ahoy_matey 1.5.1 → 1.5.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9e5a105f360566e591e93df058b2ef3f2b014d2b
-  data.tar.gz: 75b530f1d2ac5db181fce79e5e28772fee413e44
+  metadata.gz: 3662bc02fad0423af6a7a745137718af5976244a
+  data.tar.gz: 69331b2acf1a7c75266bd6e88adba510afb8a02c
 SHA512:
-  metadata.gz: 04728f524b58d1b923072dbf88f2f3e028bd9e7c09b40b7e26dcf24b1311255fcf851401c1890d473d1ef43f6b35abac94be4ec71d889211d09f6ebd573f7934
-  data.tar.gz: 40cd9292793a8a9df4f91c474deb5fe787b483d9cf7f9b76d00ef9ebe36a0d82511fdc12dcf506acd71849b5443f072110af1faf4983596006c7a96543ac3c1b
+  metadata.gz: 6496bb48e9e1ea773ce5ad3bd229f51458177a141d48c311fa23f1211a4f73b0de21d10ea38640d8d30686020d8ce777f83d7fe5a8b3e96ec973abc1848e8168
+  data.tar.gz: 66d169b4168bb2ad2f032259331c863dcaccc6295ae0e9002a6c1df4fa2e6dcaea49e784055f517160caa7c801d84390495d10b2b90f422617c9337537290ef3

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.5.2
+
+- Better support for Rails 5
+
 ## 1.5.1
 
 - Restored throttling after removing side effects

data/app/controllers/ahoy/base_controller.rb

@@ -15,6 +15,8 @@ module Ahoy
       before_filter :verify_request_size
     end
 
+    protect_from_forgery with: :null_session, if: -> { Ahoy.protect_from_forgery }
+
     protected
 
     def ahoy

data/app/controllers/ahoy/events_controller.rb

@@ -5,6 +5,8 @@ module Ahoy
         if params[:name]
           # legacy API
           [params]
+        elsif params[:events]
+          params[:events]
         else
           begin
             ActiveSupport::JSON.decode(request.body.read)

data/lib/ahoy.rb

@@ -84,6 +84,12 @@ module Ahoy
   mattr_accessor :job_queue
   self.job_queue = :ahoy
 
+  mattr_accessor :api_only
+  self.api_only = false
+
+  mattr_accessor :protect_from_forgery
+  self.protect_from_forgery = false
+
   def self.ensure_uuid(id)
     valid = UUIDTools::UUID.parse(id) rescue nil
     if valid
@@ -108,8 +114,13 @@ module Ahoy
 end
 
 if defined?(Rails)
-  ActionController::Base.send :include, Ahoy::Controller
-  ActiveRecord::Base.send(:extend, Ahoy::Model) if defined?(ActiveRecord)
+  ActiveSupport.on_load(:action_controller) do
+    ActionController::Base.send :include, Ahoy::Controller
+  end
+
+  ActiveSupport.on_load(:active_record) do
+    ActiveRecord::Base.send(:extend, Ahoy::Model)
+  end
 
   # ensure logger silence will not be added by activerecord-session_store
   # otherwise, we get SystemStackError: stack level too deep

data/lib/ahoy/controller.rb

@@ -6,12 +6,12 @@ module Ahoy
       base.helper_method :current_visit
       base.helper_method :ahoy
       if base.respond_to?(:before_action)
-        base.before_action :set_ahoy_cookies
-        base.before_action :track_ahoy_visit
+        base.before_action :set_ahoy_cookies, unless: -> { Ahoy.api_only }
+        base.before_action :track_ahoy_visit, unless: -> { Ahoy.api_only }
         base.before_action :set_ahoy_request_store
       else
-        base.before_filter :set_ahoy_cookies
-        base.before_filter :track_ahoy_visit
+        base.before_filter :set_ahoy_cookies, unless: -> { Ahoy.api_only }
+        base.before_filter :track_ahoy_visit, unless: -> { Ahoy.api_only }
         base.before_filter :set_ahoy_request_store
       end
     end

data/lib/ahoy/throttle.rb

@@ -13,13 +13,5 @@ module Ahoy
     def self.throttled_response
       Rack::Attack.throttled_response
     end
-
-    def self.blacklisted_response
-      Rack::Attack.blacklisted_response
-    end
-
-    def self.blocklisted_response
-      Rack::Attack.blocklisted_response
-    end
   end
 end

data/lib/ahoy/tracker.rb

@@ -12,6 +12,8 @@ module Ahoy
     def track(name, properties = {}, options = {})
       if exclude?
         debug "Event excluded"
+      elsif missing_params?
+        debug "Missing required parameters"
       else
         options = options.dup
 
