django-cookie-consent 0.8.0__tar.gz → 1.0.0__tar.gz

{django_cookie_consent-0.8.0 → django_cookie_consent-1.0.0}/MANIFEST.in

@@ -1,6 +1,7 @@
 include LICENSE
 include AUTHORS
 include README.md
+include cookie_consent/py.typed
 recursive-include cookie_consent/templates *
 recursive-include cookie_consent/static *
 recursive-include cookie_consent/fixtures *

django_cookie_consent-1.0.0/PKG-INFO

@@ -0,0 +1,96 @@
+Metadata-Version: 2.4
+Name: django-cookie-consent
+Version: 1.0.0
+Summary: Django cookie consent application
+Author-email: Informatika Mihelac <bmihelac@mihelac.org>
+License-Expression: BSD-2-Clause-first-lines
+Project-URL: Documentation, https://django-cookie-consent.readthedocs.io/en/latest/
+Project-URL: Changelog, https://github.com/django-commons/django-cookie-consent/blob/main/docs/changelog.rst
+Project-URL: Bug Tracker, https://github.com/django-commons/django-cookie-consent/issues
+Project-URL: Source Code, https://github.com/django-commons/django-cookie-consent
+Keywords: cookies,cookie-consent,cookie bar
+Classifier: Development Status :: 5 - Production/Stable
+Classifier: Framework :: Django
+Classifier: Framework :: Django :: 4.2
+Classifier: Framework :: Django :: 5.2
+Classifier: Framework :: Django :: 6.0
+Classifier: Intended Audience :: Developers
+Classifier: Operating System :: Unix
+Classifier: Operating System :: MacOS
+Classifier: Operating System :: Microsoft :: Windows
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: django>=4.2
+Requires-Dist: django-appconf
+Provides-Extra: tests
+Requires-Dist: pytest; extra == "tests"
+Requires-Dist: pytest-cov; extra == "tests"
+Requires-Dist: pytest-django; extra == "tests"
+Requires-Dist: pytest-playwright; extra == "tests"
+Requires-Dist: hypothesis; extra == "tests"
+Requires-Dist: tox; extra == "tests"
+Requires-Dist: ruff; extra == "tests"
+Provides-Extra: docs
+Requires-Dist: sphinx; extra == "docs"
+Requires-Dist: sphinx-rtd-theme; extra == "docs"
+Provides-Extra: release
+Requires-Dist: bump-my-version; extra == "release"
+Dynamic: license-file
+
+Django cookie consent
+=====================
+
+Manage cookie information and let visitors give or reject consent for them.
+
+![License](https://img.shields.io/pypi/l/django-cookie-consent)
+[![Build status][badge:GithubActions:CI]][GithubActions:CI]
+[![Code Quality][badge:GithubActions:CQ]][GithubActions:CQ]
+[![Code style: ruff][badge:ruff]][ruff]
+[![Test coverage][badge:codecov]][codecov]
+[![Documentation][badge:docs]][docs]
+
+![Supported python versions](https://img.shields.io/pypi/pyversions/django-cookie-consent)
+![Supported Django versions](https://img.shields.io/pypi/djversions/django-cookie-consent)
+[![PyPI version][badge:pypi]][pypi]
+[![NPM version][badge:npm]][npm]
+
+**Features**
+
+* cookies and cookie groups are stored in models for easy management
+  through Django admin interface
+* support for both opt-in and opt-out cookie consent schemes
+* removing declined cookies (or non accepted when opt-in scheme is used)
+* logging user actions when they accept and decline various cookies
+* easy adding new cookies and seamlessly re-asking for consent for new cookies
+
+Documentation
+-------------
+
+The documentation is hosted on [readthedocs][docs] and contains all instructions
+to get started.
+
+Alternatively, if the documentation is not available, you can consult or build the docs
+from the `docs` directory in this repository.
+
+[GithubActions:CI]: https://github.com/django-commons/django-cookie-consent/actions?query=workflow%3A%22Run+CI%22
+[badge:GithubActions:CI]: https://github.com/django-commons/django-cookie-consent/workflows/Run%20CI/badge.svg
+[GithubActions:CQ]: https://github.com/django-commons/django-cookie-consent/actions?query=workflow%3A%22Code+quality+checks%22
+[badge:GithubActions:CQ]: https://github.com/django-commons/django-cookie-consent/workflows/Code%20quality%20checks/badge.svg
+[ruff]: https://github.com/astral-sh/ruff
+[badge:ruff]: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json
+[codecov]: https://codecov.io/gh/django-commons/django-cookie-consent
+[badge:codecov]: https://codecov.io/gh/django-commons/django-cookie-consent/branch/main/graph/badge.svg
+[docs]: https://django-cookie-consent.readthedocs.io/en/latest/?badge=latest
+[badge:docs]: https://readthedocs.org/projects/django-cookie-consent/badge/?version=latest
+[pypi]: https://pypi.org/project/django-cookie-consent/
+[badge:pypi]: https://img.shields.io/pypi/v/django-cookie-consent.svg
+[npm]: https://www.npmjs.com/package/django-cookie-consent
+[badge:npm]: https://img.shields.io/npm/v/django-cookie-consent

