@koendhoore/directus-extension-umami-analytics 1.0.1 → 1.0.2

package/dist/api.js

@@ -1 +1 @@
-import t from"node:crypto";const e=new Map;let r=null;function n(t,e){const r=t[e];if(!r)throw new Error(`Missing ${e}`);return r.replace(/\/+$/,"")}function a(t){return n(t,"UMAMI_URL").replace(/\/api\/?$/,"")}function s(t,e){const r=e.replace(/^\/api\/?/,"").replace(/^\/+/,"");return`${a(t)}/api/${r}`}function o(t,e){const r=Number(t);return Number.isFinite(r)?r:e}function i(t){return Buffer.from(t).toString("base64").replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function c(e,r){return function(e,r){const n=t.randomBytes(16),a=t.randomBytes(64),s=t.pbkdf2Sync(r,a,1e4,32,"sha512"),o=t.createCipheriv("aes-256-gcm",s,n),i=Buffer.concat([o.update(String(e),"utf8"),o.final()]),c=o.getAuthTag();return Buffer.concat([a,n,c,i]).toString("base64")}(function(e,r){const n=`${i(JSON.stringify({alg:"HS256",typ:"JWT"}))}.${i(JSON.stringify(e))}`;return`${n}.${i(t.createHmac("sha256",r).update(n).digest())}`}(e,r),r)}function u(e){const r=e.UMAMI_USER_ID||e.UMAMI_API_CLIENT_USER_ID,n=e.UMAMI_APP_SECRET||e.UMAMI_API_CLIENT_SECRET;if(!r||!n)return null;return{headers:{Authorization:`Bearer ${c({userId:r},function(...e){return t.createHash("sha512").update(e.join("")).digest("hex")}(n))}`}}}async function d(t){const e=t.UMAMI_API_KEY;if(e)return{headers:{"x-umami-api-key":e}};const a=t.UMAMI_TOKEN;if(a)return{headers:{Authorization:`Bearer ${a}`}};const o=u(t);return o||async function(t){if(r&&r.expires>Date.now())return r.auth;const e=n(t,"UMAMI_USERNAME"),a=n(t,"UMAMI_PASSWORD"),o=await fetch(s(t,"/auth/login"),{method:"POST",headers:{"Content-Type":"application/json",Accept:"application/json"},body:JSON.stringify({username:e,password:a})}),i=await o.text();if(!o.ok)throw new Error(`Umami login failed: ${o.status} ${i}`);let c=null;try{c=i?JSON.parse(i):null}catch{}const u=c?.token||c?.accessToken||c?.data?.token||c?.data?.accessToken,d=o.headers.get("set-cookie")||"",f=u?{headers:{Authorization:`Bearer ${u}`}}:{headers:d?{Cookie:d.split(";")[0]}:{}};return r={expires:Date.now()+33e5,auth:f},f}(t)}async function f(t,e){const r=await d(t),n=await fetch(s(t,e),{headers:{Accept:"application/json",...r.headers}}),a=await n.text();if(!n.ok)throw new Error(`Umami request failed: ${n.status} ${a}`);return a?JSON.parse(a):null}function h(t,e,r,n,a=10){return`/websites/${t}/metrics?${new URLSearchParams({startAt:String(Math.round(r)),endAt:String(Math.round(n)),type:e,limit:String(a)}).toString()}`}const p=[],M=[{name:"umami-analytics",config:(t,r)=>{const n=r.env||process.env;t.get("/health",(t,e)=>{e.json({ok:!0,service:"umami-analytics"})}),t.get("/debug",async(t,e)=>{try{const t=n.UMAMI_API_KEY?"api-key":n.UMAMI_TOKEN?"bearer-token":n.UMAMI_USER_ID||n.UMAMI_API_CLIENT_USER_ID?"api-client":"username-password",r=await f(n,"/me").catch(t=>({error:t.message}));e.json({ok:!0,authMode:t,umamiUrl:a(n),websiteId:n.UMAMI_WEBSITE_ID,me:r})}catch(t){e.status(500).json({error:t.message||"Unknown error"})}}),t.get("/summary",async(t,r)=>{try{const a=String(t.query.websiteId||n.UMAMI_WEBSITE_ID||"");if(!a)return r.status(400).json({error:"Missing websiteId or UMAMI_WEBSITE_ID"});const{startAt:s,endAt:i,days:c}=function(t){const e=Date.now(),r=Math.max(1,Math.min(365,o(t.days,30))),n=o(t.endAt,e);return{startAt:o(t.startAt,n-24*r*60*60*1e3),endAt:n,days:r}}(t.query),u=`summary:${a}:${s}:${i}`,d=function(t){const r=e.get(t);return!r||r.expires<Date.now()?null:r.value}(u);if(d)return r.json(d);const p=new URLSearchParams({startAt:String(Math.round(s)),endAt:String(Math.round(i))}),[M,l,A,m]=await Promise.all([f(n,`/websites/${a}/stats?${p.toString()}`),f(n,h(a,"url",s,i,10)),f(n,h(a,"referrer",s,i,10)),f(n,h(a,"event",s,i,10)).catch(()=>[])]),g={websiteId:a,range:{startAt:s,endAt:i,days:c},stats:M,pages:l,referrers:A,events:m};!function(t,r,n=3e5){e.set(t,{expires:Date.now()+n,value:r})}(u,g),r.json(g)}catch(t){r.status(500).json({error:t.message||"Unknown error"})}})}}],l=[];export{M as endpoints,p as hooks,l as operations};