@@ -28,6 +30,8 @@ module Ahoy
     def track_visit(options = {})
       if exclude?
         debug "Visit excluded"
+      elsif missing_params?
+        debug "Missing required parameters"
       else
         if options[:defer]
           set_cookie("ahoy_track", true, nil, false)
@@ -60,15 +64,19 @@ module Ahoy
     end
 
     def visit_id
-      @visit_id ||= ensure_uuid(existing_visit_id || visit_token_helper)
+      @visit_id ||= ensure_uuid(visit_token_helper)
     end
 
     def visitor_id
-      @visitor_id ||= ensure_uuid(existing_visitor_id || visitor_token_helper)
+      @visitor_id ||= ensure_uuid(visitor_token_helper)
     end
 
     def new_visit?
-      !existing_visit_id
+      !existing_visit_token
+    end
+
+    def new_visitor?
+      !existing_visitor_token
     end
 
     def set_visit_cookie
@@ -76,7 +84,7 @@ module Ahoy
     end
 
     def set_visitor_cookie
-      unless existing_visitor_id
+      if new_visitor?
         set_cookie("ahoy_visitor", visitor_id, Ahoy.visitor_duration)
       end
     end
@@ -87,7 +95,7 @@ module Ahoy
 
     # TODO better name
     def visit_properties
-      @visit_properties ||= Ahoy::VisitProperties.new(request, @options.slice(:api))
+      @visit_properties ||= Ahoy::VisitProperties.new(request, api: api?)
     end
 
     def visit_token
@@ -100,12 +108,16 @@ module Ahoy
 
     protected
 
-    def visit_token_helper
-      @visit_token_helper ||= existing_visit_id || (@options[:api] && request.params["visit_token"]) || generate_id
+    def api?
+      @options[:api]
     end
 
-    def visitor_token_helper
-      @visitor_token_helper ||= existing_visitor_id || (@options[:api] && request.params["visitor_token"]) || generate_id
+    def missing_params?
+      if api? && Ahoy.protect_from_forgery
+        !(existing_visit_token && existing_visitor_token)
+      else
+        false
+      end
     end
 
     def set_cookie(name, value, duration = nil, use_domain = true)
@@ -119,7 +131,7 @@ module Ahoy
     end
 
     def trusted_time(time)
-      if !time || (@options[:api] && !(1.minute.ago..Time.now).cover?(time))
+      if !time || (api? && !(1.minute.ago..Time.now).cover?(time))
         Time.zone.now
       else
         time
@@ -145,20 +157,70 @@ module Ahoy
       @store.generate_id
     end
 
-    def existing_visit_id
-      @existing_visit_id ||= request && (request.headers["Ahoy-Visit"] || request.cookies["ahoy_visit"])
+    def visit_token_helper
+      @visit_token_helper ||= begin
+        token = existing_visit_token
+        token ||= generate_id unless api?
+        token
+      end
+    end
+
+    def visitor_token_helper
+      @visitor_token_helper ||= begin
+        token = existing_visitor_token
+        token ||= generate_id unless api?
+        token
+      end
+    end
+
+    def existing_visit_token
+      @existing_visit_token ||= begin
+        token = visit_header
+        token ||= visit_cookie unless api? && Ahoy.protect_from_forgery
+        token ||= visit_param if api?
+        token
+      end
+    end
+
+    def existing_visitor_token
+      @existing_visitor_token ||= begin
+        token = visitor_header
+        token ||= visitor_cookie unless api? && Ahoy.protect_from_forgery
+        token ||= visitor_param if api?
+        token
+      end
+    end
+
+    def visit_cookie
+      @visit_cookie ||= request && request.cookies["ahoy_visit"]
+    end
+
+    def visitor_cookie
+      @visitor_cookie ||= request && request.cookies["ahoy_visitor"]
+    end
+
+    def visit_header
+      @visit_header ||= request && request.headers["Ahoy-Visit"]
+    end
+
+    def visitor_header
+      @visitor_header ||= request && request.headers["Ahoy-Visitor"]
+    end
+
+    def visit_param
+      @visit_param ||= request && request.params["visit_token"]
     end
 
