function authGetSiteKey() {
  const meta = document.querySelector('meta[name="site-key"]');
  if (meta && meta.content) return meta.content.trim();
  const bodyKey = document.body?.dataset?.siteKey;
  if (bodyKey) return bodyKey.trim();
  return window.location.hostname || "unknown";
}

function authBuildLoginUrl(siteKey) {
  const current = window.location.pathname + window.location.search;
  const params = new URLSearchParams({
    siteKey,
    redirect: current,
  });
  return `/auth/login.html?${params.toString()}`;
}

async function authCheckAccess() {
  const siteKey = authGetSiteKey();
  try {
    const response = await fetch(`/auth/api/check.php?siteKey=${encodeURIComponent(siteKey)}`, {
      method: "GET",
      headers: { "Accept": "application/json" },
      credentials: "same-origin",
    });

    if (response.ok) return;

    window.location.href = authBuildLoginUrl(siteKey);
  } catch (error) {
    window.location.href = authBuildLoginUrl(siteKey);
  }
}

authCheckAccess();