+import t from"node:crypto";function e(t,e){const r=e.replace(/^\/api\/?/,"").replace(/^\/+/,"");return`${n(t)}/api/${r}`}function r(t){return Buffer.from(t).toString("base64").replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function n(t){return c(t,"UMAMI_URL").replace(/\/api\/?$/,"")}function a(e,n){return function(e,r){const n=t.randomBytes(16),a=t.randomBytes(64),s=t.pbkdf2Sync(r,a,1e4,32,"sha512"),o=t.createCipheriv("aes-256-gcm",s,n),i=Buffer.concat([o.update(String(e),"utf8"),o.final()]),c=o.getAuthTag();return Buffer.concat([a,n,c,i]).toString("base64")}(function(e,n){const a=`${r(JSON.stringify({alg:"HS256",typ:"JWT"}))}.${r(JSON.stringify(e))}`;return`${a}.${r(t.createHmac("sha256",n).update(a).digest())}`}(e,n),n)}function s(e){const r=e.UMAMI_USER_ID||e.UMAMI_API_CLIENT_USER_ID,n=e.UMAMI_APP_SECRET||e.UMAMI_API_CLIENT_SECRET;if(!r||!n)return null;return{headers:{Authorization:`Bearer ${a({userId:r},function(...e){return t.createHash("sha512").update(e.join("")).digest("hex")}(n))}`}}}async function o(t){const r=t.UMAMI_API_KEY;if(r)return{headers:{"x-umami-api-key":r}};const n=t.UMAMI_TOKEN;if(n)return{headers:{Authorization:`Bearer ${n}`}};const a=s(t);return a||async function(t){if(M&&M.expires>Date.now())return M.auth;const r=c(t,"UMAMI_USERNAME"),n=c(t,"UMAMI_PASSWORD"),a=await fetch(e(t,"/auth/login"),{method:"POST",headers:{"Content-Type":"application/json",Accept:"application/json"},body:JSON.stringify({username:r,password:n})}),s=await a.text();if(!a.ok)throw new Error(`Umami login failed: ${a.status} ${s}`);let o=null;try{o=s?JSON.parse(s):null}catch{}const i=o?.token||o?.accessToken||o?.data?.token||o?.data?.accessToken,u=a.headers.get("set-cookie")||"",d=i?{headers:{Authorization:`Bearer ${i}`}}:{headers:u?{Cookie:u.split(";")[0]}:{}};return M={expires:Date.now()+33e5,auth:d},d}(t)}function i(t,e){const r=Number(t);return Number.isFinite(r)?r:e}function c(t,e){const r=t[e];if(!r)throw new Error(`Missing ${e}`);return r.replace(/\/+$/,"")}async function u(t,r){const n=await o(t),a=await fetch(e(t,r),{headers:{Accept:"application/json",...n.headers}}),s=await a.text();if(!a.ok)throw new Error(`Umami request failed: ${a.status} ${s}`);return s?JSON.parse(s):null}const d=3e5,f=new Map;let M=null;const m=[],p=[{name:"umami-analytics",config:(t,e)=>{const r=e.env||process.env;t.get("/health",(t,e)=>{e.json({ok:!0,service:"umami-analytics"})}),t.get("/debug",async(t,e)=>{try{const t=r.UMAMI_API_KEY?"api-key":r.UMAMI_TOKEN?"bearer-token":r.UMAMI_USER_ID||r.UMAMI_API_CLIENT_USER_ID?"api-client":"username-password",a=await u(r,"/me").catch(t=>({error:t.message}));e.json({ok:!0,authMode:t,umamiUrl:n(r),websiteId:r.UMAMI_WEBSITE_ID,me:a})}catch(t){e.status(500).json({error:t.message||"Unknown error"})}}),t.get("/summary",async(t,e)=>{try{const n=String(t.query.websiteId||r.UMAMI_WEBSITE_ID||"");if(!n)return e.status(400).json({error:"Missing websiteId or UMAMI_WEBSITE_ID"});const{startAt:a,endAt:s,days:o}=function(t){const e=Date.now(),r=Math.max(1,Math.min(365,i(t.days,30))),n=i(t.endAt,e);return{startAt:i(t.startAt,n-24*r*60*60*1e3),endAt:n,days:r}}(t.query),c=`summary:${n}:${a}:${s}`,M=function(t){const e=f.get(t);return!e||e.expires<Date.now()?null:e.value}(c);if(M)return e.json(M);const m=r.UMAMI_TIMEZONE||"Europe/Brussels",p=new URLSearchParams({startAt:String(Math.round(a)),endAt:String(Math.round(s)),unit:"day",timezone:m}),h=(t,e=10)=>new URLSearchParams({startAt:String(Math.round(a)),endAt:String(Math.round(s)),type:t,limit:String(e),timezone:m}),[l,A,g,I]=await Promise.all([u(r,`/websites/${n}/stats?${p.toString()}`),u(r,`/websites/${n}/metrics?${h("url").toString()}`),u(r,`/websites/${n}/metrics?${h("referrer").toString()}`),u(r,`/websites/${n}/metrics?${h("event").toString()}`).catch(()=>[])]),S={websiteId:n,range:{startAt:a,endAt:s,days:o},stats:l,pages:A,referrers:g,events:I};!function(t,e,r=d){f.set(t,{expires:Date.now()+r,value:e})}(c,S),e.json(S)}catch(t){e.status(500).json({error:t.message||"Unknown error"})}})}}],h=[];export{p as endpoints,m as hooks,h as operations};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@koendhoore/directus-extension-umami-analytics",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "Directus bundle: secure Umami proxy endpoint + native Insights analytics panel.",
   "type": "module",
   "license": "MIT",

