ahoy_matey 1.4.2 → 1.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1aebb95363cb98c2b74dadb3b42f9cd04c17c421
-  data.tar.gz: 08785d2aa638fddb3881d4365e74ded3049cfec8
+  metadata.gz: 40222ba157a73c4362b78a26fe1796a9bbc9fb50
+  data.tar.gz: 58a88b0ed382c126ceb141c902855f5c1492ee77
 SHA512:
-  metadata.gz: 16c58280be2b7a51a4f41c837204f701a93897b509330a0ff648d06819e2b944373fcaf5e0b595009270f5b332ec1ef81626537b824deafbd2f89cca5ece4376
-  data.tar.gz: 2aeb6f81dd3f0fdf09d0aee20ba52ed9349903636b9b392e87782ae135161520809aa45549dca292a479d5bae95ba893c4e6f95b29e13f6d32c601a39e204aae
+  metadata.gz: e04afdc9015e4456e2062c718c38ef043777b3e7442435926420db88bbeecb5226b60d899d45b24d69faa9cadb4041f735a7460f6f8f0062180763c90fdadc8d
+  data.tar.gz: 08de05c386b58857803d8867f92512293f68d41146d1c96d3e0c7082596ab4db0f0b920284ae28a9ffa946877440abe96279d2765b2cc030d68a65b6da62f9b6

data/CHANGELOG.md

@@ -1,3 +1,10 @@
+## 1.5.0
+
+- Removed throttling due to unintended side effects with its implementation
+- Ensure basic token requirements
+- Fixed visit recreation on cookie expiration
+- Fixed issue where `/ahoy/visits` is called indefinitely when `Ahoy.cookie_domain = :all`
+
 ## 1.4.2
 
 - Fixed issues with `where_properties`

data/README.md

@@ -440,7 +440,9 @@ Ahoy.quiet = false
 
 How you explore the data depends on the data store used.
 
-Here are ways to do it with ActiveRecord.
+For SQL databases, you can use [Blazer](https://github.com/ankane/blazer) to easily generate charts and dashboards.
+
+With ActiveRecord, you can do:
 
 ```ruby
 Visit.group(:search_keyword).count
@@ -448,7 +450,7 @@ Visit.group(:country).count
 Visit.group(:referring_domain).count
 ```
 
