ahoy_matey 4.2.1 → 5.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fc5fc1f8ed102bd4a3fa7e78a5404c7d40b698d59cbbc644c5322e2bcb1b2e52
-  data.tar.gz: 7100ab100ed3a6ae66a4c4aa6b14c3c2e817c273ab677b7befbc6350fec5cff8
+  metadata.gz: 621c76868e3082cd139423009777a21f805b65815f099f1a9d69d08a81a2a69e
+  data.tar.gz: 6575071548c3d0b326a8ca10fb3b9b26a8e61fdc02db0235353beca1d3db3b59
 SHA512:
-  metadata.gz: a41dd47317ab2932e0ddcc9231f3cca78887cdf2cf98ca3506cb0ccd8f1f70ed050dafe8e17e764224fe29018ba5cb35afab5068059338f63e832298d98547cd
-  data.tar.gz: f170800b1f7490aec5be31dab5e59f5824ab0a261ceb4fac9b5a1ad31fd8525c7f424c3f2080c8e75f9564763a69c9c6a56a854c848d1453cc3299b5f5c822f0
+  metadata.gz: f24ebcfd4d199cfebde1de163bcbca36f5c47115710d63260cc168bce075e629881cd61ed07babacba36fb6502fdebfcad20ada9c318e2c31d26a2b1ba9efdbc
+  data.tar.gz: ffa84f157d902da8f02f16d3c80bb558d7951ae51194325dee6aca5e622a651a3b681a17612788eb49399ffdc5739dbef4d41d661737c28eda164ab5c0a3462a

data/CHANGELOG.md

@@ -1,3 +1,11 @@
+## 5.0.0 (2023-10-01)
+
+- Changed visits to expire with anonymity sets
+- Fixed error when Active Job is not available
+- Fixed deprecation warning with Rails 7.1
+- Dropped support for Ruby < 3 and Rails < 6.1
+- Dropped support for Mongoid 6
+
 ## 4.2.1 (2023-02-23)
 
 - Updated Ahoy.js to 0.4.2

data/README.md

@@ -46,7 +46,7 @@ And restart your web server.
 
 ### JavaScript
 
-For Rails 7 / Importmap, add to `config/importmap.rb`:
+For Importmap (Rails 7 default), add to `config/importmap.rb`:
 
 ```ruby
 pin "ahoy", to: "ahoy.js"
@@ -58,7 +58,7 @@ And add to `app/javascript/application.js`:
 import "ahoy"
 ```
 
-For Rails 6 / Webpacker, run:
+For Webpacker (Rails 6 default), run:
 
 ```sh
 yarn add ahoy.js
@@ -70,7 +70,7 @@ And add to `app/javascript/packs/application.js`:
 import ahoy from "ahoy.js"
 ```
 
-For Rails 5 / Sprockets, add to `app/assets/javascripts/application.js`:
+For Sprockets, add to `app/assets/javascripts/application.js`:
 
 ```javascript
 //= require ahoy
@@ -210,7 +210,7 @@ visitable :sign_up_visit
 
 ### Users
 
-Ahoy automatically attaches the `current_user` to the visit. With [Devise](https://github.com/plataformatec/devise), it attaches the user even if they sign in after the visit starts.
+Ahoy automatically attaches the `current_user` to the visit. With [Devise](https://github.com/heartcombo/devise), it attaches the user even if they sign in after the visit starts.
 
 With other authentication frameworks, add this to the end of your sign in method:
 
@@ -260,28 +260,6 @@ class ApplicationController < ActionController::Base
 end
 ```
 
-#### Knock
-
-To attach the user with [Knock](https://github.com/nsarno/knock), either include `Knock::Authenticable`in `ApplicationController`:
-
-```ruby
-class ApplicationController < ActionController::API
-  include Knock::Authenticable
-end
-```
-
-Or include it in Ahoy:
-
-```ruby
-Ahoy::BaseController.include Knock::Authenticable
-```
-
-And use:
-
-```ruby
-Ahoy.user_method = ->(controller) { controller.send(:authenticate_entity, "user") }
-```
-
 ### Exclusions
 
 Bots are excluded from tracking by default. To include them, use:
@@ -306,6 +284,14 @@ By default, a new visit is created after 4 hours of inactivity. Change this with
 Ahoy.visit_duration = 30.minutes
 ```
 
+### Visitor Duration
+
+By default, a new `visitor_token` is generated after 2 years. Change this with:
+
+```ruby
+Ahoy.visitor_duration = 30.days
+```
+
 ### Cookies
 
 To track visits across multiple subdomains, use:
@@ -324,15 +310,15 @@ You can also [disable cookies](#anonymity-sets--cookies)
 
 ### Token Generation
 
-Ahoy uses random UUIDs for visit and visitor tokens by default, but you can use your own generator like [Druuid](https://github.com/recurly/druuid).
+Ahoy uses random UUIDs for visit and visitor tokens by default, but you can use your own generator like [ULID](https://github.com/rafaelsales/ulid).
 
