django-cookie-consent 0.8.0__py3-none-any.whl → 1.0.0__py3-none-any.whl

cookie_consent/__init__.py

@@ -1 +1 @@
-__version__ = "0.8.0"
+__version__ = "1.0.0"

cookie_consent/admin.py

@@ -1,10 +1,16 @@
-# -*- coding: utf-8 -*-
 from django.contrib import admin
+from django.db.models import Count
+from django.http.request import HttpRequest
+from django.templatetags.l10n import localize
+from django.templatetags.static import static
+from django.utils.html import format_html
+from django.utils.translation import gettext_lazy as _
 
 from .conf import settings
 from .models import Cookie, CookieGroup, LogItem
 
 
+@admin.register(Cookie)
 class CookieAdmin(admin.ModelAdmin):
     list_display = ("varname", "name", "cookiegroup", "path", "domain", "get_version")
     search_fields = ("name", "domain", "cookiegroup__varname", "cookiegroup__name")
@@ -12,8 +18,16 @@ class CookieAdmin(admin.ModelAdmin):
     list_filter = ("cookiegroup",)
 
 
+@admin.register(CookieGroup)
 class CookieGroupAdmin(admin.ModelAdmin):
-    list_display = ("varname", "name", "is_required", "is_deletable", "get_version")
+    list_display = (
+        "varname",
+        "name",
+        "is_required",
+        "is_deletable",
+        "num_cookies",
+        "get_version",
+    )
     search_fields = (
         "varname",
         "name",
@@ -23,6 +37,22 @@ class CookieGroupAdmin(admin.ModelAdmin):
         "is_deletable",
     )
 
+    def get_queryset(self, request: HttpRequest):
+        qs = super().get_queryset(request)
+        return qs.annotate(num_cookies=Count("cookie"))
+
+    @admin.display(ordering="num_cookies", description=_("# cookies"))
+    def num_cookies(self, obj: CookieGroup):
+        if (count := obj.num_cookies) > 0:
+            return localize(count)
+
+        return format_html(
+            '{count} <img src="{src}" alt="{alt}">',
+            count=localize(count),
+            src=static("admin/img/icon-alert.svg"),
+            alt=_("Warning icon for missing cookies in cookie group."),
+        )
+
 
 class LogItemAdmin(admin.ModelAdmin):
     list_display = ("action", "cookiegroup", "version", "created")
@@ -31,7 +61,5 @@ class LogItemAdmin(admin.ModelAdmin):
     date_hierarchy = "created"
 
 
-admin.site.register(Cookie, CookieAdmin)
-admin.site.register(CookieGroup, CookieGroupAdmin)
 if settings.COOKIE_CONSENT_LOG_ENABLED:
     admin.site.register(LogItem, LogItemAdmin)

cookie_consent/cache.py

@@ -1,8 +1,9 @@
-# -*- coding: utf-8 -*-
+from collections.abc import Mapping
+
 from django.core.cache import caches
 
 from .conf import settings
-from .models import CookieGroup
+from .models import Cookie, CookieGroup
 
 CACHE_KEY = "cookie_consent_cache"
 CACHE_TIMEOUT = 60 * 60  # 60 minutes
@@ -19,17 +20,17 @@ def _get_cache():
     return caches[settings.COOKIE_CONSENT_CACHE_BACKEND]
 
 
-def delete_cache():
+def delete_cache() -> None:
     cache = _get_cache()
     cache.delete(CACHE_KEY)
 
 
-def _get_cookie_groups_from_db():
+def _get_cookie_groups_from_db() -> Mapping[str, CookieGroup]:
     qs = CookieGroup.objects.filter(is_required=False).prefetch_related("cookie_set")
     return qs.in_bulk(field_name="varname")
 
 
-def all_cookie_groups():
+def all_cookie_groups() -> Mapping[str, CookieGroup]:
     """
     Get all cookie groups that are optional.
 
@@ -37,16 +38,20 @@ def all_cookie_groups():
     cache miss.
     """
     cache = _get_cache()
-    return cache.get_or_set(
+    result = cache.get_or_set(
         CACHE_KEY, _get_cookie_groups_from_db, timeout=CACHE_TIMEOUT
     )
+    assert result is not None
+    return result
 
 
-def get_cookie_group(varname):
+def get_cookie_group(varname: str) -> CookieGroup | None:
     return all_cookie_groups().get(varname)
 
 
-def get_cookie(cookie_group, name, domain):
+def get_cookie(cookie_group: CookieGroup, name: str, domain: str) -> Cookie | None:
+    # loop over cookie set relation instead of doing a lookup query, as this should
+    # come from the cache and avoid hitting the database
     for cookie in cookie_group.cookie_set.all():
         if cookie.name == name and cookie.domain == domain:
             return cookie

cookie_consent/conf.py

@@ -1,5 +1,8 @@
-# -*- coding: utf-8 -*-
-from django.conf import settings  # NOQA
+from typing import Literal
+
+from django.conf import settings
+from django.urls import reverse_lazy
+from django.utils.functional import Promise
 
 from appconf import AppConf
 
@@ -8,20 +11,25 @@ __all__ = ["settings"]
 
 class CookieConsentConf(AppConf):
     # django-cookie-consent cookie settings that store the configuration
-    NAME = "cookie_consent"
+    NAME: str = "cookie_consent"
     # TODO: rename to AGE for parity with django settings
-    MAX_AGE = 60 * 60 * 24 * 365 * 1  # 1 year,
-    DOMAIN = None
-    SECURE = False
-    HTTPONLY = True
-    SAMESITE = "Lax"
+    MAX_AGE: int = 60 * 60 * 24 * 365 * 1  # 1 year,
+    DOMAIN: str | None = None
+    SECURE: bool = False
+    HTTPONLY: bool = True
+    SAMESITE: Literal["Strict", "Lax", "None", False] = "Lax"
+
+    DECLINE: str = "-1"
 
-    DECLINE = "-1"
+    ENABLED: bool = True
 
-    ENABLED = True
+    OPT_OUT: bool = False
 
-    OPT_OUT = False
+    CACHE_BACKEND: str = "default"
 
-    CACHE_BACKEND = "default"
+    LOG_ENABLED: bool = True
+    """
+    DeprecationWarning: in future versions the default may switch to log disabled.
+    """
 
-    LOG_ENABLED = True
+    SUCCESS_URL: str | Promise = reverse_lazy("cookie_consent_cookie_group_list")

cookie_consent/forms.py

@@ -0,0 +1,50 @@
+from collections.abc import Collection, Iterator
+
+from django import forms
+from django.utils.translation import gettext_lazy as _
+
+from .cache import all_cookie_groups
+from .models import CookieGroup
+
+
+def iter_cookie_group_choices() -> Iterator[tuple[str, str]]:
+    """
+    Use the cached cookie group instances to get a list of choices.
+    """
+    for varname, cookie_group in all_cookie_groups().items():
+        yield varname, cookie_group.name
+
+
+class CookieGroupsChoiceField(forms.TypedMultipleChoiceField):
+    def __init__(self, **kwargs):
+        kwargs["coerce"] = self._coerce_choice
+        kwargs["choices"] = iter_cookie_group_choices
+        super().__init__(**kwargs)
+
+    def _coerce_choice(self, varname: str) -> CookieGroup:
+        all_groups = all_cookie_groups()
+        return all_groups[varname]
+
+
+class ProcessCookiesForm(forms.Form):
+    all_groups = forms.BooleanField(
+        label=_("Apply to all cookie groups"),
+        required=False,
+    )
+    cookie_groups = CookieGroupsChoiceField(
+        label=_("Cookie group varnames"),
+        choices=iter_cookie_group_choices,
+        required=False,
+    )
+
+    def get_cookie_groups(self) -> Collection[CookieGroup]:
+        """
+        Build the collection of specified cookies.
+        """
+        match self.cleaned_data:
+            case {"all_groups": True}:
+                return all_cookie_groups().values()
+            case {"cookie_groups": [*groups]}:
+                return groups
+            case _:
+                return []

cookie_consent/middleware.py

@@ -1,12 +1,13 @@
-# -*- coding: utf-8 -*-
-from typing import Optional
+from collections.abc import Callable
+
+from django.http import HttpRequest, HttpResponseBase
 
 from .cache import all_cookie_groups
 from .conf import settings
 from .util import get_cookie_dict_from_request, is_cookie_consent_enabled
 
