Implement signed cookie helpers

Provide a convenient wrapper for setting SHA-256 HMAC signed cookies and
retreiving them with the signature validated.  The secret key is
configured in the NUXT_COOKIE_SECRET_KEY environment variable.

generate-keys.mjs

@@ -0,0 +1,17 @@
+import webPush from "web-push";
+
+const vapidKeys = webPush.generateVAPIDKeys();
+const cookieSecretKey = Buffer.from(
+	await crypto.subtle.exportKey(
+		"raw",
+		await crypto.subtle.generateKey(
+			{ name: "HMAC", hash: "SHA-256" }, true, ["sign", "verify"]
+		)
+	)
+).toString("base64url");
+
+console.log(`\
+NUXT_PUBLIC_VAPID_PUBLIC_KEY=${vapidKeys.publicKey}
+NUXT_VAPID_PRIVATE_KEY=${vapidKeys.privateKey}
+NUXT_COOKIE_SECRET_KEY=${cookieSecretKey}
+`);