 ```ruby
-Ahoy.token_generator = -> { Druuid.gen }
+Ahoy.token_generator = -> { ULID.generate }
 ```
 
 ### Throttling
 
-You can use [Rack::Attack](https://github.com/kickstarter/rack-attack) to throttle requests to the API.
+You can use [Rack::Attack](https://github.com/rack/rack-attack) to throttle requests to the API.
 
 ```ruby
 class Rack::Attack
@@ -376,13 +362,17 @@ Ahoy.job_queue = :low_priority
 
 ### Local Geocoding
 
-For privacy and performance, we recommend geocoding locally. Add this line to your application’s Gemfile:
+For privacy and performance, we recommend geocoding locally.
+
+For city-level geocoding, download the [GeoLite2 City database](https://dev.maxmind.com/geoip/geolite2-free-geolocation-data).
+
+Add this line to your application’s Gemfile:
 
 ```ruby
 gem "maxminddb"
 ```
 
-For city-level geocoding, download the [GeoLite2 City database](https://dev.maxmind.com/geoip/geoip2/geolite2/) and create `config/initializers/geocoder.rb` with:
+And create `config/initializers/geocoder.rb` with:
 
 ```ruby
 Geocoder.configure(
@@ -399,6 +389,12 @@ For country-level geocoding, install the `geoip-database` package. It’s preins
 sudo apt-get install geoip-database
 ```
 
+Add this line to your application’s Gemfile:
+
+```ruby
+gem "geoip"
+```
+
 And create `config/initializers/geocoder.rb` with:
 
 ```ruby
@@ -448,7 +444,7 @@ class Ahoy::Store < Ahoy::DatabaseStore
 end
 
 Ahoy.mask_ips = true
-Ahoy.cookies = false
+Ahoy.cookies = :none
 ```
 
 This:
@@ -486,20 +482,20 @@ end
 
 ### Anonymity Sets & Cookies
 
-Ahoy can switch from cookies to [anonymity sets](https://privacypatterns.org/patterns/Anonymity-set). Instead of cookies, visitors with the same IP mask and user agent are grouped together in an anonymity set.
+Ahoy can switch from cookies to [anonymity sets](https://privacypatterns.org/patterns/Anonymity-set). Instead of cookies, visitors with the same IP mask and user agent are grouped together in an anonymity set.
 
 ```ruby
-Ahoy.cookies = false
+Ahoy.cookies = :none
 ```
 
+Note: If Ahoy was installed before v5, [add an index](#5-0) before making this change.
+
 Previously set cookies are automatically deleted. If you use JavaScript tracking, also set:
 
 ```javascript
 ahoy.configure({cookies: false});
 ```
 
-Note: With anonymity sets, visits no longer expire after 4 hours of inactivity. A new visit is only created when the IP mask or user agent changes (for instance, when a user updates their browser). There are plans to address this in the next major version.
-
 ## Data Retention
 
 Data should only be retained for as long as it’s needed. Delete older data with:
@@ -637,7 +633,7 @@ end
 
 [Blazer](https://github.com/ankane/blazer) is a great tool for exploring your data.
 
-With ActiveRecord, you can do:
+With Active Record, you can do:
 
 ```ruby
 Ahoy::Visit.group(:search_keyword).count
@@ -775,19 +771,29 @@ Send a `POST` request to `/ahoy/events` with `Content-Type: application/json` an
 
 ## Upgrading
 
-### 4.0
+### 5.0
+
+Visits now expire with anonymity sets. If using `Ahoy.cookies = false`, a new index is needed.
+
+For Active Record, create a migration with:
 
-There are two notable changes to geocoding:
+```ruby
+add_index :ahoy_visits, [:visitor_token, :started_at]
+```
 
-1. Geocoding is now disabled by default (this was already the case for new installations with 3.2.0+). Check out the instructions for [how to enable it](#geocoding).
+For Mongoid, set:
 
-2. The `geocoder` gem is now an optional dependency. To use geocoding, add it to your Gemfile:
+```ruby
+class Ahoy::Visit
+  index({visitor_token: 1, started_at: 1})
+end
+```
 