 
-def _should_delete_cookie(group_version: Optional[str]) -> bool:
+def _should_delete_cookie(group_version: str | None) -> bool:
     # declined after it was accepted (and set) before
     if group_version == settings.COOKIE_CONSENT_DECLINE:
         return True
@@ -31,16 +32,16 @@ class CleanCookiesMiddleware:
     Note that this only applies if COOKIE_CONSENT_OPT_OUT is not set.
     """
 
-    def __init__(self, get_response):
+    def __init__(self, get_response: Callable[[HttpRequest], HttpResponseBase]):
         self.get_response = get_response
 
-    def __call__(self, request):
+    def __call__(self, request: HttpRequest):
         response = self.get_response(request)
         if is_cookie_consent_enabled(request):
             self.process_response(request, response)
         return response
 
-    def process_response(self, request, response):
+    def process_response(self, request: HttpRequest, response: HttpResponseBase):
         cookie_dic = get_cookie_dict_from_request(request)
 
         cookies_to_delete = []

cookie_consent/migrations/0001_initial.py

@@ -68,7 +68,8 @@ class Migration(migrations.Migration):
                         validators=[
                             django.core.validators.RegexValidator(
                                 re.compile("^[-_a-zA-Z0-9]+$"),
-                                "Enter a valid 'varname' consisting of letters, numbers, underscores or hyphens.",
+                                "Enter a valid 'varname' consisting of letters, "
+                                "numbers, underscores or hyphens.",
                                 "invalid",
                             )
                         ],

cookie_consent/migrations/0003_alter_cookiegroup_varname.py

@@ -7,7 +7,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("cookie_consent", "0002_auto__add_logitem"),
     ]
@@ -22,7 +21,8 @@ class Migration(migrations.Migration):
                 validators=[
                     django.core.validators.RegexValidator(
                         re.compile("^[-_a-zA-Z0-9]+$"),
-                        "Enter a valid 'varname' consisting of letters, numbers, underscores or hyphens.",
+                        "Enter a valid 'varname' consisting of letters, numbers, "
+                        "underscores or hyphens.",
                         "invalid",
                     )
                 ],

cookie_consent/migrations/0004_cookie_natural_key.py

@@ -4,7 +4,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("cookie_consent", "0003_alter_cookiegroup_varname"),
     ]

cookie_consent/models.py

@@ -1,6 +1,8 @@
-# -*- coding: utf-8 -*-
+from __future__ import annotations
+
 import re
-from typing import TypedDict
+from collections.abc import Callable
+from typing import ClassVar, ParamSpec, TypedDict, TypeVar
 
 from django.core.validators import RegexValidator
 from django.db import models
@@ -16,9 +18,12 @@ validate_cookie_name = RegexValidator(
     "invalid",
 )
 
+P = ParamSpec("P")
+T = TypeVar("T")
+
 
-def clear_cache_after(func):
-    def wrapper(*args, **kwargs):
+def clear_cache_after(func: Callable[P, T]) -> Callable[P, T]:
+    def wrapper(*args: P.args, **kwargs: P.kwargs):
         from .cache import delete_cache
 
         return_value = func(*args, **kwargs)
@@ -33,9 +38,8 @@ class CookieGroupDict(TypedDict):
     name: str
     description: str
     is_required: bool
-    # TODO: should we output this? page cache busting would be
-    # required if we do this. Alternatively, set up a JSONView to output these?
-    # version: str
+    # The version is deliberately not included because it requires page/view cache
+    # busting if a new cookie gets added to the group, which we don't control.
 
 
 class BaseQueryset(models.query.QuerySet):
@@ -49,7 +53,7 @@ class BaseQueryset(models.query.QuerySet):
 
 
 class CookieGroupManager(models.Manager.from_queryset(BaseQueryset)):
-    def get_by_natural_key(self, varname):
+    def get_by_natural_key(self, varname: str) -> CookieGroup:
         return self.get(varname=varname)
 
 
@@ -75,7 +79,8 @@ class CookieGroup(models.Model):
     ordering = models.IntegerField(_("Ordering"), default=0)
     created = models.DateTimeField(_("Created"), auto_now_add=True, blank=True)
 
-    objects = CookieGroupManager()
+    objects: ClassVar[CookieGroupManager] = CookieGroupManager()  # pyright: ignore[reportIncompatibleVariableOverride]
+    cookie_set: ClassVar[CookieManager]
 
     class Meta:
         verbose_name = _("Cookie Group")
@@ -93,11 +98,15 @@ class CookieGroup(models.Model):
     def delete(self, *args, **kwargs):
         return super().delete(*args, **kwargs)
 
-    def natural_key(self):
+    def natural_key(self) -> tuple[str]:
         return (self.varname,)
 
     def get_version(self) -> str:
         try:
+            # this relies on the cookie set being ordered by most-recently created
+            # first.
+            # Note that we don't use `.first()` as that's a new query and bypasses
+            # the cache.
             return str(self.cookie_set.all()[0].get_version())
         except IndexError:
             return ""
@@ -113,7 +122,7 @@ class CookieGroup(models.Model):
 
 
 class CookieManager(models.Manager.from_queryset(BaseQueryset)):
-    def get_by_natural_key(self, name, domain, cookiegroup):
+    def get_by_natural_key(self, name: str, domain: str, cookiegroup: str) -> Cookie:
         group = CookieGroup.objects.get_by_natural_key(cookiegroup)
         return self.get(cookiegroup=group, name=name, domain=domain)
 
@@ -144,7 +153,7 @@ class Cookie(models.Model):
         ordering = ["-created"]
 
     def __str__(self):
-        return "%s %s%s" % (self.name, self.domain, self.path)
+        return f"{self.name} {self.domain}{self.path}"
 
     @clear_cache_after
     def save(self, *args, **kwargs):
@@ -154,16 +163,17 @@ class Cookie(models.Model):
     def delete(self, *args, **kwargs):
         return super().delete(*args, **kwargs)
 
-    def natural_key(self):
+    def natural_key(self) -> tuple[str, str, str]:
         return (self.name, self.domain) + self.cookiegroup.natural_key()
 
-    natural_key.dependencies = ["cookie_consent.cookiegroup"]
+    natural_key.dependencies = ["cookie_consent.cookiegroup"]  # pyright: ignore[reportFunctionMemberAccess]
 
     @property
-    def varname(self):
-        return "%s=%s:%s" % (self.cookiegroup.varname, self.name, self.domain)
+    def varname(self) -> str:
+        group_varname = self.cookiegroup.varname
+        return f"{group_varname}={self.name}:{self.domain}"
 