{django_cookie_consent-0.8.0 → django_cookie_consent-1.0.0}/README.md

@@ -3,18 +3,17 @@ Django cookie consent
 
 Manage cookie information and let visitors give or reject consent for them.
 
-[![Jazzband][badge:jazzband]][jazzband]
-
 ![License](https://img.shields.io/pypi/l/django-cookie-consent)
 [![Build status][badge:GithubActions:CI]][GithubActions:CI]
 [![Code Quality][badge:GithubActions:CQ]][GithubActions:CQ]
-[![Code style: black][badge:black]][black]
+[![Code style: ruff][badge:ruff]][ruff]
 [![Test coverage][badge:codecov]][codecov]
 [![Documentation][badge:docs]][docs]
 
 ![Supported python versions](https://img.shields.io/pypi/pyversions/django-cookie-consent)
 ![Supported Django versions](https://img.shields.io/pypi/djversions/django-cookie-consent)
 [![PyPI version][badge:pypi]][pypi]
+[![NPM version][badge:npm]][npm]
 
 **Features**
 
@@ -34,17 +33,17 @@ to get started.
 Alternatively, if the documentation is not available, you can consult or build the docs
 from the `docs` directory in this repository.
 
-[jazzband]: https://jazzband.co/
-[badge:jazzband]: https://jazzband.co/static/img/badge.svg
-[GithubActions:CI]: https://github.com/jazzband/django-cookie-consent/actions?query=workflow%3A%22Run+CI%22
-[badge:GithubActions:CI]: https://github.com/jazzband/django-cookie-consent/workflows/Run%20CI/badge.svg
-[GithubActions:CQ]: https://github.com/jazzband/django-cookie-consent/actions?query=workflow%3A%22Code+quality+checks%22
-[badge:GithubActions:CQ]: https://github.com/jazzband/django-cookie-consent/workflows/Code%20quality%20checks/badge.svg
-[black]: https://github.com/psf/black
-[badge:black]: https://img.shields.io/badge/code%20style-black-000000.svg
-[codecov]: https://codecov.io/gh/jazzband/django-cookie-consent
-[badge:codecov]: https://codecov.io/gh/jazzband/django-cookie-consent/branch/master/graph/badge.svg
+[GithubActions:CI]: https://github.com/django-commons/django-cookie-consent/actions?query=workflow%3A%22Run+CI%22
+[badge:GithubActions:CI]: https://github.com/django-commons/django-cookie-consent/workflows/Run%20CI/badge.svg
+[GithubActions:CQ]: https://github.com/django-commons/django-cookie-consent/actions?query=workflow%3A%22Code+quality+checks%22
+[badge:GithubActions:CQ]: https://github.com/django-commons/django-cookie-consent/workflows/Code%20quality%20checks/badge.svg
+[ruff]: https://github.com/astral-sh/ruff
+[badge:ruff]: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json
+[codecov]: https://codecov.io/gh/django-commons/django-cookie-consent
+[badge:codecov]: https://codecov.io/gh/django-commons/django-cookie-consent/branch/main/graph/badge.svg
 [docs]: https://django-cookie-consent.readthedocs.io/en/latest/?badge=latest
 [badge:docs]: https://readthedocs.org/projects/django-cookie-consent/badge/?version=latest
 [pypi]: https://pypi.org/project/django-cookie-consent/
 [badge:pypi]: https://img.shields.io/pypi/v/django-cookie-consent.svg
+[npm]: https://www.npmjs.com/package/django-cookie-consent
+[badge:npm]: https://img.shields.io/npm/v/django-cookie-consent

django_cookie_consent-1.0.0/cookie_consent/__init__.py

@@ -0,0 +1 @@
+__version__ = "1.0.0"

