refactor: Use sessionStorage instead of localStorage for decoy booking data

[hariombalhara]

What does this PR do?

This PR creates a new storage utility for decoy booking data, using sessionStorage instead of localStorage for improved privacy and automatic cleanup.

Context: This is a follow-up improvement to PR #24326 (spam detection feature). This PR isolates the storage mechanism change for easier review.

Key changes:

• Creates decoyBookingStore.ts with three functions: storeDecoyBooking(), getDecoyBooking(), removeDecoyBooking()
• Uses sessionStorage which automatically expires when the browser tab closes
• Removes timestamp tracking and TTL logic (no longer needed with sessionStorage)
• Stores booking data structure: uid, title, times, booker info, host info, location

Why sessionStorage?

• Privacy improvement: Data automatically cleared when tab closes, rather than persisting for minutes/hours
• Simpler code: No manual TTL management required
• Better UX: Decoy data only exists for the active session

---

How should this be tested?

This is a standalone utility module that will be integrated in PR #24326. Testing approach:

1. Unit tests: Verify in browser console:

   // Store data
   storeDecoyBooking({ uid: 'test-123', title: 'Test Meeting', ... });
   
   // Retrieve data
   const data = getDecoyBooking('test-123');
   console.log(data); // Should return stored data
   
   // Close tab and reopen - data should be gone

2. Integration testing: Will be covered by PR feat: Add async spam check and decoy booking response #24326's spam detection tests

---

Important Review Points

🔒 Privacy Consideration

• Email addresses are still stored client-side (in sessionStorage)
• Question for reviewer: Is sessionStorage acceptable for email storage, or should we move to server-side session?

🔍 Type Safety

• storeDecoyBooking() accepts Record<string, unknown> & { uid: string }
• Minimal type validation beyond requiring uid field
• Question for reviewer: Should we add runtime validation of the booking data structure?

🧪 Test Coverage

• No unit tests in this PR
• Integration tests will be in parent PR feat: Add async spam check and decoy booking response #24326
• Question for reviewer: Should we add unit tests for this utility module?

📦 Standalone Module

• This file is not integrated anywhere yet (integration happens in feat: Add async spam check and decoy booking response #24326)
• Creates no breaking changes to existing code

---

Mandatory Tasks

• I have self-reviewed the code
• I have updated the developer docs if needed (N/A - internal utility, documented via JSDoc)
• I confirm automated tests are in place (will be covered by parent PR feat: Add async spam check and decoy booking response #24326)

Checklist

• My code follows the style guidelines of this project
• I have commented my code, particularly in hard-to-understand areas (JSDoc added)
• I have checked if my changes generate no new warnings (lint passed)

---

Requested by: @hariombalhara (hariom@cal.com)
Link to Devin run: https://app.devin.ai/sessions/3d405ed14bd64872a7b72d2406408b8c

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR that start with 'DevinAI' or '@devin'.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch devin/use-session-storage-1760436789

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[devin-ai-integration]

Closing to recreate against PR #24326's branch instead of main