-    def get_version(self):
+    def get_version(self) -> str:
         return self.created.isoformat()
 
 
@@ -185,10 +195,10 @@ class LogItem(models.Model):
     version = models.CharField(_("Version"), max_length=32)
     created = models.DateTimeField(_("Created"), auto_now_add=True, blank=True)
 
-    def __str__(self):
-        return "%s %s" % (self.cookiegroup.name, self.version)
-
     class Meta:
         verbose_name = _("Log item")
         verbose_name_plural = _("Log items")
         ordering = ["-created"]
+
+    def __str__(self):
+        return f"{self.cookiegroup.name} {self.version}"

cookie_consent/processor.py

@@ -0,0 +1,77 @@
+from collections.abc import Collection
+from typing import Literal
+
+from django.http import HttpRequest, HttpResponseBase
+
+from .conf import settings
+from .models import ACTION_ACCEPTED, ACTION_DECLINED, CookieGroup, LogItem
+from .util import get_cookie_dict_from_request, set_cookie_dict_to_response
+
+
+class CookiesProcessor:
+    """
+    Process the accept/decline logic for cookie groups.
+    """
+
+    def __init__(self, request: HttpRequest, response: HttpResponseBase):
+        self.request = request
+        self.response = response
+
+    def process(
+        self,
+        cookie_groups: Collection[CookieGroup],
+        action: Literal["accept", "decline"],
+    ) -> None:
+        """
+        Apply ``action`` to the specified ``cookie_groups``.
+
+        Mutates the response by updating the cookie tracking the cookie group status. If
+        there are no cookie groups provided, nothing happens.
+        """
+        if not cookie_groups:
+            return
+
+        cookie_dic = get_cookie_dict_from_request(self.request)
+
+        match action:
+            case "accept":
+                for cookie_group in cookie_groups:
+                    cookie_dic[cookie_group.varname] = cookie_group.get_version()
+            case "decline":
+                self._delete_cookies(cookie_groups)
+                for cookie_group in cookie_groups:
+                    cookie_dic[cookie_group.varname] = settings.COOKIE_CONSENT_DECLINE
+
+        self._log_action(cookie_groups, action)
+        set_cookie_dict_to_response(self.response, cookie_dic)
+
+    def _log_action(
+        self,
+        cookie_groups: Collection[CookieGroup],
+        action: Literal["accept", "decline"],
+    ) -> None:
+        if not settings.COOKIE_CONSENT_LOG_ENABLED:
+            return
+        # TODO: replace with stdlib logging call/helper instead of creating DB records
+        # directly.
+
+        action_map: dict[Literal["accept", "decline"], int] = {
+            "accept": ACTION_ACCEPTED,
+            "decline": ACTION_DECLINED,
+        }
+        log_items: list[LogItem] = [
+            LogItem(
+                action=action_map[action],
+                cookiegroup=cookie_group,
+                version=cookie_group.get_version(),
+            )
+            for cookie_group in cookie_groups
+        ]
+        LogItem.objects.bulk_create(log_items)
+
+    def _delete_cookies(self, cookie_groups: Collection[CookieGroup]) -> None:
+        for cookie_group in cookie_groups:
+            if not cookie_group.is_deletable:
+                continue
+            for cookie in cookie_group.cookie_set.all():
+                self.response.delete_cookie(cookie.name, cookie.path, cookie.domain)

cookie_consent/static/cookie_consent/cookiebar.module.js

@@ -25,14 +25,19 @@ var FetchClient = class {
     }
     return this.cookieStatus;
   }
-  async saveCookiesStatusBackend(urlProperty) {
+  async saveCookiesStatusBackend(urlProperty, cookieGroups) {
     const cookieStatus = await this.getCookieStatus();
     const url = cookieStatus[urlProperty];
     if (!url) {
       throw new Error(`Missing url for ${urlProperty} - was the cookie status not loaded properly?`);
     }
+    const formData = new FormData();
+    for (const group of cookieGroups) {
+      formData.append("cookie_groups", group.varname);
+    }
     await window.fetch(url, {
       method: "POST",
+      body: formData,
       credentials: "same-origin",
       headers: {
         ...DEFAULT_FETCH_HEADERS,
@@ -71,7 +76,7 @@ var registerEvents = ({
       event.preventDefault();
       const acceptedGroups = filterCookieGroups(cookieGroups, accepted.concat(undecided));
       onAccept == null ? void 0 : onAccept(acceptedGroups, event);
-      client.saveCookiesStatusBackend("acceptUrl");
+      client.saveCookiesStatusBackend("acceptUrl", acceptedGroups);
       cookieBarNode.parentNode.removeChild(cookieBarNode);
     });
   }
@@ -81,7 +86,7 @@ var registerEvents = ({
       event.preventDefault();
       const declinedGroups = filterCookieGroups(cookieGroups, declined.concat(undecided));
       onDecline == null ? void 0 : onDecline(declinedGroups, event);
-      client.saveCookiesStatusBackend("declineUrl");
+      client.saveCookiesStatusBackend("declineUrl", declinedGroups);
       cookieBarNode.parentNode.removeChild(cookieBarNode);
     });
   }