-    def existing_visitor_id
-      @existing_visitor_id ||= request && (request.headers["Ahoy-Visitor"] || request.cookies["ahoy_visitor"])
+    def visitor_param
+      @visitor_param ||= request && request.params["visitor_token"]
     end
 
     def ensure_uuid(id)
-      Ahoy.ensure_uuid(id)
+      Ahoy.ensure_uuid(id) if id
     end
 
     def ensure_token(token)
-      token.to_s.gsub(/[^a-z0-9\-]/i, "").first(64)
+      token.to_s.gsub(/[^a-z0-9\-]/i, "").first(64) if token
     end
 
     def debug(message)

data/lib/ahoy/version.rb

@@ -1,3 +1,3 @@
 module Ahoy
-  VERSION = "1.5.1"
+  VERSION = "1.5.2"
 end

data/lib/generators/ahoy/stores/templates/active_record_event_model.rb

@@ -5,7 +5,7 @@ module Ahoy
     self.table_name = "ahoy_events"
 
     belongs_to :visit
-    belongs_to :user<% unless %w(postgresql postgresql-jsonb).include?(@database) %>
+    belongs_to :user<%= Rails::VERSION::MAJOR >= 5 ? ", optional: true" : nil %><% unless %w(postgresql postgresql-jsonb).include?(@database) %>
 
     serialize :properties, JSON<% end %>
   end

data/lib/generators/ahoy/stores/templates/active_record_visit_model.rb

@@ -1,4 +1,4 @@
 class Visit < ActiveRecord::Base
   has_many :ahoy_events, class_name: "Ahoy::Event"
-  belongs_to :user
+  belongs_to :user<%= Rails::VERSION::MAJOR >= 5 ? ", optional: true" : nil %>
 end

data/vendor/assets/javascripts/ahoy.js

@@ -11,7 +11,30 @@
 (function (window) {
   "use strict";
 
+  var config = {
+    urlPrefix: "",
+    visitsUrl: "/ahoy/visits",
+    eventsUrl: "/ahoy/events",
+    cookieDomain: null,
+    page: null,
+    platform: "Web",
+    useBeacon: false,
+    startOnReady: true
+  };
+
   var ahoy = window.ahoy || window.Ahoy || {};
+
+  ahoy.configure = function (options) {
+    for (var key in options) {
+      if (options.hasOwnProperty(key)) {
+        config[key] = options[key];
+      }
+    }
+  };
+
+  // legacy
+  ahoy.configure(ahoy);
+
   var $ = window.jQuery || window.Zepto || window.$;
   var visitId, visitorId, track;
   var visitTtl = 4 * 60; // 4 hours
@@ -20,9 +43,18 @@
   var queue = [];
   var canStringify = typeof(JSON) !== "undefined" && typeof(JSON.stringify) !== "undefined";
   var eventQueue = [];
-  var visitsUrl = ahoy.visitsUrl || "/ahoy/visits";
-  var eventsUrl = ahoy.eventsUrl || "/ahoy/events";
-  var canTrackNow = ahoy.trackNow && canStringify && typeof(window.navigator.sendBeacon) !== "undefined";
+
+  function visitsUrl() {
+    return config.urlPrefix + config.visitsUrl;
+  }
+
+  function eventsUrl() {
+    return config.urlPrefix + config.eventsUrl;
+  }
+
+  function canTrackNow() {
+    return (config.useBeacon || config.trackNow) && canStringify && typeof(window.navigator.sendBeacon) !== "undefined";
+  }
 
   // cookies
 
@@ -35,8 +67,9 @@
       date.setTime(date.getTime() + (ttl * 60 * 1000));
       expires = "; expires=" + date.toGMTString();
     }
-    if (ahoy.domain) {
-      cookieDomain = "; domain=" + ahoy.domain;
+    var domain = config.cookieDomain || config.domain;
+    if (domain) {
+      cookieDomain = "; domain=" + domain;
     }
     document.cookie = name + "=" + escape(value) + expires + cookieDomain + "; path=/";
   }
@@ -98,40 +131,74 @@
     }
   }
 
+  // from jquery-ujs
+
+  function csrfToken() {
+    return $("meta[name=csrf-token]").attr("content");
+  }
+
+  function csrfParam() {
+    return $("meta[name=csrf-param]").attr("content");
+  }
+
+  function CSRFProtection(xhr) {
+    var token = csrfToken();
+    if (token) xhr.setRequestHeader("X-CSRF-Token", token);
+  }
+
+  function sendRequest(url, data, success) {
+    if (canStringify) {
+      $.ajax({
+        type: "POST",
+        url: url,
+        data: JSON.stringify(data),
+        contentType: "application/json; charset=utf-8",
+        dataType: "json",
+        beforeSend: CSRFProtection,
+        success: success
+      });
+    }
+  }
+
+  function eventData(event) {
+    var data = {
+      events: [event],
+      visit_token: event.visit_token,
+      visitor_token: event.visitor_token
+    };
+    delete event.visit_token;
+    delete event.visitor_token;
+    return data;
+  }
+
   function trackEvent(event) {
     ready( function () {
-      // ensure JSON is defined
-      if (canStringify) {
-        $.ajax({
-          type: "POST",
-          url: eventsUrl,
-          data: JSON.stringify([event]),
-          contentType: "application/json; charset=utf-8",
-          dataType: "json",
-          success: function() {
-            // remove from queue
-            for (var i = 0; i < eventQueue.length; i++) {
-              if (eventQueue[i].id == event.id) {
-                eventQueue.splice(i, 1);
-                break;
-              }
-            }
-            saveEventQueue();
+      sendRequest(eventsUrl(), eventData(event), function() {
+        // remove from queue
+        for (var i = 0; i < eventQueue.length; i++) {
+          if (eventQueue[i].id == event.id) {
+            eventQueue.splice(i, 1);
+            break;
           }
-        });
-      }
+        }
+        saveEventQueue();
+      });
     });
   }
 
