import { cookies } from "next/headers"; import { auth } from "@/auth"; const COOKIE_NAME = "ayrismail_creds"; export interface MailSessionData { email: string; password: string; ownerId: string; // Dashboard user ID who owns this mail session } /** * Encode credentials to base64 (in production, use proper encryption * with AES-256-GCM and AUTH_SECRET as key). */ function encode(data: MailSessionData): string { return Buffer.from(JSON.stringify(data)).toString("base64"); } function decode(token: string): MailSessionData | null { try { return JSON.parse(Buffer.from(token, "base64").toString("utf-8")); } catch { return null; } } /** Save mail credentials to cookie */ export async function setMailSession(data: Omit): Promise { const session = await auth(); if (!session?.user?.id) { throw new Error("Cannot set mail session without dashboard session"); } const cookieStore = await cookies(); const sessionData: MailSessionData = { ...data, ownerId: session.user.id, }; cookieStore.set(COOKIE_NAME, encode(sessionData), { httpOnly: true, secure: process.env.NODE_ENV === "production", sameSite: "lax", maxAge: 60 * 60 * 24, // 24 hours path: "/", }); } /** Get mail credentials from cookie */ export async function getMailSession(): Promise { const session = await auth(); if (!session?.user?.id) return null; const cookieStore = await cookies(); const cookie = cookieStore.get(COOKIE_NAME); if (!cookie?.value) return null; const data = decode(cookie.value); if (!data) return null; // Verify that this mail session belongs to the current dashboard user if (data.ownerId !== session.user.id) { // Session belongs to another user, clear it for safety await clearMailSession(); return null; } return data; } /** Clear mail credentials cookie */ export async function clearMailSession(): Promise { const cookieStore = await cookies(); cookieStore.delete(COOKIE_NAME); }