-[Chartkick](http://chartkick.com/) and [Groupdate](https://github.com/ankane/groupdate) make it super easy to visualize the data.
+[Chartkick](http://chartkick.com/) and [Groupdate](https://github.com/ankane/groupdate) make it easy to visualize the data.
 
 ```erb
 <%= line_chart Visit.group_by_day(:started_at).count %>
@@ -528,6 +530,18 @@ Send a `POST` request as `Content-Type: application/json` to `/ahoy/events` with
 
 Use an array to pass multiple events at once.
 
+## Throttling
+
+To throttle requests to Ahoy endpoints, check out [Rack::Attack](https://github.com/kickstarter/ack-attack). Here’s a sample config:
+
+```ruby
+Rack::Attack.throttle("ahoy/ip", limit: 20, period: 1.minute) do |req|
+  if req.path.start_with?("/ahoy/")
+    req.ip
+  end
+end
+```
+
 ## Reference
 
 By default, Ahoy create endpoints at `/ahoy/visits` and `/ahoy/events`. To disable, use:
@@ -538,6 +552,10 @@ Ahoy.mount = false
 
 ## Upgrading
 
+### 1.5.0
+
+There’s nothing to do, but it’s worth noting that simple throttling, which was added in `1.3.0`, was removed due to unintended side effects with its implementation. See the [Throttling](#throttling) section for how to properly add it by hand if needed.
+
 ### 1.4.0
 
 There’s nothing to do, but it’s worth noting the default store was changed from `ActiveRecordStore` to `ActiveRecordTokenStore` for new installations.

data/ahoy_matey.gemspec

@@ -27,7 +27,6 @@ Gem::Specification.new do |spec|
   spec.add_dependency "request_store"
   spec.add_dependency "uuidtools"
   spec.add_dependency "safely_block", ">= 0.1.1"
-  spec.add_dependency "rack-attack"
 
   spec.add_development_dependency "bundler", "~> 1.5"
   spec.add_development_dependency "rake"

data/app/controllers/ahoy/base_controller.rb

@@ -2,8 +2,13 @@ module Ahoy
   class BaseController < ApplicationController
     # skip all filters except for authlogic
     filters = _process_action_callbacks.map(&:filter) - [:load_authlogic]
-    if respond_to?(:skip_action)
-      skip_action *filters
+    if Rails::VERSION::MAJOR >= 5
+      skip_before_action(*filters, raise: false)
+      skip_after_action(*filters, raise: false)
+      skip_around_action(*filters, raise: false)
+      before_action :verify_request_size
+    elsif respond_to?(:skip_action_callback)
+      skip_action_callback *filters
       before_action :verify_request_size
     else
       skip_filter *filters

data/lib/ahoy.rb

@@ -72,15 +72,6 @@ module Ahoy
   mattr_accessor :mount
   self.mount = true
 
-  mattr_accessor :throttle
-  self.throttle = true
-
-  mattr_accessor :throttle_limit
-  self.throttle_limit = 20
-
-  mattr_accessor :throttle_period
-  self.throttle_period = 1.minute
-
   mattr_accessor :job_queue
   self.job_queue = :ahoy
 

data/lib/ahoy/engine.rb

@@ -1,11 +1,6 @@
 module Ahoy
   class Engine < ::Rails::Engine
     initializer "ahoy.middleware", after: "sprockets.environment" do |app|
-      if Ahoy.throttle
-        require "ahoy/throttle"
-        app.middleware.use Ahoy::Throttle
-      end
-
       next unless Ahoy.quiet
 
       # Parse PATH_INFO by assets prefix

data/lib/ahoy/tracker.rb

@@ -30,7 +30,7 @@ module Ahoy
         debug "Visit excluded"
       else
         if options[:defer]
-          set_cookie("ahoy_track", true)
+          set_cookie("ahoy_track", true, nil, false)
         else
           options = options.dup
 
@@ -60,11 +60,11 @@ module Ahoy
     end
 
     def visit_id
-      @visit_id ||= ensure_uuid(existing_visit_id || visit_token)
+      @visit_id ||= ensure_uuid(existing_visit_id || visit_token_helper)
     end
 
     def visitor_id
-      @visitor_id ||= ensure_uuid(existing_visitor_id || visitor_token)
+      @visitor_id ||= ensure_uuid(existing_visitor_id || visitor_token_helper)
     end
 
     def new_visit?
@@ -90,25 +90,31 @@ module Ahoy
       @visit_properties ||= Ahoy::VisitProperties.new(request, @options.slice(:api))
     end
 
-    # for ActiveRecordTokenStore only - do not use
     def visit_token
-      @visit_token ||= existing_visit_id || (@options[:api] && request.params["visit_token"]) || generate_id
+      @visit_token ||= ensure_token(visit_token_helper)
     end
 
-    # for ActiveRecordTokenStore only - do not use
     def visitor_token