-  ```ruby
-  gem "geocoder"
-  ```
+Create the index before upgrading, and set:
 
-Also, check out the [upgrade notes](https://github.com/ankane/ahoy.js#upgrading) for Ahoy.js.
+```ruby
+Ahoy.cookies = :none
+```
 
 ## History
 

data/lib/ahoy/base_store.rb

@@ -3,6 +3,7 @@ module Ahoy
     attr_writer :user
 
     def initialize(options)
+      @user = options[:user]
       @options = options
     end
 

data/lib/ahoy/controller.rb

@@ -5,9 +5,8 @@ module Ahoy
         base.helper_method :current_visit
         base.helper_method :ahoy
       end
-      base.before_action :set_ahoy_cookies, unless: -> { Ahoy.api_only }
       base.before_action :track_ahoy_visit, unless: -> { Ahoy.api_only }
-      base.around_action :set_ahoy_request_store
+      base.around_action :set_ahoy_request_store, unless: -> { Ahoy.api_only }
     end
 
     def ahoy
@@ -19,7 +18,7 @@ module Ahoy
     end
 
     def set_ahoy_cookies
-      if Ahoy.cookies
+      if Ahoy.cookies?
         ahoy.set_visitor_cookie
         ahoy.set_visit_cookie
       else
@@ -31,11 +30,17 @@ module Ahoy
     def track_ahoy_visit
       defer = Ahoy.server_side_visits != true
 
-      if defer && !Ahoy.cookies
+      if defer && !Ahoy.cookies?
         # avoid calling new_visit?, which triggers a database call
+      elsif !Ahoy.cookies? && ahoy.exclude?
+        # avoid calling new_visit?, which triggers a database call
+        # may or may not be a new visit
+        Ahoy.log("Request excluded")
       elsif ahoy.new_visit?
         ahoy.track_visit(defer: defer)
       end
+
+      set_ahoy_cookies
     end
 
     def set_ahoy_request_store

data/lib/ahoy/database_store.rb

@@ -53,11 +53,13 @@ module Ahoy
 
     def visit
       unless defined?(@visit)
-        if defined?(Mongoid::Document) && visit_model < Mongoid::Document
-          # find_by raises error by default when not found
-          @visit = visit_model.where(visit_token: ahoy.visit_token).first if ahoy.visit_token
+        if ahoy.send(:existing_visit_token)
+          # find_by raises error by default with Mongoid when not found
+          @visit = visit_model.where(visit_token: ahoy.visit_token).take if ahoy.visit_token
+        elsif !Ahoy.cookies? && ahoy.visitor_token
+          @visit = visit_model.where(visitor_token: ahoy.visitor_token).where(started_at: Ahoy.visit_duration.ago..).order(started_at: :desc).first
         else
-          @visit = visit_model.find_by(visit_token: ahoy.visit_token) if ahoy.visit_token
+          @visit = nil
         end
       end
       @visit

data/lib/ahoy/tracker.rb

@@ -99,7 +99,7 @@ module Ahoy
     end
 
     def new_visit?
-      Ahoy.cookies ? !existing_visit_token : visit.nil?
+      Ahoy.cookies? ? !existing_visit_token : visit.nil?
     end
 
     def new_visitor?
@@ -145,6 +145,13 @@ module Ahoy
       delete_cookie("ahoy_track")
     end
 
+    def exclude?
+      unless defined?(@exclude)
+        @exclude = @store.exclude?
+      end
+      @exclude
+    end
+
     protected
 
     def api?
@@ -153,7 +160,7 @@ module Ahoy
 
     # private, but used by API
     def missing_params?
-      if Ahoy.cookies && api? && Ahoy.protect_from_forgery
+      if Ahoy.cookies? && api? && Ahoy.protect_from_forgery
         !(existing_visit_token && existing_visitor_token)
       else
         false
@@ -162,7 +169,7 @@ module Ahoy
 
     def set_cookie(name, value, duration = nil, use_domain = true)
       # safety net
-      return unless Ahoy.cookies && request
+      return unless Ahoy.cookies? && request
 
       cookie = Ahoy.cookie_options.merge(value: value)
       cookie[:expires] = duration.from_now if duration
@@ -184,13 +191,6 @@ module Ahoy
       end
     end
 
-    def exclude?
-      unless defined?(@exclude)
-        @exclude = @store.exclude?
-      end
-      @exclude
-    end
-
     def report_exception(e)