package/src/umami-analytics-endpoint/index.ts

@@ -1,4 +1,4 @@
-import crypto from 'node:crypto';
+import crypto from "node:crypto";
 
 type Env = Record<string, string | undefined>;
 
@@ -6,37 +6,13 @@ type UmamiAuth = {
   headers: Record<string, string>;
 };
 
-const FIVE_MINUTES = 5 * 60 * 1000;
-const cache = new Map<string, { expires: number; value: unknown }>();
-let authCache: { expires: number; auth: UmamiAuth } | null = null;
-
-function required(env: Env, key: string): string {
-  const value = env[key];
-  if (!value) throw new Error(`Missing ${key}`);
-  return value.replace(/\/+$/, '');
-}
-
-function cleanBaseUrl(env: Env): string {
-  // Accept both https://analytics.example.com and https://analytics.example.com/api
-  return required(env, 'UMAMI_URL').replace(/\/api\/?$/, '');
-}
-
 function apiUrl(env: Env, path: string): string {
   const cleanPath = path.replace(/^\/api\/?/, '').replace(/^\/+/, '');
   return `${cleanBaseUrl(env)}/api/${cleanPath}`;
 }
 
-function numberParam(value: unknown, fallback: number) {
-  const parsed = Number(value);
-  return Number.isFinite(parsed) ? parsed : fallback;
-}
-
-function getRange(query: Record<string, unknown>) {
-  const now = Date.now();
-  const days = Math.max(1, Math.min(365, numberParam(query.days, 30)));
-  const endAt = numberParam(query.endAt, now);
-  const startAt = numberParam(query.startAt, endAt - days * 24 * 60 * 60 * 1000);
-  return { startAt, endAt, days };
+function base64url(input: Buffer | string) {
+  return Buffer.from(input).toString('base64').replace(/=/g, '').replace(/\+/g, '-').replace(/\//g, '_');
 }
 
 function cached<T>(key: string): T | null {
@@ -45,16 +21,9 @@ function cached<T>(key: string): T | null {
   return hit.value as T;
 }
 