django_cookie_consent-1.0.0/cookie_consent/admin.py

@@ -0,0 +1,65 @@
+from django.contrib import admin
+from django.db.models import Count
+from django.http.request import HttpRequest
+from django.templatetags.l10n import localize
+from django.templatetags.static import static
+from django.utils.html import format_html
+from django.utils.translation import gettext_lazy as _
+
+from .conf import settings
+from .models import Cookie, CookieGroup, LogItem
+
+
+@admin.register(Cookie)
+class CookieAdmin(admin.ModelAdmin):
+    list_display = ("varname", "name", "cookiegroup", "path", "domain", "get_version")
+    search_fields = ("name", "domain", "cookiegroup__varname", "cookiegroup__name")
+    readonly_fields = ("varname",)
+    list_filter = ("cookiegroup",)
+
+
+@admin.register(CookieGroup)
+class CookieGroupAdmin(admin.ModelAdmin):
+    list_display = (
+        "varname",
+        "name",
+        "is_required",
+        "is_deletable",
+        "num_cookies",
+        "get_version",
+    )
+    search_fields = (
+        "varname",
+        "name",
+    )
+    list_filter = (
+        "is_required",
+        "is_deletable",
+    )
+
+    def get_queryset(self, request: HttpRequest):
+        qs = super().get_queryset(request)
+        return qs.annotate(num_cookies=Count("cookie"))
+
+    @admin.display(ordering="num_cookies", description=_("# cookies"))
+    def num_cookies(self, obj: CookieGroup):
+        if (count := obj.num_cookies) > 0:
+            return localize(count)
+
+        return format_html(
+            '{count} <img src="{src}" alt="{alt}">',
+            count=localize(count),
+            src=static("admin/img/icon-alert.svg"),
+            alt=_("Warning icon for missing cookies in cookie group."),
+        )
+
+
+class LogItemAdmin(admin.ModelAdmin):
+    list_display = ("action", "cookiegroup", "version", "created")
+    list_filter = ("action", "cookiegroup")
+    readonly_fields = ("action", "cookiegroup", "version", "created")
+    date_hierarchy = "created"
+
+
+if settings.COOKIE_CONSENT_LOG_ENABLED:
+    admin.site.register(LogItem, LogItemAdmin)

{django_cookie_consent-0.8.0 → django_cookie_consent-1.0.0}/cookie_consent/cache.py

@@ -1,8 +1,9 @@
-# -*- coding: utf-8 -*-
+from collections.abc import Mapping
+
 from django.core.cache import caches
 
 from .conf import settings
-from .models import CookieGroup
+from .models import Cookie, CookieGroup
 
 CACHE_KEY = "cookie_consent_cache"
 CACHE_TIMEOUT = 60 * 60  # 60 minutes
@@ -19,17 +20,17 @@ def _get_cache():
     return caches[settings.COOKIE_CONSENT_CACHE_BACKEND]
 
 
-def delete_cache():
+def delete_cache() -> None:
     cache = _get_cache()
     cache.delete(CACHE_KEY)
 
 
-def _get_cookie_groups_from_db():
+def _get_cookie_groups_from_db() -> Mapping[str, CookieGroup]:
     qs = CookieGroup.objects.filter(is_required=False).prefetch_related("cookie_set")
     return qs.in_bulk(field_name="varname")
 
 
-def all_cookie_groups():
+def all_cookie_groups() -> Mapping[str, CookieGroup]:
     """
     Get all cookie groups that are optional.
 
@@ -37,16 +38,20 @@ def all_cookie_groups():
     cache miss.
     """
     cache = _get_cache()
-    return cache.get_or_set(
+    result = cache.get_or_set(
         CACHE_KEY, _get_cookie_groups_from_db, timeout=CACHE_TIMEOUT
     )
+    assert result is not None
+    return result
 
 
-def get_cookie_group(varname):
+def get_cookie_group(varname: str) -> CookieGroup | None:
     return all_cookie_groups().get(varname)
 