-      @visitor_token ||= existing_visitor_id || (@options[:api] && request.params["visitor_token"]) || generate_id
+      @visitor_token ||= ensure_token(visitor_token_helper)
     end
 
     protected
 
-    def set_cookie(name, value, duration = nil)
+    def visit_token_helper
+      @visit_token_helper ||= existing_visit_id || (@options[:api] && request.params["visit_token"]) || generate_id
+    end
+
+    def visitor_token_helper
+      @visitor_token_helper ||= existing_visitor_id || (@options[:api] && request.params["visitor_token"]) || generate_id
+    end
+
+    def set_cookie(name, value, duration = nil, use_domain = true)
       cookie = {
         value: value
       }
       cookie[:expires] = duration.from_now if duration
       domain = Ahoy.cookie_domain || Ahoy.domain
-      cookie[:domain] = domain if domain
+      cookie[:domain] = domain if domain && use_domain
       request.cookie_jar[name] = cookie
     end
 
@@ -151,6 +157,10 @@ module Ahoy
       Ahoy.ensure_uuid(id)
     end
 
+    def ensure_token(token)
+      token.to_s.gsub(/[^a-z0-9\-]/i, "").first(64)
+    end
+
     def debug(message)
       Rails.logger.debug { "[ahoy] #{message}" }
     end

data/lib/ahoy/version.rb

@@ -1,3 +1,3 @@
 module Ahoy
-  VERSION = "1.4.2"
+  VERSION = "1.5.0"
 end

data/lib/ahoy/visit_properties.rb

@@ -8,11 +8,11 @@ module Ahoy
 
     KEYS = REQUEST_KEYS + TRAFFIC_SOURCE_KEYS + UTM_PARAMETER_KEYS + TECHNOLOGY_KEYS + LOCATION_KEYS
 
-    delegate *REQUEST_KEYS, to: :request_deckhand
-    delegate *TRAFFIC_SOURCE_KEYS, to: :traffic_source_deckhand
-    delegate *(UTM_PARAMETER_KEYS + [:landing_params]), to: :utm_parameter_deckhand
-    delegate *TECHNOLOGY_KEYS, to: :technology_deckhand
-    delegate *LOCATION_KEYS, to: :location_deckhand
+    delegate(*REQUEST_KEYS, to: :request_deckhand)
+    delegate(*TRAFFIC_SOURCE_KEYS, to: :traffic_source_deckhand)
+    delegate(*(UTM_PARAMETER_KEYS + [:landing_params]), to: :utm_parameter_deckhand)
+    delegate(*TECHNOLOGY_KEYS, to: :technology_deckhand)
+    delegate(*LOCATION_KEYS, to: :location_deckhand)
 
     def initialize(request, options = {})
       @request = request

data/vendor/assets/javascripts/ahoy.js

@@ -20,8 +20,9 @@
   var queue = [];
   var canStringify = typeof(JSON) !== "undefined" && typeof(JSON.stringify) !== "undefined";
   var eventQueue = [];
-  var visitsUrl = ahoy.visitsUrl || "/ahoy/visits"
-  var eventsUrl = ahoy.eventsUrl || "/ahoy/events"
+  var visitsUrl = ahoy.visitsUrl || "/ahoy/visits";
+  var eventsUrl = ahoy.eventsUrl || "/ahoy/events";
+  var canTrackNow = ahoy.trackNow && canStringify && typeof(window.navigator.sendBeacon) !== "undefined";
 
   // cookies
 
@@ -122,6 +123,13 @@
     });
   }
 
+  function trackEventNow(event) {
+    ready( function () {
+      var payload = new Blob([JSON.stringify([event])], {type : "application/json; charset=utf-8"});
+      navigator.sendBeacon(eventsUrl, payload)
+    });
+  }
+
   function page() {
     return ahoy.page || window.location.pathname;
   }
@@ -137,64 +145,66 @@
     };
   }
 
-  // main
-
-  visitId = getCookie("ahoy_visit");
-  visitorId = getCookie("ahoy_visitor");
-  track = getCookie("ahoy_track");
+  function createVisit() {
+    isReady = false;
 
-  if (visitId && visitorId && !track) {
-    // TODO keep visit alive?
-    log("Active visit");
-    setReady();
-  } else {
-    if (track) {
-      destroyCookie("ahoy_track");
-    }
-
-    if (!visitId) {
-      visitId = generateId();
-      setCookie("ahoy_visit", visitId, visitTtl);
-    }
+    visitId = ahoy.getVisitId();
+    visitorId = ahoy.getVisitorId();
+    track = getCookie("ahoy_track");
 
-    // make sure cookies are enabled
-    if (getCookie("ahoy_visit")) {
-      log("Visit started");
-
-      if (!visitorId) {
-        visitorId = generateId();
-        setCookie("ahoy_visitor", visitorId, visitorTtl);
+    if (visitId && visitorId && !track) {
+      // TODO keep visit alive?
+      log("Active visit");
+      setReady();
+    } else {
+      if (track) {
+        destroyCookie("ahoy_track");
       }
 
-      var data = {
-        visit_token: visitId,
-        visitor_token: visitorId,
-        platform: ahoy.platform || "Web",