       if defined?(ActionDispatch::RemoteIp::IpSpoofAttackError) && e.is_a?(ActionDispatch::RemoteIp::IpSpoofAttackError)
         debug "Tracking excluded due to IP spoofing"
@@ -207,7 +207,7 @@ module Ahoy
     def visit_token_helper
       @visit_token_helper ||= begin
         token = existing_visit_token
-        token ||= visit_anonymity_set unless Ahoy.cookies
+        token ||= visit&.visit_token unless Ahoy.cookies?
         token ||= generate_id unless Ahoy.api_only
         token
       end
@@ -216,7 +216,7 @@ module Ahoy
     def visitor_token_helper
       @visitor_token_helper ||= begin
         token = existing_visitor_token
-        token ||= visitor_anonymity_set unless Ahoy.cookies
+        token ||= visitor_anonymity_set unless Ahoy.cookies?
         token ||= generate_id unless Ahoy.api_only
         token
       end
@@ -225,7 +225,7 @@ module Ahoy
     def existing_visit_token
       @existing_visit_token ||= begin
         token = visit_header
-        token ||= visit_cookie if Ahoy.cookies && !(api? && Ahoy.protect_from_forgery)
+        token ||= visit_cookie if Ahoy.cookies? && !(api? && Ahoy.protect_from_forgery)
         token ||= visit_param if api?
         token
       end
@@ -234,16 +234,12 @@ module Ahoy
     def existing_visitor_token
       @existing_visitor_token ||= begin
         token = visitor_header
-        token ||= visitor_cookie if Ahoy.cookies && !(api? && Ahoy.protect_from_forgery)
+        token ||= visitor_cookie if Ahoy.cookies? && !(api? && Ahoy.protect_from_forgery)
         token ||= visitor_param if api?
         token
       end
     end
 
-    def visit_anonymity_set
-      @visit_anonymity_set ||= Digest::UUID.uuid_v5(UUID_NAMESPACE, ["visit", Ahoy.mask_ip(request.remote_ip), request.user_agent].join("/"))
-    end
-
     def visitor_anonymity_set
       @visitor_anonymity_set ||= Digest::UUID.uuid_v5(UUID_NAMESPACE, ["visitor", Ahoy.mask_ip(request.remote_ip), request.user_agent].join("/"))
     end

data/lib/ahoy/version.rb

@@ -1,3 +1,3 @@
 module Ahoy
-  VERSION = "4.2.1"
+  VERSION = "5.0.0"
 end

data/lib/ahoy.rb

@@ -21,13 +21,45 @@ require_relative "ahoy/visit_properties"
 require_relative "ahoy/engine" if defined?(Rails)
 
 module Ahoy
+  # activejob optional
+  autoload :GeocodeV2Job, "ahoy/geocode_v2_job"
+
   mattr_accessor :visit_duration
   self.visit_duration = 4.hours
 
   mattr_accessor :visitor_duration
   self.visitor_duration = 2.years
 
-  mattr_accessor :cookies
+  def self.cookies=(value)
+    if value == false
+      if defined?(Mongoid::Document) && defined?(Ahoy::Visit) && Ahoy::Visit < Mongoid::Document
+        raise <<~EOS
+          This feature requires a new index in Ahoy 5. Set:
+
+            class Ahoy::Visit
+              index({visitor_token: 1, started_at: 1})
+            end
+
+          Create the index before upgrading, and set:
+
+            Ahoy.cookies = :none
+        EOS
+      else
+        raise <<~EOS
+          This feature requires a new index in Ahoy 5. Create a migration with:
+
+            add_index :ahoy_visits, [:visitor_token, :started_at]
+
+          Run it before upgrading, and set:
+
+            Ahoy.cookies = :none
+        EOS
+      end
+    end
+    @@cookies = value
+  end
+
+  mattr_reader :cookies
   self.cookies = true
 
   # TODO deprecate in favor of cookie_options
@@ -94,6 +126,10 @@ module Ahoy
     logger.info { "[ahoy] #{message}" } if logger
   end
 
+  def self.cookies?
+    cookies && cookies != :none
+  end
+
   def self.mask_ip(ip)
     addr = IPAddr.new(ip)
     if addr.ipv4?

data/lib/generators/ahoy/activerecord_generator.rb

@@ -33,6 +33,10 @@ module Ahoy
         properties_type == "text" || (properties_type == "json" && ActiveRecord::Base.connection.try(:mariadb?))
       end
 
+      def serialize_options
+        ActiveRecord::VERSION::STRING.to_f >= 7.1 ? "coder: JSON" : "JSON"
+      end
+
       # use connection_config instead of connection.adapter
