Encrypt cookies

[sergeychernyshev]

This PR implements encryption for session-related cookies using AES-GCM.

Key changes:

• Created src/CookieManager.ts to handle encryption and decryption using the Web Crypto API.
• Added SESSION_SECRET to environment variables and strictly require it in the worker code (similarly to ORIGIN_URL).
• Updated the documentation in public/index.html to clearly separate required and optional configuration variables.
• Standardized the test suite using wrangler.test.jsonc and vitest.config.mts to provide stable default configuration for automated tests.
• Updated src/index.ts and src/auth/index.ts to encrypt session_id and backup_session_id cookies.
• Refactored cookie parsing and session retrieval to handle decryption gracefully.
• Updated all integration tests to use CookieManager for compatibility with the new encrypted cookie format.

Closes #59

✨ Assisted by AI: Gemini

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
✅ Deployment successful! View logs	startup-api	9298582	Feb 16 2026, 02:55 AM