-        landing_page: window.location.href,
-        screen_width: window.screen.width,
-        screen_height: window.screen.height
-      };
-
-      // referrer
-      if (document.referrer.length > 0) {
-        data.referrer = document.referrer;
+      if (!visitId) {
+        visitId = generateId();
+        setCookie("ahoy_visit", visitId, visitTtl);
       }
 
-      log(data);
-
-      $.post(visitsUrl, data, setReady, "json");
-    } else {
-      log("Cookies disabled");
-      setReady();
+      // make sure cookies are enabled
+      if (getCookie("ahoy_visit")) {
+        log("Visit started");
+
+        if (!visitorId) {
+          visitorId = generateId();
+          setCookie("ahoy_visitor", visitorId, visitorTtl);
+        }
+
+        var data = {
+          visit_token: visitId,
+          visitor_token: visitorId,
+          platform: ahoy.platform || "Web",
+          landing_page: window.location.href,
+          screen_width: window.screen.width,
+          screen_height: window.screen.height
+        };
+
+        // referrer
+        if (document.referrer.length > 0) {
+          data.referrer = document.referrer;
+        }
+
+        log(data);
+
+        $.post(visitsUrl, data, setReady, "json");
+      } else {
+        log("Cookies disabled");
+        setReady();
+      }
     }
   }
 
   ahoy.getVisitId = ahoy.getVisitToken = function () {
-    return visitId;
+    return getCookie("ahoy_visit");
   };
 
   ahoy.getVisitorId = ahoy.getVisitorToken = function () {
-    return visitorId;
+    return getCookie("ahoy_visitor");
   };
 
   ahoy.reset = function () {
@@ -215,22 +225,32 @@
   };
 
   ahoy.track = function (name, properties) {
+    if (!ahoy.getVisitId()) {
+      createVisit();
+    }
+
     // generate unique id
     var event = {
       id: generateId(),
+      visit_token: ahoy.getVisitId(),
+      visitor_token: ahoy.getVisitorId(),
       name: name,
       properties: properties,
       time: (new Date()).getTime() / 1000.0
     };
     log(event);
 
-    eventQueue.push(event);
-    saveEventQueue();
+    if (canTrackNow) {
+      trackEventNow(event);
+    } else {
+      eventQueue.push(event);
+      saveEventQueue();
 
-    // wait in case navigating to reduce duplicate events
-    setTimeout( function () {
-      trackEvent(event);
-    }, 1000);
+      // wait in case navigating to reduce duplicate events
+      setTimeout( function () {
+        trackEvent(event);
+      }, 1000);
+    }
   };
 
   ahoy.trackView = function () {
@@ -273,6 +293,8 @@
     ahoy.trackChanges();
   };
 
+  createVisit();
+
   // push events from queue
   try {
     eventQueue = JSON.parse(getCookie("ahoy_events") || "[]");

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ahoy_matey
 version: !ruby/object:Gem::Version
-  version: 1.4.2
+  version: 1.5.0
 platform: ruby
 authors:
 - Andrew Kane
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-06-21 00:00:00.000000000 Z
+date: 2016-08-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -136,20 +136,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 0.1.1
-- !ruby/object:Gem::Dependency
-  name: rack-attack
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -274,7 +260,6 @@ files:
 - lib/ahoy/stores/log_store.rb
 - lib/ahoy/stores/mongoid_store.rb
 - lib/ahoy/subscribers/active_record.rb
-- lib/ahoy/throttle.rb
 - lib/ahoy/tracker.rb
 - lib/ahoy/version.rb
 - lib/ahoy/visit_properties.rb
@@ -335,7 +320,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.5.1
+rubygems_version: 2.6.1
 signing_key: 
 specification_version: 4
 summary: Simple, powerful visit tracking for Rails
@@ -348,3 +333,4 @@ test_files:
 - test/properties/postgresql_text_test.rb
 - test/test_helper.rb
 - test/visit_properties_test.rb
+has_rdoc: 

data/lib/ahoy/throttle.rb

@@ -1,17 +0,0 @@
-require "rack/attack"
-
-module Ahoy
-  class Throttle < Rack::Attack
-    throttle("ahoy/ip", limit: Ahoy.throttle_limit, period: Ahoy.throttle_period) do |req|
-      if req.path.start_with?("/ahoy/")
-        req.ip
-      end
-    end
-
-    def_delegators self, :whitelisted?, :blacklisted?, :throttled?, :tracked?
-
-    def self.throttled_response
-      Rack::Attack.throttled_response
-    end
-  end
-end