cookie_consent/static/cookie_consent/cookiebar.module.js.map

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../js/src/cookiebar.ts"],
-  "sourcesContent": ["/**\n * Cookiebar functionality, as a TS/JS module.\n *\n * About modules: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Modules\n *\n * The code is organized here in a way to make the templates work with Django's page\n * cache. This means that anything user-specific (so different django session and even\n * cookie consent cookies) cannot be baked into the templates, as that breaks caches.\n *\n * The cookie bar operates on the following principles:\n *\n * - The developer using the library includes the desired template in their django\n *   templates, using the HTML <template> element. This contains the content for the\n *   cookie bar.\n * - The developer is responsible for loading some Javascript that loads this script.\n * - The main export of this script needs to be called (showCookieBar), with the\n *   appropriate options.\n * - The options include the backend URLs where the retrieve data, which selectors/DOM\n *   nodes to use for various functionality and the hooks to tap into the accept/decline\n *   life-cycle.\n * - When a user accepts or declines (all) cookies, the call to the backend is made via\n *   a fetch request, bypassing any page caches and preventing full-page reloads.\n */\n\n/**\n * A serialized cookie group.\n *\n * See the backend model method `CookieGroup.as_json()`.\n */\nexport interface CookieGroup {\n  varname: string;\n  name: string;\n  description: string;\n  is_required: boolean;\n}\n\nexport interface Options {\n  statusUrl: string;\n  // TODO: also accept element rather than selector?\n  templateSelector: string;\n  /**\n   * DOM selector to the (script) tag holding the JSON-serialized cookie groups.\n   *\n   * This is typically rendered in a template with a template tag, e.g.\n   *\n   * ```django\n   * {% all_cookie_groups 'cookie-consent__cookie-groups' %}\n   * ```\n   *\n   * resulting in the selector: `'#cookie-consent__cookie-groups'`.\n   */\n  cookieGroupsSelector: string;\n  acceptSelector: string;\n  declineSelector: string;\n  /**\n   * Either a string (selector), DOMNode or null.\n   *\n   * If null, the bar is appended to the body. If provided, the node is used or looked\n   * up.\n   */\n  insertBefore: string | HTMLElement | null;\n  /**\n   * Optional callback for when the cookie bar is being shown.\n   *\n   * You can use this to add a CSS class name to the body, for example.\n   */\n  onShow?: () => void;\n  /**\n   * Optional callback called when cookies are accepted.\n   */\n  onAccept?: (acceptedGroups: CookieGroup[], event?: MouseEvent) => void;\n  /**\n   * Optional callback called when cookies are accepted.\n   */\n  onDecline?: (declinedGroups: CookieGroup[], event?: MouseEvent) => void;\n  /**\n   * Name of the header to use for the CSRF token.\n   *\n   * If needed, this can be read/set via `settings.CSRF_HEADER_NAME` in the backend.\n   */\n  csrfHeaderName: string;\n};\n\nexport interface CookieStatus {\n  csrftoken: string;\n  /**\n   * Backend endpoint to POST to to accept the cookie groups.\n   */\n  acceptUrl: string;\n  /**\n   * Backend endpoint to POST to to decline the cookie groups.\n   */\n  declineUrl: string;\n  /**\n   * Array of accepted cookie group varnames.\n   */\n  acceptedCookieGroups: string[];\n  /**\n   * Array of declined cookie group varnames.\n   */\n  declinedCookieGroups: string[];\n  /**\n   * Array of undecided cookie group varnames.\n   */\n  notAcceptedOrDeclinedCookieGroups: string[];\n}\n\nconst DEFAULT_FETCH_HEADERS: Record<string, string> = {\n  'X-Cookie-Consent-Fetch': '1'\n};\n\n/**\n * A simple wrapper around window.fetch that understands the django-cookie-consent\n * backend endpoints.\n *\n * @private - while exported, use at your own risk. This class is not part of the\n * public API covered by SemVer.\n */\nexport class FetchClient {\n  protected statusUrl: string;\n  protected csrfHeaderName: string;\n  protected cookieStatus: CookieStatus | null;\n\n  constructor(statusUrl: string, csrfHeaderName: string) {\n    this.statusUrl = statusUrl;\n    this.csrfHeaderName = csrfHeaderName;\n    this.cookieStatus = null;\n  }\n\n  async getCookieStatus(): Promise<CookieStatus> {\n    if (this.cookieStatus === null) {\n      const response = await window.fetch(\n        this.statusUrl,\n        {\n          method: 'GET',\n          credentials: 'same-origin',\n          headers: DEFAULT_FETCH_HEADERS,\n        }\n      );\n      this.cookieStatus = await response.json();\n    }\n\n    // type checker sanity check\n    if (this.cookieStatus === null) {\n      throw new Error('Unexpectedly received null cookie status');\n    }\n    return this.cookieStatus;\n  };\n\n  async saveCookiesStatusBackend (urlProperty: 'acceptUrl' | 'declineUrl') {\n    const cookieStatus = await this.getCookieStatus();\n    const url = cookieStatus[urlProperty];\n    if (!url) {\n      throw new Error(`Missing url for ${urlProperty} - was the cookie status not loaded properly?`);\n    }\n\n    await window.fetch(url, {\n      method: 'POST',\n      credentials: 'same-origin',\n      headers: {\n        ...DEFAULT_FETCH_HEADERS,\n        [this.csrfHeaderName]: cookieStatus.csrftoken\n      }\n    });\n  }\n}\n\n/**\n * Read the JSON script node contents and parse the content as JSON.\n *\n * The result is the list of available/configured cookie groups.\n * Use the status URL to get the accepted/declined status for an individual user.\n */\nexport const loadCookieGroups = (selector: string): CookieGroup[] => {\n  const node = document.querySelector<HTMLScriptElement>(selector);\n  if (!node) {\n    throw new Error(`No cookie groups (script) tag found, using selector: '${selector}'`);\n  }\n  return JSON.parse(node.innerText);\n};\n\nconst doInsertBefore = (beforeNode: HTMLElement, newNode: Node): void => {\n  const parent = beforeNode.parentNode;\n  if (parent === null) throw new Error('Reference node doesn\\'t have a parent.');\n  parent.insertBefore(newNode, beforeNode);\n}\n\ntype RegisterEventsOptions = Pick<\n  Options,\n  'acceptSelector' | 'onAccept' | 'declineSelector' | 'onDecline'\n> & Pick<\n  CookieStatus,\n  'acceptedCookieGroups' | 'declinedCookieGroups' | 'notAcceptedOrDeclinedCookieGroups'\n> & {\n  client: FetchClient,\n  cookieBarNode: Element;\n  cookieGroups: CookieGroup[];\n}\n\n/**\n * Register the accept/decline event handlers.\n *\n * Note that we can't just set the decline or accept cookie purely client-side, as the\n * cookie possibly has the httpOnly flag set.\n */\nconst registerEvents = ({\n  client,\n  cookieBarNode,\n  cookieGroups,\n  acceptSelector,\n  onAccept,\n  declineSelector,\n  onDecline,\n  acceptedCookieGroups: accepted,\n  declinedCookieGroups: declined,\n  notAcceptedOrDeclinedCookieGroups: undecided,\n}: RegisterEventsOptions): void => {\n\n  const acceptNode = cookieBarNode.querySelector<HTMLElement>(acceptSelector);\n  if (acceptNode) {\n    acceptNode.addEventListener('click', event => {\n      event.preventDefault();\n      const acceptedGroups = filterCookieGroups(cookieGroups, accepted.concat(undecided));\n      onAccept?.