ahoy_matey 1.5.5 → 4.2.1

data/lib/ahoy/tracker.rb

@@ -1,46 +1,60 @@
+require "active_support/core_ext/digest/uuid"
+
 module Ahoy
   class Tracker
+    UUID_NAMESPACE = "a82ae811-5011-45ab-a728-569df7499c5f"
+
     attr_reader :request, :controller
 
-    def initialize(options = {})
+    def initialize(**options)
       @store = Ahoy::Store.new(options.merge(ahoy: self))
       @controller = options[:controller]
       @request = options[:request] || @controller.try(:request)
+      @visit_token = options[:visit_token]
+      @user = options[:user]
       @options = options
     end
 
+    # can't use keyword arguments here
     def track(name, properties = {}, options = {})
       if exclude?
         debug "Event excluded"
-      elsif missing_params?
-        debug "Missing required parameters"
       else
-        options = options.dup
-
-        options[:time] = trusted_time(options[:time])
-        options[:id] = ensure_uuid(options[:id] || generate_id)
-
-        @store.track_event(name, properties, options)
+        data = {
+          visit_token: visit_token,
+          user_id: user.try(:id),
+          name: name.to_s,
+          properties: properties,
+          time: trusted_time(options[:time]),
+          event_id: options[:id] || generate_id
+        }.select { |_, v| v }
+
+        @store.track_event(data)
       end
       true
     rescue => e
       report_exception(e)
     end
 
-    def track_visit(options = {})
+    def track_visit(defer: false, started_at: nil)
       if exclude?
         debug "Visit excluded"
-      elsif missing_params?
-        debug "Missing required parameters"
       else
-        if options[:defer]
+        if defer
           set_cookie("ahoy_track", true, nil, false)
         else
-          options = options.dup
+          delete_cookie("ahoy_track")
 
-          options[:started_at] ||= Time.zone.now
+          data = {
+            visit_token: visit_token,
+            visitor_token: visitor_token,
+            user_id: user.try(:id),
+            started_at: trusted_time(started_at),
+          }.merge(visit_properties).select { |_, v| v }
 
-          @store.track_visit(options)
+          @store.track_visit(data)
+
+          Ahoy::GeocodeV2Job.perform_later(visit_token, data[:ip]) if Ahoy.geocode && data[:ip]
         end
       end
       true
@@ -48,11 +62,28 @@ module Ahoy
       report_exception(e)
     end
 
+    def geocode(data)
+      data = {
+        visit_token: visit_token
+      }.merge(data).select { |_, v| v }
+
+      @store.geocode(data)
+      true
+    rescue => e
+      report_exception(e)
+    end
+
     def authenticate(user)
       if exclude?
         debug "Authentication excluded"
       else
-        @store.authenticate(user)
+        @store.user = user
+
+        data = {
+          visit_token: visit_token,
+          user_id: user.try(:id)
+        }
+        @store.authenticate(data)
       end
       true
     rescue => e
@@ -63,16 +94,12 @@ module Ahoy
       @visit ||= @store.visit
     end
 
-    def visit_id
-      @visit_id ||= ensure_uuid(visit_token_helper)
-    end
-
-    def visitor_id
-      @visitor_id ||= ensure_uuid(visitor_token_helper)
+    def visit_or_create
+      @visit ||= @store.visit_or_create
     end
 
     def new_visit?
-      !existing_visit_token
+      Ahoy.cookies ? !existing_visit_token : visit.nil?
     end
 
     def new_visitor?
@@ -80,12 +107,12 @@ module Ahoy
     end
 
     def set_visit_cookie
-      set_cookie("ahoy_visit", visit_id, Ahoy.visit_duration)
+      set_cookie("ahoy_visit", visit_token, Ahoy.visit_duration)
     end
 
     def set_visitor_cookie
       if new_visitor?
-        set_cookie("ahoy_visitor", visitor_id, Ahoy.visitor_duration)
+        set_cookie("ahoy_visitor", visitor_token, Ahoy.visitor_duration)
       end
     end
 
@@ -93,18 +120,30 @@ module Ahoy
       @user ||= @store.user
     end
 
-    # TODO better name
     def visit_properties
-      @visit_properties ||= Ahoy::VisitProperties.new(request, api: api?)
+      @visit_properties ||= request ? Ahoy::VisitProperties.new(request, api: api?).generate : {}
     end
 
     def visit_token
       @visit_token ||= ensure_token(visit_token_helper)
     end
+    alias_method :visit_id, :visit_token
 
     def visitor_token
       @visitor_token ||= ensure_token(visitor_token_helper)
     end
+    alias_method :visitor_id, :visitor_token
+
+    def reset
+      reset_visit
+      delete_cookie("ahoy_visitor")
+    end
+
+    def reset_visit
+      delete_cookie("ahoy_visit")
+      delete_cookie("ahoy_events")
+      delete_cookie("ahoy_track")
+    end
 
     protected
 
@@ -112,8 +151,9 @@ module Ahoy
       @options[:api]
     end
 
+    # private, but used by API
     def missing_params?
-      if api? && Ahoy.protect_from_forgery
+      if Ahoy.cookies && api? && Ahoy.protect_from_forgery
         !(existing_visit_token && existing_visitor_token)
       else
         false
@@ -121,35 +161,42 @@ module Ahoy
     end
 
     def set_cookie(name, value, duration = nil, use_domain = true)
-      cookie = {
-        value: value
-      }
+      # safety net
+      return unless Ahoy.cookies && request
+
+      cookie = Ahoy.cookie_options.merge(value: value)
       cookie[:expires] = duration.from_now if duration
-      domain = Ahoy.cookie_domain || Ahoy.domain
-      cookie[:domain] = domain if domain && use_domain
+      # prefer cookie_options[:domain] over cookie_domain
+      cookie[:domain] ||= Ahoy.cookie_domain if Ahoy.cookie_domain
+      cookie.delete(:domain) unless use_domain
       request.cookie_jar[name] = cookie
     end
 
-    def trusted_time(time)
+    def delete_cookie(name)
+      request.cookie_jar.delete(name) if request && request.cookie_jar[name]
+    end
+
+    def trusted_time(time = nil)
       if !time || (api? && !(1.minute.ago..Time.now).cover?(time))
-        Time.zone.now
+        Time.current
       else
         time
       end
     end
 
     def exclude?
-      @store.exclude?
+      unless defined?(@exclude)
+        @exclude = @store.exclude?
+      end
+      @exclude
     end
 
-    # odd pattern for backwards compatibility
-    # TODO remove this method in next major release
     def report_exception(e)
-      Safely.safely do
-        @store.report_exception(e)
-        if Rails.env.development? || Rails.env.test?
-          raise e
-        end
+      if defined?(ActionDispatch::RemoteIp::IpSpoofAttackError) && e.is_a?(ActionDispatch::RemoteIp::IpSpoofAttackError)
+        debug "Tracking excluded due to IP spoofing"
+      else
+        raise e if !defined?(Rails) || Rails.env.development? || Rails.env.test?
+        Safely.report_exception(e)
       end
     end
 
@@ -160,6 +207,7 @@ module Ahoy
     def visit_token_helper
       @visit_token_helper ||= begin
         token = existing_visit_token
+        token ||= visit_anonymity_set unless Ahoy.cookies
         token ||= generate_id unless Ahoy.api_only
         token
       end
@@ -168,6 +216,7 @@ module Ahoy
     def visitor_token_helper
       @visitor_token_helper ||= begin
         token = existing_visitor_token
+        token ||= visitor_anonymity_set unless Ahoy.cookies
         token ||= generate_id unless Ahoy.api_only
         token
       end
@@ -176,7 +225,7 @@ module Ahoy
     def existing_visit_token
       @existing_visit_token ||= begin
         token = visit_header
-        token ||= visit_cookie unless api? && Ahoy.protect_from_forgery
+        token ||= visit_cookie if Ahoy.cookies && !(api? && Ahoy.protect_from_forgery)
         token ||= visit_param if api?
         token
       end
@@ -185,12 +234,20 @@ module Ahoy
     def existing_visitor_token
       @existing_visitor_token ||= begin
         token = visitor_header
-        token ||= visitor_cookie unless api? && Ahoy.protect_from_forgery
+        token ||= visitor_cookie if Ahoy.cookies && !(api? && Ahoy.protect_from_forgery)
         token ||= visitor_param if api?
         token
       end
     end
 
+    def visit_anonymity_set
+      @visit_anonymity_set ||= Digest::UUID.uuid_v5(UUID_NAMESPACE, ["visit", Ahoy.mask_ip(request.remote_ip), request.user_agent].join("/"))
+    end
+
+    def visitor_anonymity_set
+      @visitor_anonymity_set ||= Digest::UUID.uuid_v5(UUID_NAMESPACE, ["visitor", Ahoy.mask_ip(request.remote_ip), request.user_agent].join("/"))
+    end
+
     def visit_cookie
       @visit_cookie ||= request && request.cookies["ahoy_visit"]
     end
@@ -215,16 +272,13 @@ module Ahoy
       @visitor_param ||= request && request.params["visitor_token"]
     end
 
-    def ensure_uuid(id)
-      Ahoy.ensure_uuid(id) if id
-    end
-
     def ensure_token(token)
+      token = Ahoy::Utils.ensure_utf8(token)
       token.to_s.gsub(/[^a-z0-9\-]/i, "").first(64) if token
     end
 
     def debug(message)
-      Rails.logger.debug { "[ahoy] #{message}" }
+      Ahoy.log message
     end
   end
 end

data/lib/ahoy/utils.rb

@@ -0,0 +1,7 @@
+module Ahoy
+  module Utils
+    def self.ensure_utf8(str)
+      str.encode("UTF-8", "binary", invalid: :replace, undef: :replace, replace: "") if str
+    end
+  end
+end

data/lib/ahoy/version.rb

@@ -1,3 +1,3 @@
 module Ahoy
-  VERSION = "1.5.5"
+  VERSION = "4.2.1"
 end

data/lib/ahoy/visit_properties.rb

@@ -1,60 +1,122 @@
+require "cgi"
+require "device_detector"
+require "uri"
+
 module Ahoy
   class VisitProperties
-    REQUEST_KEYS = [:ip, :user_agent, :referrer, :landing_page, :platform, :app_version, :os_version, :screen_height, :screen_width]
-    TRAFFIC_SOURCE_KEYS = [:referring_domain, :search_keyword]
-    UTM_PARAMETER_KEYS = [:utm_source, :utm_medium, :utm_term, :utm_content, :utm_campaign]
-    TECHNOLOGY_KEYS = [:browser, :os, :device_type]
-    LOCATION_KEYS = [:country, :region, :city, :postal_code, :latitude, :longitude]
-
-    KEYS = REQUEST_KEYS + TRAFFIC_SOURCE_KEYS + UTM_PARAMETER_KEYS + TECHNOLOGY_KEYS + LOCATION_KEYS
+    attr_reader :request, :params, :referrer, :landing_page
 
-    delegate(*REQUEST_KEYS, to: :request_deckhand)
-    delegate(*TRAFFIC_SOURCE_KEYS, to: :traffic_source_deckhand)
-    delegate(*(UTM_PARAMETER_KEYS + [:landing_params]), to: :utm_parameter_deckhand)
-    delegate(*TECHNOLOGY_KEYS, to: :technology_deckhand)
-    delegate(*LOCATION_KEYS, to: :location_deckhand)
-
-    def initialize(request, options = {})
+    def initialize(request, api:)
       @request = request
-      @options = options
+      @params = request.params
+      @referrer = api ? params["referrer"] : request.referer
+      @landing_page = api ? params["landing_page"] : request.original_url
     end
 