 
-def get_cookie(cookie_group, name, domain):
+def get_cookie(cookie_group: CookieGroup, name: str, domain: str) -> Cookie | None:
+    # loop over cookie set relation instead of doing a lookup query, as this should
+    # come from the cache and avoid hitting the database
     for cookie in cookie_group.cookie_set.all():
         if cookie.name == name and cookie.domain == domain:
             return cookie

django_cookie_consent-1.0.0/cookie_consent/conf.py

@@ -0,0 +1,35 @@
+from typing import Literal
+
+from django.conf import settings
+from django.urls import reverse_lazy
+from django.utils.functional import Promise
+
+from appconf import AppConf
+
+__all__ = ["settings"]
+
+
+class CookieConsentConf(AppConf):
+    # django-cookie-consent cookie settings that store the configuration
+    NAME: str = "cookie_consent"
+    # TODO: rename to AGE for parity with django settings
+    MAX_AGE: int = 60 * 60 * 24 * 365 * 1  # 1 year,
+    DOMAIN: str | None = None
+    SECURE: bool = False
+    HTTPONLY: bool = True
+    SAMESITE: Literal["Strict", "Lax", "None", False] = "Lax"
+
+    DECLINE: str = "-1"
+
+    ENABLED: bool = True
+
+    OPT_OUT: bool = False
+
+    CACHE_BACKEND: str = "default"
+
+    LOG_ENABLED: bool = True
+    """
+    DeprecationWarning: in future versions the default may switch to log disabled.
+    """
+
+    SUCCESS_URL: str | Promise = reverse_lazy("cookie_consent_cookie_group_list")

django_cookie_consent-1.0.0/cookie_consent/forms.py

@@ -0,0 +1,50 @@
+from collections.abc import Collection, Iterator
+
+from django import forms
+from django.utils.translation import gettext_lazy as _
+
+from .cache import all_cookie_groups
+from .models import CookieGroup
+
+
+def iter_cookie_group_choices() -> Iterator[tuple[str, str]]:
+    """
+    Use the cached cookie group instances to get a list of choices.
+    """
+    for varname, cookie_group in all_cookie_groups().items():
+        yield varname, cookie_group.name
+
+
+class CookieGroupsChoiceField(forms.TypedMultipleChoiceField):
+    def __init__(self, **kwargs):
+        kwargs["coerce"] = self._coerce_choice
+        kwargs["choices"] = iter_cookie_group_choices
+        super().__init__(**kwargs)
+
+    def _coerce_choice(self, varname: str) -> CookieGroup:
+        all_groups = all_cookie_groups()
+        return all_groups[varname]
+
+
+class ProcessCookiesForm(forms.Form):
+    all_groups = forms.BooleanField(
+        label=_("Apply to all cookie groups"),
+        required=False,
+    )
+    cookie_groups = CookieGroupsChoiceField(
+        label=_("Cookie group varnames"),
+        choices=iter_cookie_group_choices,
+        required=False,
+    )
+
+    def get_cookie_groups(self) -> Collection[CookieGroup]:
+        """
+        Build the collection of specified cookies.
+        """
+        match self.cleaned_data:
+            case {"all_groups": True}:
+                return all_cookie_groups().values()
+            case {"cookie_groups": [*groups]}:
+                return groups
+            case _:
+                return []

{django_cookie_consent-0.8.0 → django_cookie_consent-1.0.0}/cookie_consent/middleware.py

@@ -1,12 +1,13 @@
-# -*- coding: utf-8 -*-
-from typing import Optional
+from collections.abc import Callable
+
+from django.http import HttpRequest, HttpResponseBase
 
 from .cache import all_cookie_groups
 from .conf import settings
 from .util import get_cookie_dict_from_request, is_cookie_consent_enabled
 
 
-def _should_delete_cookie(group_version: Optional[str]) -> bool:
+def _should_delete_cookie(group_version: str | None) -> bool:
     # declined after it was accepted (and set) before
     if group_version == settings.COOKIE_CONSENT_DECLINE:
         return True
@@ -31,16 +32,16 @@ class CleanCookiesMiddleware:
     Note that this only applies if COOKIE_CONSENT_OPT_OUT is not set.
     """
 
-    def __init__(self, get_response):
+    def __init__(self, get_response: Callable[[HttpRequest], HttpResponseBase]):
         self.get_response = get_response
 
-    def __call__(self, request):
+    def __call__(self, request: HttpRequest):
         response = self.get_response(request)
         if is_cookie_consent_enabled(request):
             self.process_response(request, response)
         return response
 
-    def process_response(self, request, response):
+    def process_response(self, request: HttpRequest, response: HttpResponseBase):
         cookie_dic = get_cookie_dict_from_request(request)
 
         cookies_to_delete = []

{django_cookie_consent-0.8.0 → django_cookie_consent-1.0.0}/cookie_consent/migrations/0001_initial.py

@@ -68,7 +68,8 @@ class Migration(migrations.Migration):
                         validators=[
                             django.core.validators.RegexValidator(
                                 re.compile("^[-_a-zA-Z0-9]+$"),
-                                "Enter a valid 'varname' consisting of letters, numbers, underscores or hyphens.",
+                                "Enter a valid 'varname' consisting of letters, "
+                                "numbers, underscores or hyphens.",
                                 "invalid",
                             )
                         ],