(acceptedGroups, event);\n      // trigger async action, but don't wait for completion\n      client.saveCookiesStatusBackend('acceptUrl');\n      cookieBarNode.parentNode!.removeChild(cookieBarNode);\n    });\n  }\n\n  const declineNode = cookieBarNode.querySelector<HTMLElement>(declineSelector);\n  if (declineNode) {\n    declineNode.addEventListener('click', event => {\n      event.preventDefault();\n      const declinedGroups = filterCookieGroups(cookieGroups, declined.concat(undecided));\n      onDecline?.(declinedGroups, event);\n      // trigger async action, but don't wait for completion\n      client.saveCookiesStatusBackend('declineUrl');\n      cookieBarNode.parentNode!.removeChild(cookieBarNode);\n    });\n  }\n};\n\n/**\n * Filter the cookie groups down to a subset of specified varnames.\n */\nconst filterCookieGroups = (cookieGroups: CookieGroup[], varNames: string[]) => {\n  return cookieGroups.filter(group => varNames.includes(group.varname));\n};\n\n// See https://github.com/microsoft/TypeScript/issues/283\nfunction cloneNode<T extends Node>(node: T) {\n  return <T>node.cloneNode(true);\n}\n\nexport const showCookieBar = async (options: Partial<Options> = {}): Promise<void> => {\n  const {\n    templateSelector = '#cookie-consent__cookie-bar',\n    cookieGroupsSelector = '#cookie-consent__cookie-groups',\n    acceptSelector = '.cookie-consent__accept',\n    declineSelector = '.cookie-consent__decline',\n    insertBefore = null,\n    onShow,\n    onAccept,\n    onDecline,\n    statusUrl = '',\n    csrfHeaderName = 'X-CSRFToken', // Django's default, can be overridden with settings.CSRF_HEADER_NAME\n  } = options;\n\n  const cookieGroups = loadCookieGroups(cookieGroupsSelector);\n\n  // no cookie groups -> abort, nothing to do\n  if (!cookieGroups.length) return;\n\n  const templateNode = document.querySelector<HTMLTemplateElement>(templateSelector);\n  if (!templateNode) {\n    throw new Error(`No (template) element found for selector '${templateSelector}'.`)\n  }\n\n  // insert before a given node, if specified, or append to the body as default behaviour\n  const doInsert = insertBefore === null\n    ? (cookieBarNode: Node) => document.querySelector('body')!.appendChild(cookieBarNode)\n    : typeof insertBefore === 'string'\n      ? (cookieBarNode: Node) => {\n        const referenceNode = document.querySelector<HTMLElement>(insertBefore);\n        if (referenceNode === null) throw new Error(`No element found for selector '${insertBefore}'.`)\n        doInsertBefore(referenceNode, cookieBarNode);\n      }\n      : (cookieBarNode: Node) => doInsertBefore(insertBefore, cookieBarNode)\n  ;\n\n  if (!statusUrl) throw new Error('Missing status URL option, did you forget to pass the `statusUrl` option?');\n\n  const client = new FetchClient(statusUrl, csrfHeaderName);\n  const cookieStatus = await client.getCookieStatus();\n\n  // calculate the cookie groups to invoke the callbacks. We deliberately fire those\n  // without awaiting so that our cookie bar is shown/hidden as soon as possible.\n  const {\n    acceptedCookieGroups,\n    declinedCookieGroups,\n    notAcceptedOrDeclinedCookieGroups\n  } = cookieStatus;\n\n  const acceptedGroups = filterCookieGroups(cookieGroups, acceptedCookieGroups);\n  if (acceptedGroups.length) onAccept?.(acceptedGroups);\n  const declinedGroups = filterCookieGroups(cookieGroups, declinedCookieGroups);\n  if (declinedGroups.length) onDecline?.(declinedGroups);\n\n  // there are no (more) cookie groups to accept, don't show the bar\n  if (!notAcceptedOrDeclinedCookieGroups.length) return;\n\n  // grab the contents from the template node and add them to the DOM, optionally\n  // calling the onShow callback\n  const childToClone = templateNode.content.firstElementChild;\n  if (childToClone === null) throw new Error('The cookie bar template element may not be empty.');\n  const cookieBarNode = cloneNode(childToClone);\n  registerEvents({\n    client,\n    cookieBarNode,\n    cookieGroups,\n    acceptSelector,\n    onAccept,\n    declineSelector,\n    onDecline,\n    acceptedCookieGroups,\n    declinedCookieGroups,\n    notAcceptedOrDeclinedCookieGroups,\n  });\n  doInsert(cookieBarNode);\n  onShow?.();\n};\n"],
-  "mappings": ";AA2GA,IAAM,wBAAgD;AAAA,EACpD,0BAA0B;AAC5B;AASO,IAAM,cAAN,MAAkB;AAAA,EAKvB,YAAY,WAAmB,gBAAwB;AACrD,SAAK,YAAY;AACjB,SAAK,iBAAiB;AACtB,SAAK,eAAe;AAAA,EACtB;AAAA,EAEA,MAAM,kBAAyC;AAC7C,QAAI,KAAK,iBAAiB,MAAM;AAC9B,YAAM,WAAW,MAAM,OAAO;AAAA,QAC5B,KAAK;AAAA,QACL;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,QACX;AAAA,MACF;AACA,WAAK,eAAe,MAAM,SAAS,KAAK;AAAA,IAC1C;AAGA,QAAI,KAAK,iBAAiB,MAAM;AAC9B,YAAM,IAAI,MAAM,0CAA0C;AAAA,IAC5D;AACA,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAM,yBAA0B,aAAyC;AACvE,UAAM,eAAe,MAAM,KAAK,gBAAgB;AAChD,UAAM,MAAM,aAAa,WAAW;AACpC,QAAI,CAAC,KAAK;AACR,YAAM,IAAI,MAAM,mBAAmB,WAAW,+CAA+C;AAAA,IAC/F;AAEA,UAAM,OAAO,MAAM,KAAK;AAAA,MACtB,QAAQ;AAAA,MACR,aAAa;AAAA,MACb,SAAS;AAAA,QACP,GAAG;AAAA,QACH,CAAC,KAAK,cAAc,GAAG,aAAa;AAAA,MACtC;AAAA,IACF,CAAC;AAAA,EACH;AACF;AAQO,IAAM,mBAAmB,CAAC,aAAoC;AACnE,QAAM,OAAO,SAAS,cAAiC,QAAQ;AAC/D,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,MAAM,yDAAyD,QAAQ,GAAG;AAAA,EACtF;AACA,SAAO,KAAK,MAAM,KAAK,SAAS;AAClC;AAEA,IAAM,iBAAiB,CAAC,YAAyB,YAAwB;AACvE,QAAM,SAAS,WAAW;AAC1B,MAAI,WAAW,KAAM,OAAM,IAAI,MAAM,uCAAwC;AAC7E,SAAO,aAAa,SAAS,UAAU;AACzC;AAoBA,IAAM,iBAAiB,CAAC;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,sBAAsB;AAAA,EACtB,sBAAsB;AAAA,EACtB,mCAAmC;AACrC,MAAmC;AAEjC,QAAM,aAAa,cAAc,cAA2B,cAAc;AAC1E,MAAI,YAAY;AACd,eAAW,iBAAiB,SAAS,WAAS;AAC5C,YAAM,eAAe;AACrB,YAAM,iBAAiB,mBAAmB,cAAc,SAAS,OAAO,SAAS,CAAC;AAClF,2CAAW,gBAAgB;AAE3B,aAAO,yBAAyB,WAAW;AAC3C,oBAAc,WAAY,YAAY,aAAa;AAAA,IACrD,CAAC;AAAA,EACH;AAEA,QAAM,cAAc,cAAc,cAA2B,eAAe;AAC5E,MAAI,aAAa;AACf,gBAAY,iBAAiB,SAAS,WAAS;AAC7C,YAAM,eAAe;AACrB,YAAM,iBAAiB,mBAAmB,cAAc,SAAS,OAAO,SAAS,CAAC;AAClF,6CAAY,gBAAgB;AAE5B,aAAO,yBAAyB,YAAY;AAC5C,oBAAc,WAAY,YAAY,aAAa;AAAA,IACrD,CAAC;AAAA,EACH;AACF;AAKA,IAAM,qBAAqB,CAAC,cAA6B,aAAuB;AAC9E,SAAO,aAAa,OAAO,WAAS,SAAS,SAAS,MAAM,OAAO,CAAC;AACtE;AAGA,SAAS,UAA0B,MAAS;AAC1C,SAAU,KAAK,UAAU,IAAI;AAC/B;AAEO,IAAM,gBAAgB,OAAO,UAA4B,CAAC,MAAqB;AACpF,QAAM;AAAA,IACJ,mBAAmB;AAAA,IACnB,uBAAuB;AAAA,IACvB,iBAAiB;AAAA,IACjB,kBAAkB;AAAA,IAClB,eAAe;AAAA,IACf;AAAA,IACA;AAAA,IACA;AAAA,IACA,YAAY;AAAA,IACZ,iBAAiB;AAAA;AAAA,EACnB,IAAI;AAEJ,QAAM,eAAe,iBAAiB,oBAAoB;AAG1D,MAAI,CAAC,aAAa,OAAQ;AAE1B,QAAM,eAAe,SAAS,cAAmC,gBAAgB;AACjF,MAAI,CAAC,cAAc;AACjB,UAAM,IAAI,MAAM,6CAA6C,gBAAgB,IAAI;AAAA,EACnF;AAGA,QAAM,WAAW,iBAAiB,OAC9B,CAACA,mBAAwB,SAAS,cAAc,MAAM,EAAG,YAAYA,cAAa,IAClF,OAAO,iBAAiB,WACtB,CAACA,mBAAwB;AACzB,UAAM,gBAAgB,SAAS,cAA2B,YAAY;AACtE,QAAI,kBAAkB,KAAM,OAAM,IAAI,MAAM,kCAAkC,YAAY,IAAI;AAC9F,mBAAe,eAAeA,cAAa;AAAA,EAC7C,IACE,CAACA,mBAAwB,eAAe,cAAcA,cAAa;AAGzE,MAAI,CAAC,UAAW,OAAM,IAAI,MAAM,2EAA2E;AAE3G,QAAM,SAAS,IAAI,YAAY,WAAW,cAAc;AACxD,QAAM,eAAe,MAAM,OAAO,gBAAgB;AAIlD,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,EACF,IAAI;AAEJ,QAAM,iBAAiB,mBAAmB,cAAc,oBAAoB;AAC5E,MAAI,eAAe,OAAQ,sCAAW;AACtC,QAAM,iBAAiB,mBAAmB,cAAc,oBAAoB;AAC5E,MAAI,eAAe,OAAQ,wCAAY;AAGvC,MAAI,CAAC,kCAAkC,OAAQ;AAI/C,QAAM,eAAe,aAAa,QAAQ;AAC1C,MAAI,iBAAiB,KAAM,OAAM,IAAI,MAAM,mDAAmD;AAC9F,QAAM,gBAAgB,UAAU,YAAY;AAC5C,iBAAe;AAAA,IACb;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,WAAS,aAAa;AACtB;AACF;",