-    def [](key)
-      send(key)
+    def generate
+      @generate ||= request_properties.merge(tech_properties).merge(traffic_properties).merge(utm_properties)
     end
 
-    def keys
-      if Ahoy.geocode == true # no location keys for :async
-        KEYS
-      else
-        KEYS - LOCATION_KEYS
+    private
+
+    def utm_properties
+      landing_params = {}
+      begin
+        landing_uri = URI.parse(landing_page)
+        # could also use Rack::Utils.parse_nested_query
+        landing_params = CGI.parse(landing_uri.query) if landing_uri
+      rescue
+        # do nothing
+      end
+
+      props = {}
+      %w(utm_source utm_medium utm_term utm_content utm_campaign).each do |name|
+        props[name.to_sym] = params[name] || landing_params[name].try(:first)
       end
+      props
     end
 
-    def to_hash
-      keys.inject({}) { |memo, key| memo[key] = send(key); memo }
+    def traffic_properties
+      uri = URI.parse(referrer) rescue nil
+      {
+        referring_domain: uri.try(:host).try(:first, 255)
+      }
     end
 
-    protected
+    def tech_properties
+      if Ahoy.user_agent_parser == :device_detector
+        client = DeviceDetector.new(request.user_agent)
+        device_type =
+          case client.device_type
+          when "smartphone"
+            "Mobile"
+          when "tv"
+            "TV"
+          else
+            client.device_type.try(:titleize)
+          end
 
-    def request_deckhand
-      @request_deckhand ||= Deckhands::RequestDeckhand.new(@request, @options)
-    end
+        {
+          browser: client.name,
+          os: client.os_name,
+          device_type: device_type
+        }
+      else
+        raise "Add browser to your Gemfile to use legacy user agent parsing" unless defined?(Browser)
+        raise "Add user_agent_parser to your Gemfile to use legacy user agent parsing" unless defined?(UserAgentParser)
 
-    def traffic_source_deckhand
-      @traffic_source_deckhand ||= Deckhands::TrafficSourceDeckhand.new(request_deckhand.referrer)
-    end
+        # cache for performance
+        @@user_agent_parser ||= UserAgentParser::Parser.new
+
+        user_agent = request.user_agent
+        agent = @@user_agent_parser.parse(user_agent)
+        browser = Browser.new(user_agent)
+        device_type =
+          if browser.bot?
+            "Bot"
+          elsif browser.device.tv?
+            "TV"
+          elsif browser.device.console?
+            "Console"
+          elsif browser.device.tablet?
+            "Tablet"
+          elsif browser.device.mobile?
+            "Mobile"
+          else
+            "Desktop"
+          end
 
-    def utm_parameter_deckhand
-      @utm_parameter_deckhand ||= Deckhands::UtmParameterDeckhand.new(request_deckhand.landing_page, request_deckhand.params)
+        {
+          browser: agent.name,
+          os: agent.os.name,
+          device_type: device_type
+        }
+      end
     end
 
-    def technology_deckhand
-      @technology_deckhand ||= Deckhands::TechnologyDeckhand.new(request_deckhand.user_agent)
+    # masking based on Google Analytics anonymization
+    # https://support.google.com/analytics/answer/2763052
+    def ip
+      ip = request.remote_ip
+      if ip && Ahoy.mask_ips
+        Ahoy.mask_ip(ip)
+      else
+        ip
+      end
     end
 
-    def location_deckhand
-      @location_deckhand ||= Deckhands::LocationDeckhand.new(request_deckhand.ip)
+    def request_properties
+      {
+        ip: ip,
+        user_agent: Ahoy::Utils.ensure_utf8(request.user_agent),
+        referrer: referrer,
+        landing_page: landing_page,
+        platform: params["platform"],
+        app_version: params["app_version"],
+        os_version: params["os_version"],
+        screen_height: params["screen_height"],
+        screen_width: params["screen_width"]
+      }
     end
   end
 end