{django_cookie_consent-0.8.0 → django_cookie_consent-1.0.0}/cookie_consent/migrations/0003_alter_cookiegroup_varname.py

@@ -7,7 +7,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("cookie_consent", "0002_auto__add_logitem"),
     ]
@@ -22,7 +21,8 @@ class Migration(migrations.Migration):
                 validators=[
                     django.core.validators.RegexValidator(
                         re.compile("^[-_a-zA-Z0-9]+$"),
-                        "Enter a valid 'varname' consisting of letters, numbers, underscores or hyphens.",
+                        "Enter a valid 'varname' consisting of letters, numbers, "
+                        "underscores or hyphens.",
                         "invalid",
                     )
                 ],

{django_cookie_consent-0.8.0 → django_cookie_consent-1.0.0}/cookie_consent/migrations/0004_cookie_natural_key.py

@@ -4,7 +4,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("cookie_consent", "0003_alter_cookiegroup_varname"),
     ]

{django_cookie_consent-0.8.0 → django_cookie_consent-1.0.0}/cookie_consent/models.py

@@ -1,6 +1,8 @@
-# -*- coding: utf-8 -*-
+from __future__ import annotations
+
 import re
-from typing import TypedDict
+from collections.abc import Callable
+from typing import ClassVar, ParamSpec, TypedDict, TypeVar
 
 from django.core.validators import RegexValidator
 from django.db import models
@@ -16,9 +18,12 @@ validate_cookie_name = RegexValidator(
     "invalid",
 )
 
+P = ParamSpec("P")
+T = TypeVar("T")
+
 
-def clear_cache_after(func):
-    def wrapper(*args, **kwargs):
+def clear_cache_after(func: Callable[P, T]) -> Callable[P, T]:
+    def wrapper(*args: P.args, **kwargs: P.kwargs):
         from .cache import delete_cache
 
         return_value = func(*args, **kwargs)
@@ -33,9 +38,8 @@ class CookieGroupDict(TypedDict):
     name: str
     description: str
     is_required: bool
-    # TODO: should we output this? page cache busting would be
-    # required if we do this. Alternatively, set up a JSONView to output these?
-    # version: str
+    # The version is deliberately not included because it requires page/view cache
+    # busting if a new cookie gets added to the group, which we don't control.
 
 
 class BaseQueryset(models.query.QuerySet):
@@ -49,7 +53,7 @@ class BaseQueryset(models.query.QuerySet):
 
 
 class CookieGroupManager(models.Manager.from_queryset(BaseQueryset)):
-    def get_by_natural_key(self, varname):
+    def get_by_natural_key(self, varname: str) -> CookieGroup:
         return self.get(varname=varname)
 
 
@@ -75,7 +79,8 @@ class CookieGroup(models.Model):
     ordering = models.IntegerField(_("Ordering"), default=0)
     created = models.DateTimeField(_("Created"), auto_now_add=True, blank=True)
 
-    objects = CookieGroupManager()
+    objects: ClassVar[CookieGroupManager] = CookieGroupManager()  # pyright: ignore[reportIncompatibleVariableOverride]
+    cookie_set: ClassVar[CookieManager]
 
     class Meta:
         verbose_name = _("Cookie Group")
@@ -93,11 +98,15 @@ class CookieGroup(models.Model):
     def delete(self, *args, **kwargs):
         return super().delete(*args, **kwargs)
 
-    def natural_key(self):
+    def natural_key(self) -> tuple[str]:
         return (self.varname,)
 
     def get_version(self) -> str:
         try:
+            # this relies on the cookie set being ordered by most-recently created
+            # first.
+            # Note that we don't use `.first()` as that's a new query and bypasses
+            # the cache.
             return str(self.cookie_set.all()[0].get_version())
         except IndexError:
             return ""
@@ -113,7 +122,7 @@ class CookieGroup(models.Model):
 
 
 class CookieManager(models.Manager.from_queryset(BaseQueryset)):
-    def get_by_natural_key(self, name, domain, cookiegroup):
+    def get_by_natural_key(self, name: str, domain: str, cookiegroup: str) -> Cookie:
         group = CookieGroup.objects.get_by_natural_key(cookiegroup)
         return self.get(cookiegroup=group, name=name, domain=domain)
 