   function trackEventNow(event) {
     ready( function () {
-      var payload = new Blob([JSON.stringify([event])], {type : "application/json; charset=utf-8"});
-      navigator.sendBeacon(eventsUrl, payload)
+      var data = eventData(event);
+      var param = csrfParam();
+      var token = csrfToken();
+      if (param && token) data[param] = token;
+      var payload = new Blob([JSON.stringify(data)], {type : "application/json; charset=utf-8"});
+      navigator.sendBeacon(eventsUrl(), payload);
     });
   }
 
   function page() {
-    return ahoy.page || window.location.pathname;
+    return config.page || window.location.pathname;
   }
 
   function eventProperties(e) {
@@ -178,7 +245,7 @@
         var data = {
           visit_token: visitId,
           visitor_token: visitorId,
-          platform: ahoy.platform || "Web",
+          platform: config.platform,
           landing_page: window.location.href,
           screen_width: window.screen.width,
           screen_height: window.screen.height
@@ -191,7 +258,7 @@
 
         log(data);
 
-        $.post(visitsUrl, data, setReady, "json");
+        sendRequest(visitsUrl(), data, setReady);
       } else {
         log("Cookies disabled");
         setReady();
@@ -225,32 +292,39 @@
   };
 
   ahoy.track = function (name, properties) {
-    if (!ahoy.getVisitId()) {
-      createVisit();
-    }
-
     // generate unique id
     var event = {
       id: generateId(),
-      visit_token: ahoy.getVisitId(),
-      visitor_token: ahoy.getVisitorId(),
       name: name,
-      properties: properties,
+      properties: properties || {},
       time: (new Date()).getTime() / 1000.0
     };
-    log(event);
 
-    if (canTrackNow) {
-      trackEventNow(event);
-    } else {
-      eventQueue.push(event);
-      saveEventQueue();
+    // wait for createVisit to log
+    $( function () {
+      log(event);
+    });
 
-      // wait in case navigating to reduce duplicate events
-      setTimeout( function () {
-        trackEvent(event);
-      }, 1000);
-    }
+    ready( function () {
+      if (!ahoy.getVisitId()) {
+        createVisit();
+      }
+
+      event.visit_token = ahoy.getVisitId();
+      event.visitor_token = ahoy.getVisitorId();
+
+      if (canTrackNow()) {
+        trackEventNow(event);
+      } else {
+        eventQueue.push(event);
+        saveEventQueue();
+
+        // wait in case navigating to reduce duplicate events
+        setTimeout( function () {
+          trackEvent(event);
+        }, 1000);
+      }
+    });
   };
 
   ahoy.trackView = function () {
@@ -293,18 +367,24 @@
     ahoy.trackChanges();
   };
 
-  createVisit();
+  ahoy.start = function () {
+    createVisit();
 
-  // push events from queue
-  try {
-    eventQueue = JSON.parse(getCookie("ahoy_events") || "[]");
-  } catch (e) {
-    // do nothing
-  }
+    // push events from queue
+    try {
+      eventQueue = JSON.parse(getCookie("ahoy_events") || "[]");
+    } catch (e) {
+      // do nothing
+    }
 
-  for (var i = 0; i < eventQueue.length; i++) {
-    trackEvent(eventQueue[i]);
-  }
+    for (var i = 0; i < eventQueue.length; i++) {
+      trackEvent(eventQueue[i]);
+    }
+
+    ahoy.start = function () {};
+  };
+
+  if (config.startOnReady) { $(ahoy.start); }
 
   window.ahoy = ahoy;
 }(window));

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ahoy_matey
 version: !ruby/object:Gem::Version
-  version: 1.5.1
+  version: 1.5.2
 platform: ruby
 authors:
 - Andrew Kane
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-08-19 00:00:00.000000000 Z
+date: 2016-08-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties