/* Grok2API — Auth module */ const ADMIN_API = '/admin/api'; const WEBUI_API = '/webui/api'; const _ENC = new TextEncoder(), _DEC = new TextDecoder(); const _SECRET = 'grok2api-admin-key'; const _XOR_P = 'enc:xor:', _AES_P = 'enc:v1:'; function _toB64(b) { let s=''; b.forEach(v=>s+=String.fromCharCode(v)); return btoa(s); } function _fromB64(s) { const d=atob(s), a=new Uint8Array(d.length); for(let i=0;i{ const s=localStorage.getItem(k)||''; if(!s)return''; try{return await _decrypt(s)}catch{localStorage.removeItem(k);return''} }, set: async(v)=>{ if(!v){localStorage.removeItem(k);return} localStorage.setItem(k,await _encrypt(v)||'') }, clear: ()=>localStorage.removeItem(k), }; } const adminKey = _keyStore('grok2api_admin_key'); const webuiKey = _keyStore('grok2api_webui_key'); async function verifyKey(url, key) { return (await fetch(url, { headers: key ? { Authorization: `Bearer ${key}` } : {} })).ok; } function adminLogout() { adminKey.clear(); webuiKey.clear(); location.href='/admin/login'; } function webuiLogout() { webuiKey.clear(); location.href='/webui/login'; }