(); let cookieValue; if (!appSecret) { console.warn('APP SECRET is missing — cookies will be stored without client-side encryption.'); cookieValue = encodeURIComponent(JSON.stringify(value)); } else { try { const key = await deriveKeyFromSecret(appSecret); cookieValue = await encryptJSON(key, value); } catch (error) { console.error('Encryption failed:', error); cookieValue = encodeURIComponent(JSON.stringify(value)); } } const secure = true; // TODO включить после тестов const sameSite = 'Lax'; const expires = new Date(Date.now() + days * 864e5).toUTCString(); let cookie = `${encodeURIComponent(name)}=${cookieValue}; expires=${expires}; path=/`; if (secure) cookie += '; Secure'; if (sameSite) cookie += `; SameSite=${sameSite}`; document.cookie = cookie; } export async function getCookie(name) { const cookies = document.cookie ? document.cookie.split('; ') : []; for (const c of cookies) { const parts = c.split('='); if (parts.length < 2) continue; const cookieName = decodeURIComponent(parts[0]); if (cookieName !== name) continue; const cookieValue = parts.slice(1).join('='); const appSecret = await getAppSecret(); if (appSecret) { try { const key = await deriveKeyFromSecret(appSecret); const decrypted = await decryptToJSON(key, cookieValue); return JSON.parse(decrypted); } catch (error) { console.error('Decryption failed for cookie', name, error); return } } else { try { return JSON.parse(decodeURIComponent(cookieValue)); } catch (e) { return decodeURIComponent(cookieValue); } } } return null; } export function deleteCookie(name) { try { document.cookie = `${encodeURIComponent(name)}=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/`; } catch (e) { console.error(e) } }