// Lightweight browser fingerprint. Not a serious anti-fraud signal on its
// own — the value is the *delta* between accesses, which is what the fraud
// engine actually compares against.
export function useFingerprint(): Record<string, string | number> {
  if (import.meta.server) return {}

  const screen = window.screen
  return {
    platform: navigator.platform,
    language: navigator.language,
    languages: (navigator.languages || []).join(','),
    user_agent: navigator.userAgent,
    timezone: Intl.DateTimeFormat().resolvedOptions().timeZone,
    timezone_offset: new Date().getTimezoneOffset(),
    screen_width: screen.width,
    screen_height: screen.height,
    color_depth: screen.colorDepth,
    pixel_ratio: window.devicePixelRatio,
    cookie_enabled: navigator.cookieEnabled ? 1 : 0,
    hardware_concurrency: navigator.hardwareConcurrency || 0,
  }
}