-function setCached(key: string, value: unknown, ttlMs = FIVE_MINUTES) {
-  cache.set(key, { expires: Date.now() + ttlMs, value });
-}
-
-function base64url(input: Buffer | string) {
-  return Buffer.from(input).toString('base64').replace(/=/g, '').replace(/\+/g, '-').replace(/\//g, '_');
-}
-
-function hash(...args: string[]) {
-  return crypto.createHash('sha512').update(args.join('')).digest('hex');
+function cleanBaseUrl(env: Env): string {
+  // Accept both https://analytics.example.com and https://analytics.example.com/api
+  return required(env, 'UMAMI_URL').replace(/\/api\/?$/, '');
 }
 
 function createJwt(payload: Record<string, unknown>, secret: string) {
@@ -66,6 +35,10 @@ function createJwt(payload: Record<string, unknown>, secret: string) {
   return `${data}.${base64url(signature)}`;
 }
 
+function createSecureToken(payload: Record<string, unknown>, secret: string) {
+  return encryptAesGcm(createJwt(payload, secret), secret);
+}
+
 function encryptAesGcm(value: string, secret: string) {
   const iv = crypto.randomBytes(16);
   const salt = crypto.randomBytes(64);
@@ -76,10 +49,6 @@ function encryptAesGcm(value: string, secret: string) {
   return Buffer.concat([salt, iv, tag, encrypted]).toString('base64');
 }
 
-function createSecureToken(payload: Record<string, unknown>, secret: string) {
-  return encryptAesGcm(createJwt(payload, secret), secret);
-}
-
 function getApiClientAuth(env: Env): UmamiAuth | null {
   const userId = env.UMAMI_USER_ID || env.UMAMI_API_CLIENT_USER_ID;
   const appSecret = env.UMAMI_APP_SECRET || env.UMAMI_API_CLIENT_SECRET;
@@ -93,6 +62,27 @@ function getApiClientAuth(env: Env): UmamiAuth | null {
   return { headers: { Authorization: `Bearer ${token}` } };
 }
 
+async function getAuth(env: Env): Promise<UmamiAuth> {
+  const apiKey = env.UMAMI_API_KEY;
+  if (apiKey) return { headers: { 'x-umami-api-key': apiKey } };
+
+  const token = env.UMAMI_TOKEN;
+  if (token) return { headers: { Authorization: `Bearer ${token}` } };
+
+  const apiClientAuth = getApiClientAuth(env);
+  if (apiClientAuth) return apiClientAuth;
+
+  return getUsernamePasswordAuth(env);
+}
+
+function getRange(query: Record<string, unknown>) {
+  const now = Date.now();
+  const days = Math.max(1, Math.min(365, numberParam(query.days, 30)));
+  const endAt = numberParam(query.endAt, now);
+  const startAt = numberParam(query.startAt, endAt - days * 24 * 60 * 60 * 1000);
+  return { startAt, endAt, days };
+}
+
 async function getUsernamePasswordAuth(env: Env): Promise<UmamiAuth> {
   if (authCache && authCache.expires > Date.now()) return authCache.auth;
 
@@ -129,17 +119,33 @@ async function getUsernamePasswordAuth(env: Env): Promise<UmamiAuth> {
   return auth;
 }
 
-async function getAuth(env: Env): Promise<UmamiAuth> {
-  const apiKey = env.UMAMI_API_KEY;
-  if (apiKey) return { headers: { 'x-umami-api-key': apiKey } };
+function hash(...args: string[]) {
+  return crypto.createHash('sha512').update(args.join('')).digest('hex');
+}
 
-  const token = env.UMAMI_TOKEN;
-  if (token) return { headers: { Authorization: `Bearer ${token}` } };
+function metricPath(websiteId: string, type: string, startAt: number, endAt: number, limit = 10) {
+  const params = new URLSearchParams({
+    startAt: String(Math.round(startAt)),
+    endAt: String(Math.round(endAt)),
+    type,
+    limit: String(limit),
+  });
+  return `/websites/${websiteId}/metrics?${params.toString()}`;
+}
 
-  const apiClientAuth = getApiClientAuth(env);
-  if (apiClientAuth) return apiClientAuth;
+function numberParam(value: unknown, fallback: number) {
+  const parsed = Number(value);
+  return Number.isFinite(parsed) ? parsed : fallback;
+}
 
-  return getUsernamePasswordAuth(env);
+function required(env: Env, key: string): string {
+  const value = env[key];
+  if (!value) throw new Error(`Missing ${key}`);
+  return value.replace(/\/+$/, '');
+}
+
+function setCached(key: string, value: unknown, ttlMs = FIVE_MINUTES) {
+  cache.set(key, { expires: Date.now() + ttlMs, value });
 }
 
 async function umamiGet(env: Env, path: string) {
@@ -160,15 +166,9 @@ async function umamiGet(env: Env, path: string) {
   return text ? JSON.parse(text) : null;
 }
 