+  "sourcesContent": ["/**\n * Cookiebar functionality, as a TS/JS module.\n *\n * About modules: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Modules\n *\n * The code is organized here in a way to make the templates work with Django's page\n * cache. This means that anything user-specific (so different django session and even\n * cookie consent cookies) cannot be baked into the templates, as that breaks caches.\n *\n * The cookie bar operates on the following principles:\n *\n * - The developer using the library includes the desired template in their django\n *   templates, using the HTML <template> element. This contains the content for the\n *   cookie bar.\n * - The developer is responsible for loading some Javascript that loads this script.\n * - The main export of this script needs to be called (showCookieBar), with the\n *   appropriate options.\n * - The options include the backend URLs where the retrieve data, which selectors/DOM\n *   nodes to use for various functionality and the hooks to tap into the accept/decline\n *   life-cycle.\n * - When a user accepts or declines (all) cookies, the call to the backend is made via\n *   a fetch request, bypassing any page caches and preventing full-page reloads.\n */\n\n/**\n * A serialized cookie group.\n *\n * See the backend model method `CookieGroup.as_json()`.\n */\nexport interface CookieGroup {\n  varname: string;\n  name: string;\n  description: string;\n  is_required: boolean;\n}\n\nexport interface Options {\n  statusUrl: string;\n  // TODO: also accept element rather than selector?\n  templateSelector: string;\n  /**\n   * DOM selector to the (script) tag holding the JSON-serialized cookie groups.\n   *\n   * This is typically rendered in a template with a template tag, e.g.\n   *\n   * ```django\n   * {% all_cookie_groups 'cookie-consent__cookie-groups' %}\n   * ```\n   *\n   * resulting in the selector: `'#cookie-consent__cookie-groups'`.\n   */\n  cookieGroupsSelector: string;\n  acceptSelector: string;\n  declineSelector: string;\n  /**\n   * Either a string (selector), DOMNode or null.\n   *\n   * If null, the bar is appended to the body. If provided, the node is used or looked\n   * up.\n   */\n  insertBefore: string | HTMLElement | null;\n  /**\n   * Optional callback for when the cookie bar is being shown.\n   *\n   * You can use this to add a CSS class name to the body, for example.\n   */\n  onShow?: () => void;\n  /**\n   * Optional callback called when cookies are accepted.\n   */\n  onAccept?: (acceptedGroups: CookieGroup[], event?: MouseEvent) => void;\n  /**\n   * Optional callback called when cookies are accepted.\n   */\n  onDecline?: (declinedGroups: CookieGroup[], event?: MouseEvent) => void;\n  /**\n   * Name of the header to use for the CSRF token.\n   *\n   * If needed, this can be read/set via `settings.CSRF_HEADER_NAME` in the backend.\n   */\n  csrfHeaderName: string;\n};\n\nexport interface CookieStatus {\n  csrftoken: string;\n  /**\n   * Backend endpoint to POST to to accept the cookie groups.\n   */\n  acceptUrl: string;\n  /**\n   * Backend endpoint to POST to to decline the cookie groups.\n   */\n  declineUrl: string;\n  /**\n   * Array of accepted cookie group varnames.\n   */\n  acceptedCookieGroups: string[];\n  /**\n   * Array of declined cookie group varnames.\n   */\n  declinedCookieGroups: string[];\n  /**\n   * Array of undecided cookie group varnames.\n   */\n  notAcceptedOrDeclinedCookieGroups: string[];\n}\n\nconst DEFAULT_FETCH_HEADERS: Record<string, string> = {\n  'X-Cookie-Consent-Fetch': '1'\n};\n\n/**\n * A simple wrapper around window.fetch that understands the django-cookie-consent\n * backend endpoints.\n *\n * @private - while exported, use at your own risk. This class is not part of the\n * public API covered by SemVer.\n */\nexport class FetchClient {\n  protected statusUrl: string;\n  protected csrfHeaderName: string;\n  protected cookieStatus: CookieStatus | null;\n\n  constructor(statusUrl: string, csrfHeaderName: string) {\n    this.statusUrl = statusUrl;\n    this.csrfHeaderName = csrfHeaderName;\n    this.cookieStatus = null;\n  }\n\n  async getCookieStatus(): Promise<CookieStatus> {\n    if (this.cookieStatus === null) {\n      const response = await window.fetch(\n        this.statusUrl,\n        {\n          method: 'GET',\n          credentials: 'same-origin',\n          headers: DEFAULT_FETCH_HEADERS,\n        }\n      );\n      this.cookieStatus = await response.json();\n    }\n\n    // type checker sanity check\n    if (this.cookieStatus === null) {\n      throw new Error('Unexpectedly received null cookie status');\n    }\n    return this.cookieStatus;\n  };\n\n  async saveCookiesStatusBackend (\n    urlProperty: 'acceptUrl' | 'declineUrl',\n    cookieGroups: CookieGroup[],\n  ) {\n    const cookieStatus = await this.getCookieStatus();\n    const url = cookieStatus[urlProperty];\n    if (!url) {\n      throw new Error(`Missing url for ${urlProperty} - was the cookie status not loaded properly?`);\n    }\n\n    const formData = new FormData();\n    for (const group of cookieGroups) {\n      formData.append('cookie_groups', group.varname);\n    }\n\n    await window.fetch(url, {\n      method: 'POST',\n      body: formData,\n      credentials: 'same-origin',\n      headers: {\n        ...DEFAULT_FETCH_HEADERS,\n        [this.csrfHeaderName]: cookieStatus.csrftoken\n      }\n    });\n  }\n}\n\n/**\n * Read the JSON script node contents and parse the content as JSON.\n *\n * The result is the list of available/configured cookie groups.\n * Use the status URL to get the accepted/declined status for an individual user.\n */\nexport const loadCookieGroups = (selector: string): CookieGroup[] => {\n  const node = document.querySelector<HTMLScriptElement>(selector);\n  if (!node) {\n    throw new Error(`No cookie groups (script) tag found, using selector: '${selector}'`);\n  }\n  return JSON.parse(node.innerText);\n};\n\nconst doInsertBefore = (beforeNode: HTMLElement, newNode: Node): void => {\n  const parent = beforeNode.parentNode;\n  if (parent === null) throw new Error('Reference node doesn\\'t have a parent.');\n  parent.insertBefore(newNode, beforeNode);\n}\n\ntype RegisterEventsOptions = Pick<\n  Options,\n  'acceptSelector' | 'onAccept' | 'declineSelector' | 'onDecline'\n> & Pick<\n  CookieStatus,\n  'acceptedCookieGroups' | 'declinedCookieGroups' | 'notAcceptedOrDeclinedCookieGroups'\n> & {\n  client: FetchClient,\n  cookieBarNode: Element;\n  cookieGroups: CookieGroup[];\n}\n\n/**\n * Register the accept/decline event handlers.\n *\n * Note that we can't just set the decline or accept cookie purely client-side, as the\n * cookie possibly has the httpOnly flag set.\n */\nconst registerEvents = ({\n  client,\n  cookieBarNode,\n  cookieGroups,\n  acceptSelector,\n  onAccept,\n  declineSelector,\n  onDecline,\n  acceptedCookieGroups: accepted,\n  declinedCookieGroups: declined,\n  notAcceptedOrDeclinedCookieGroups: undecided,\n}: RegisterEventsOptions): void => {\n\n  const acceptNode = cookieBarNode.querySelector<HTMLElement>(acceptSelector);\n  if (acceptNode) {\n    acceptNode.addEventListener('click', event => {\n      event.preventDefault();\n      const acceptedGroups = filterCookieGroups(cookieGroups, accepted.concat(undecided));\n      onAccept?.