/**
 * In-memory refresh token storage.
 *
 * The authoritative session continuity mechanism is now the backend-managed
 * HttpOnly refresh cookie. This module only keeps a process-local copy so the
 * current tab can still send an explicit logout payload when available.
 */

let refreshToken: string | null = null
const SESSION_PRESENCE_COOKIE_NAME = 'ums_session_present'

export function getRefreshToken(): string | null {
  return refreshToken
}

export function setRefreshToken(token: string | null | undefined): void {
  const value = (token || '').trim()
  refreshToken = value || null
}

export function clearRefreshToken(): void {
  refreshToken = null
}

export function hasRefreshToken(): boolean {
  return refreshToken !== null
}

export function hasSessionPresenceCookie(): boolean {
  if (typeof document === 'undefined') {
    return false
  }

  return document.cookie
    .split(';')
    .map((cookie) => cookie.trim())
    .some((cookie) => cookie.startsWith(`${SESSION_PRESENCE_COOKIE_NAME}=`))
}