@@ -144,7 +153,7 @@ class Cookie(models.Model):
         ordering = ["-created"]
 
     def __str__(self):
-        return "%s %s%s" % (self.name, self.domain, self.path)
+        return f"{self.name} {self.domain}{self.path}"
 
     @clear_cache_after
     def save(self, *args, **kwargs):
@@ -154,16 +163,17 @@ class Cookie(models.Model):
     def delete(self, *args, **kwargs):
         return super().delete(*args, **kwargs)
 
-    def natural_key(self):
+    def natural_key(self) -> tuple[str, str, str]:
         return (self.name, self.domain) + self.cookiegroup.natural_key()
 
-    natural_key.dependencies = ["cookie_consent.cookiegroup"]
+    natural_key.dependencies = ["cookie_consent.cookiegroup"]  # pyright: ignore[reportFunctionMemberAccess]
 
     @property
-    def varname(self):
-        return "%s=%s:%s" % (self.cookiegroup.varname, self.name, self.domain)
+    def varname(self) -> str:
+        group_varname = self.cookiegroup.varname
+        return f"{group_varname}={self.name}:{self.domain}"
 
-    def get_version(self):
+    def get_version(self) -> str:
         return self.created.isoformat()
 
 
@@ -185,10 +195,10 @@ class LogItem(models.Model):
     version = models.CharField(_("Version"), max_length=32)
     created = models.DateTimeField(_("Created"), auto_now_add=True, blank=True)
 
-    def __str__(self):
-        return "%s %s" % (self.cookiegroup.name, self.version)
-
     class Meta:
         verbose_name = _("Log item")
         verbose_name_plural = _("Log items")
         ordering = ["-created"]
+
+    def __str__(self):
+        return f"{self.cookiegroup.name} {self.version}"

django_cookie_consent-1.0.0/cookie_consent/processor.py

@@ -0,0 +1,77 @@
+from collections.abc import Collection
+from typing import Literal
+
+from django.http import HttpRequest, HttpResponseBase
+
+from .conf import settings
+from .models import ACTION_ACCEPTED, ACTION_DECLINED, CookieGroup, LogItem
+from .util import get_cookie_dict_from_request, set_cookie_dict_to_response
+
+
+class CookiesProcessor:
+    """
+    Process the accept/decline logic for cookie groups.
+    """
+
+    def __init__(self, request: HttpRequest, response: HttpResponseBase):
+        self.request = request
+        self.response = response
+
+    def process(
+        self,
+        cookie_groups: Collection[CookieGroup],
+        action: Literal["accept", "decline"],
+    ) -> None:
+        """
+        Apply ``action`` to the specified ``cookie_groups``.
+
+        Mutates the response by updating the cookie tracking the cookie group status. If
+        there are no cookie groups provided, nothing happens.
+        """
+        if not cookie_groups:
+            return
+
+        cookie_dic = get_cookie_dict_from_request(self.request)
+
+        match action:
+            case "accept":
+                for cookie_group in cookie_groups:
+                    cookie_dic[cookie_group.varname] = cookie_group.get_version()
+            case "decline":
+                self._delete_cookies(cookie_groups)
+                for cookie_group in cookie_groups:
+                    cookie_dic[cookie_group.varname] = settings.COOKIE_CONSENT_DECLINE
+
+        self._log_action(cookie_groups, action)
+        set_cookie_dict_to_response(self.response, cookie_dic)
+
+    def _log_action(
+        self,
+        cookie_groups: Collection[CookieGroup],
+        action: Literal["accept", "decline"],
+    ) -> None:
+        if not settings.COOKIE_CONSENT_LOG_ENABLED:
+            return
+        # TODO: replace with stdlib logging call/helper instead of creating DB records
+        # directly.
+
+        action_map: dict[Literal["accept", "decline"], int] = {
+            "accept": ACTION_ACCEPTED,
+            "decline": ACTION_DECLINED,
+        }
+        log_items: list[LogItem] = [
+            LogItem(
+                action=action_map[action],
+                cookiegroup=cookie_group,
+                version=cookie_group.get_version(),
+            )
+            for cookie_group in cookie_groups
+        ]
+        LogItem.objects.bulk_create(log_items)
+
+    def _delete_cookies(self, cookie_groups: Collection[CookieGroup]) -> None:
+        for cookie_group in cookie_groups:
+            if not cookie_group.is_deletable:
+                continue
+            for cookie in cookie_group.cookie_set.all():
+                self.response.delete_cookie(cookie.name, cookie.path, cookie.domain)