       # so database connection isn't needed
       def adapter
@@ -43,10 +47,6 @@ module Ahoy
         end
       end
 
-      def rails52?
-        ActiveRecord::VERSION::STRING.to_f >= 5.2
-      end
-
       def migration_version
         "[#{ActiveRecord::VERSION::MAJOR}.#{ActiveRecord::VERSION::MINOR}]"
       end

data/lib/generators/ahoy/templates/active_record_event_model.rb.tt

@@ -6,5 +6,5 @@ class Ahoy::Event < ApplicationRecord
   belongs_to :visit
   belongs_to :user, optional: true<% if serialize_properties? %>
 
-  serialize :properties, JSON<% end %>
+  serialize :properties, <%= serialize_options %><% end %>
 end

data/lib/generators/ahoy/templates/active_record_migration.rb.tt

@@ -45,6 +45,7 @@ class <%= migration_class_name %> < ActiveRecord::Migration<%= migration_version
     end
 
     add_index :ahoy_visits, :visit_token, unique: true
+    add_index :ahoy_visits, [:visitor_token, :started_at]
 
     create_table :ahoy_events<%= primary_key_type %> do |t|
       t.references :visit<%= foreign_key_type %>
@@ -55,8 +56,7 @@ class <%= migration_class_name %> < ActiveRecord::Migration<%= migration_version
       t.datetime :time
     end
 
-    add_index :ahoy_events, [:name, :time]<% if properties_type == "jsonb" %><% if rails52? %>
-    add_index :ahoy_events, :properties, using: :gin, opclass: :jsonb_path_ops<% else %>
-    add_index :ahoy_events, "properties jsonb_path_ops", using: "gin"<% end %><% end %>
+    add_index :ahoy_events, [:name, :time]<% if properties_type == "jsonb" %>
+    add_index :ahoy_events, :properties, using: :gin, opclass: :jsonb_path_ops<% end %>
   end
 end

data/lib/generators/ahoy/templates/mongoid_visit_model.rb.tt

@@ -46,4 +46,5 @@ class Ahoy::Visit
   field :started_at, type: Time
 
   index({visit_token: 1}, {unique: true})
+  index({visitor_token: 1, started_at: 1})
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ahoy_matey
 version: !ruby/object:Gem::Version
-  version: 4.2.1
+  version: 5.0.0
 platform: ruby
 authors:
 - Andrew Kane
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-02-23 00:00:00.000000000 Z
+date: 2023-10-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -16,42 +16,42 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '5.2'
+        version: '6.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '5.2'
+        version: '6.1'
 - !ruby/object:Gem::Dependency
-  name: safely_block
+  name: device_detector
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.2.1
+        version: '1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.2.1
+        version: '1'
 - !ruby/object:Gem::Dependency
-  name: device_detector
+  name: safely_block
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.4'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '0.4'
 description:
 email: andrew@ankane.org
 executables: []
@@ -65,14 +65,13 @@ files:
 - app/controllers/ahoy/base_controller.rb
 - app/controllers/ahoy/events_controller.rb
 - app/controllers/ahoy/visits_controller.rb
-- app/jobs/ahoy/geocode_job.rb
-- app/jobs/ahoy/geocode_v2_job.rb
 - config/routes.rb
 - lib/ahoy.rb
 - lib/ahoy/base_store.rb
 - lib/ahoy/controller.rb
 - lib/ahoy/database_store.rb
 - lib/ahoy/engine.rb
+- lib/ahoy/geocode_v2_job.rb
 - lib/ahoy/helper.rb
 - lib/ahoy/model.rb
 - lib/ahoy/query_methods.rb
@@ -106,14 +105,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.6'
+      version: '3'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.6
+rubygems_version: 3.4.10
 signing_key:
 specification_version: 4
 summary: Simple, powerful, first-party analytics for Rails

data/app/jobs/ahoy/geocode_job.rb

@@ -1,11 +0,0 @@
-# for smooth update from Ahoy 1 -> 2
-# TODO remove in 5.0
-module Ahoy
-  class GeocodeJob < ActiveJob::Base
-    queue_as { Ahoy.job_queue }
-
-    def perform(visit)
-      Ahoy::GeocodeV2Job.perform_now(visit.visit_token, visit.ip)
-    end
-  end
-end