(acceptedGroups, event);\n      // trigger async action, but don't wait for completion\n      client.saveCookiesStatusBackend('acceptUrl', acceptedGroups);\n      cookieBarNode.parentNode!.removeChild(cookieBarNode);\n    });\n  }\n\n  const declineNode = cookieBarNode.querySelector<HTMLElement>(declineSelector);\n  if (declineNode) {\n    declineNode.addEventListener('click', event => {\n      event.preventDefault();\n      const declinedGroups = filterCookieGroups(cookieGroups, declined.concat(undecided));\n      onDecline?.(declinedGroups, event);\n      // trigger async action, but don't wait for completion\n      client.saveCookiesStatusBackend('declineUrl', declinedGroups);\n      cookieBarNode.parentNode!.removeChild(cookieBarNode);\n    });\n  }\n};\n\n/**\n * Filter the cookie groups down to a subset of specified varnames.\n */\nconst filterCookieGroups = (cookieGroups: CookieGroup[], varNames: string[]) => {\n  return cookieGroups.filter(group => varNames.includes(group.varname));\n};\n\n// See https://github.com/microsoft/TypeScript/issues/283\nfunction cloneNode<T extends Node>(node: T) {\n  return <T>node.cloneNode(true);\n}\n\nexport const showCookieBar = async (options: Partial<Options> = {}): Promise<void> => {\n  const {\n    templateSelector = '#cookie-consent__cookie-bar',\n    cookieGroupsSelector = '#cookie-consent__cookie-groups',\n    acceptSelector = '.cookie-consent__accept',\n    declineSelector = '.cookie-consent__decline',\n    insertBefore = null,\n    onShow,\n    onAccept,\n    onDecline,\n    statusUrl = '',\n    csrfHeaderName = 'X-CSRFToken', // Django's default, can be overridden with settings.CSRF_HEADER_NAME\n  } = options;\n\n  const cookieGroups = loadCookieGroups(cookieGroupsSelector);\n\n  // no cookie groups -> abort, nothing to do\n  if (!cookieGroups.length) return;\n\n  const templateNode = document.querySelector<HTMLTemplateElement>(templateSelector);\n  if (!templateNode) {\n    throw new Error(`No (template) element found for selector '${templateSelector}'.`)\n  }\n\n  // insert before a given node, if specified, or append to the body as default behaviour\n  const doInsert = insertBefore === null\n    ? (cookieBarNode: Node) => document.querySelector('body')!.appendChild(cookieBarNode)\n    : typeof insertBefore === 'string'\n      ? (cookieBarNode: Node) => {\n        const referenceNode = document.querySelector<HTMLElement>(insertBefore);\n        if (referenceNode === null) throw new Error(`No element found for selector '${insertBefore}'.`)\n        doInsertBefore(referenceNode, cookieBarNode);\n      }\n      : (cookieBarNode: Node) => doInsertBefore(insertBefore, cookieBarNode)\n  ;\n\n  if (!statusUrl) throw new Error('Missing status URL option, did you forget to pass the `statusUrl` option?');\n\n  const client = new FetchClient(statusUrl, csrfHeaderName);\n  const cookieStatus = await client.getCookieStatus();\n\n  // calculate the cookie groups to invoke the callbacks. We deliberately fire those\n  // without awaiting so that our cookie bar is shown/hidden as soon as possible.\n  const {\n    acceptedCookieGroups,\n    declinedCookieGroups,\n    notAcceptedOrDeclinedCookieGroups\n  } = cookieStatus;\n\n  const acceptedGroups = filterCookieGroups(cookieGroups, acceptedCookieGroups);\n  if (acceptedGroups.length) onAccept?.(acceptedGroups);\n  const declinedGroups = filterCookieGroups(cookieGroups, declinedCookieGroups);\n  if (declinedGroups.length) onDecline?.(declinedGroups);\n\n  // there are no (more) cookie groups to accept, don't show the bar\n  if (!notAcceptedOrDeclinedCookieGroups.length) return;\n\n  // grab the contents from the template node and add them to the DOM, optionally\n  // calling the onShow callback\n  const childToClone = templateNode.content.firstElementChild;\n  if (childToClone === null) throw new Error('The cookie bar template element may not be empty.');\n  const cookieBarNode = cloneNode(childToClone);\n  registerEvents({\n    client,\n    cookieBarNode,\n    cookieGroups,\n    acceptSelector,\n    onAccept,\n    declineSelector,\n    onDecline,\n    acceptedCookieGroups,\n    declinedCookieGroups,\n    notAcceptedOrDeclinedCookieGroups,\n  });\n  doInsert(cookieBarNode);\n  onShow?.();\n};\n"],
+  "mappings": ";AA2GA,IAAM,wBAAgD;AAAA,EACpD,0BAA0B;AAC5B;AASO,IAAM,cAAN,MAAkB;AAAA,EAKvB,YAAY,WAAmB,gBAAwB;AACrD,SAAK,YAAY;AACjB,SAAK,iBAAiB;AACtB,SAAK,eAAe;AAAA,EACtB;AAAA,EAEA,MAAM,kBAAyC;AAC7C,QAAI,KAAK,iBAAiB,MAAM;AAC9B,YAAM,WAAW,MAAM,OAAO;AAAA,QAC5B,KAAK;AAAA,QACL;AAAA,UACE,QAAQ;AAAA,UACR,aAAa;AAAA,UACb,SAAS;AAAA,QACX;AAAA,MACF;AACA,WAAK,eAAe,MAAM,SAAS,KAAK;AAAA,IAC1C;AAGA,QAAI,KAAK,iBAAiB,MAAM;AAC9B,YAAM,IAAI,MAAM,0CAA0C;AAAA,IAC5D;AACA,WAAO,KAAK;AAAA,EACd;AAAA,EAEA,MAAM,yBACJ,aACA,cACA;AACA,UAAM,eAAe,MAAM,KAAK,gBAAgB;AAChD,UAAM,MAAM,aAAa,WAAW;AACpC,QAAI,CAAC,KAAK;AACR,YAAM,IAAI,MAAM,mBAAmB,WAAW,+CAA+C;AAAA,IAC/F;AAEA,UAAM,WAAW,IAAI,SAAS;AAC9B,eAAW,SAAS,cAAc;AAChC,eAAS,OAAO,iBAAiB,MAAM,OAAO;AAAA,IAChD;AAEA,UAAM,OAAO,MAAM,KAAK;AAAA,MACtB,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,aAAa;AAAA,MACb,SAAS;AAAA,QACP,GAAG;AAAA,QACH,CAAC,KAAK,cAAc,GAAG,aAAa;AAAA,MACtC;AAAA,IACF,CAAC;AAAA,EACH;AACF;AAQO,IAAM,mBAAmB,CAAC,aAAoC;AACnE,QAAM,OAAO,SAAS,cAAiC,QAAQ;AAC/D,MAAI,CAAC,MAAM;AACT,UAAM,IAAI,MAAM,yDAAyD,QAAQ,GAAG;AAAA,EACtF;AACA,SAAO,KAAK,MAAM,KAAK,SAAS;AAClC;AAEA,IAAM,iBAAiB,CAAC,YAAyB,YAAwB;AACvE,QAAM,SAAS,WAAW;AAC1B,MAAI,WAAW,KAAM,OAAM,IAAI,MAAM,uCAAwC;AAC7E,SAAO,aAAa,SAAS,UAAU;AACzC;AAoBA,IAAM,iBAAiB,CAAC;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,sBAAsB;AAAA,EACtB,sBAAsB;AAAA,EACtB,mCAAmC;AACrC,MAAmC;AAEjC,QAAM,aAAa,cAAc,cAA2B,cAAc;AAC1E,MAAI,YAAY;AACd,eAAW,iBAAiB,SAAS,WAAS;AAC5C,YAAM,eAAe;AACrB,YAAM,iBAAiB,mBAAmB,cAAc,SAAS,OAAO,SAAS,CAAC;AAClF,2CAAW,gBAAgB;AAE3B,aAAO,yBAAyB,aAAa,cAAc;AAC3D,oBAAc,WAAY,YAAY,aAAa;AAAA,IACrD,CAAC;AAAA,EACH;AAEA,QAAM,cAAc,cAAc,cAA2B,eAAe;AAC5E,MAAI,aAAa;AACf,gBAAY,iBAAiB,SAAS,WAAS;AAC7C,YAAM,eAAe;AACrB,YAAM,iBAAiB,mBAAmB,cAAc,SAAS,OAAO,SAAS,CAAC;AAClF,6CAAY,gBAAgB;AAE5B,aAAO,yBAAyB,cAAc,cAAc;AAC5D,oBAAc,WAAY,YAAY,aAAa;AAAA,IACrD,CAAC;AAAA,EACH;AACF;AAKA,IAAM,qBAAqB,CAAC,cAA6B,aAAuB;AAC9E,SAAO,aAAa,OAAO,WAAS,SAAS,SAAS,MAAM,OAAO,CAAC;AACtE;AAGA,SAAS,UAA0B,MAAS;AAC1C,SAAU,KAAK,UAAU,IAAI;AAC/B;AAEO,IAAM,gBAAgB,OAAO,UAA4B,CAAC,MAAqB;AACpF,QAAM;AAAA,IACJ,mBAAmB;AAAA,IACnB,uBAAuB;AAAA,IACvB,iBAAiB;AAAA,IACjB,kBAAkB;AAAA,IAClB,eAAe;AAAA,IACf;AAAA,IACA;AAAA,IACA;AAAA,IACA,YAAY;AAAA,IACZ,iBAAiB;AAAA;AAAA,EACnB,IAAI;AAEJ,QAAM,eAAe,iBAAiB,oBAAoB;AAG1D,MAAI,CAAC,aAAa,OAAQ;AAE1B,QAAM,eAAe,SAAS,cAAmC,gBAAgB;AACjF,MAAI,CAAC,cAAc;AACjB,UAAM,IAAI,MAAM,6CAA6C,gBAAgB,IAAI;AAAA,EACnF;AAGA,QAAM,WAAW,iBAAiB,OAC9B,CAACA,mBAAwB,SAAS,cAAc,MAAM,EAAG,YAAYA,cAAa,IAClF,OAAO,iBAAiB,WACtB,CAACA,mBAAwB;AACzB,UAAM,gBAAgB,SAAS,cAA2B,YAAY;AACtE,QAAI,kBAAkB,KAAM,OAAM,IAAI,MAAM,kCAAkC,YAAY,IAAI;AAC9F,mBAAe,eAAeA,cAAa;AAAA,EAC7C,IACE,CAACA,mBAAwB,eAAe,cAAcA,cAAa;AAGzE,MAAI,CAAC,UAAW,OAAM,IAAI,MAAM,2EAA2E;AAE3G,QAAM,SAAS,IAAI,YAAY,WAAW,cAAc;AACxD,QAAM,eAAe,MAAM,OAAO,gBAAgB;AAIlD,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA;AAAA,EACF,IAAI;AAEJ,QAAM,iBAAiB,mBAAmB,cAAc,oBAAoB;AAC5E,MAAI,eAAe,OAAQ,sCAAW;AACtC,QAAM,iBAAiB,mBAAmB,cAAc,oBAAoB;AAC5E,MAAI,eAAe,OAAQ,wCAAY;AAGvC,MAAI,CAAC,kCAAkC,OAAQ;AAI/C,QAAM,eAAe,aAAa,QAAQ;AAC1C,MAAI,iBAAiB,KAAM,OAAM,IAAI,MAAM,mDAAmD;AAC9F,QAAM,gBAAgB,UAAU,YAAY;AAC5C,iBAAe;AAAA,IACb;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,WAAS,aAAa;AACtB;AACF;",
   "names": ["cookieBarNode"]
 }

cookie_consent/templates/cookie_consent/_cookie_group.html

@@ -11,8 +11,9 @@
        {% if request|cookie_group_accepted:cookie_group.varname %}
          <span class="cookie-consent-accepted">{% trans "Accepted" %}</span>
        {% else %}
-         <form class="cookie-consent-accept" action="{% url "cookie_consent_accept" cookie_group.varname %}" method="POST">
+         <form class="cookie-consent-accept" action="{% url "cookie_consent_accept" %}" method="post">
            {% csrf_token %}
+           <input type="hidden" name="cookie_groups" value="{{ cookie_group.varname }}">
            <input type="submit" value="{% trans "Accept" %}">
          </form>
        {% endif %}
@@ -20,8 +21,9 @@
        {% if request|cookie_group_declined:cookie_group.varname %}
          <span class="cookie-consent-declined">{% trans "Declined" %}</span>
        {% else %}
-         <form class="cookie-consent-decline" action="{% url "cookie_consent_decline" cookie_group.varname %}" method="POST">
+         <form class="cookie-consent-decline" action="{% url "cookie_consent_decline" %}" method="post">
            {% csrf_token %}
+           <input type="hidden" name="cookie_groups" value="{{ cookie_group.varname }}">
            <input type="submit" value="{% trans "Decline" %}">
          </form>
        {% endif %}

cookie_consent/templatetags/__init__.py

@@ -1,2 +1 @@
 #!/usr/bin/env python
-# -*- coding: utf-8 -*-