-function metricPath(websiteId: string, type: string, startAt: number, endAt: number, limit = 10) {
-  const params = new URLSearchParams({
-    startAt: String(Math.round(startAt)),
-    endAt: String(Math.round(endAt)),
-    type,
-    limit: String(limit),
-  });
-  return `/websites/${websiteId}/metrics?${params.toString()}`;
-}
+const FIVE_MINUTES = 5 * 60 * 1000;
+const cache = new Map<string, { expires: number; value: unknown }>();
+let authCache: { expires: number; auth: UmamiAuth } | null = null;
 
 export default (router: any, context: any) => {
   const env: Env = context.env || process.env;
@@ -202,28 +202,85 @@ export default (router: any, context: any) => {
   });
 
   router.get('/summary', async (req: any, res: any) => {
-    try {
-      const websiteId = String(req.query.websiteId || env.UMAMI_WEBSITE_ID || '');
-      if (!websiteId) return res.status(400).json({ error: 'Missing websiteId or UMAMI_WEBSITE_ID' });
-
-      const { startAt, endAt, days } = getRange(req.query);
-      const key = `summary:${websiteId}:${startAt}:${endAt}`;
-      const hit = cached(key);
-      if (hit) return res.json(hit);
-
-      const params = new URLSearchParams({ startAt: String(Math.round(startAt)), endAt: String(Math.round(endAt)) });
-      const [stats, pages, referrers, events] = await Promise.all([
-        umamiGet(env, `/websites/${websiteId}/stats?${params.toString()}`),
-        umamiGet(env, metricPath(websiteId, 'url', startAt, endAt, 10)),
-        umamiGet(env, metricPath(websiteId, 'referrer', startAt, endAt, 10)),
-        umamiGet(env, metricPath(websiteId, 'event', startAt, endAt, 10)).catch(() => []),
-      ]);
-
-      const payload = { websiteId, range: { startAt, endAt, days }, stats, pages, referrers, events };
-      setCached(key, payload);
-      res.json(payload);
-    } catch (error: any) {
-      res.status(500).json({ error: error.message || 'Unknown error' });
+  try {
+    const websiteId = String(req.query.websiteId || env.UMAMI_WEBSITE_ID || '');
+
+    if (!websiteId) {
+      return res.status(400).json({
+        error: 'Missing websiteId or UMAMI_WEBSITE_ID',
+      });
     }
-  });
+
+    const { startAt, endAt, days } = getRange(req.query);
+
+    const key = `summary:${websiteId}:${startAt}:${endAt}`;
+
+    const hit = cached(key);
+
+    if (hit) {
+      return res.json(hit);
+    }
+
+    const timezone = env.UMAMI_TIMEZONE || 'Europe/Brussels';
+
+    const statsParams = new URLSearchParams({
+      startAt: String(Math.round(startAt)),
+      endAt: String(Math.round(endAt)),
+      unit: 'day',
+      timezone,
+    });
+
+    const metricsParams = (type: string, limit = 10) =>
+      new URLSearchParams({
+        startAt: String(Math.round(startAt)),
+        endAt: String(Math.round(endAt)),
+        type,
+        limit: String(limit),
+        timezone,
+      });
+
+    const [stats, pages, referrers, events] = await Promise.all([
+      umamiGet(
+        env,
+        `/websites/${websiteId}/stats?${statsParams.toString()}`
+      ),
+
+      umamiGet(
+        env,
+        `/websites/${websiteId}/metrics?${metricsParams('url').toString()}`
+      ),
+
+      umamiGet(
+        env,
+        `/websites/${websiteId}/metrics?${metricsParams('referrer').toString()}`
+      ),
+
+      umamiGet(
+        env,
+        `/websites/${websiteId}/metrics?${metricsParams('event').toString()}`
+      ).catch(() => []),
+    ]);
+
+    const payload = {
+      websiteId,
+      range: {
+        startAt,
+        endAt,
+        days,
+      },
+      stats,
+      pages,
+      referrers,
+      events,
+    };
+
+    setCached(key, payload);
+
+    res.json(payload);
+  } catch (error: any) {
+    res.status(500).json({
+      error: error.message || 'Unknown error',
+    });
+  }
+});
 };