@zaplier/sdk 1.6.1 → 1.6.3

package/dist/index.d.ts

@@ -748,6 +748,7 @@ declare class ZaplierSDK implements ZaplierSDK$1 {
     private heatmapEngine?;
     private antiAdblockManager?;
     private autoTracker?;
+    private visitorIdentityManager?;
     constructor(userConfig: SDKConfig);
     /**
      * Initialize SDK
@@ -776,7 +777,7 @@ declare class ZaplierSDK implements ZaplierSDK$1 {
     private initializeAntiAdblock;
     /**
      * Collect fingerprint and generate visitor ID (IMPROVED - 2024)
-     * Enhanced with better incognito detection
+     * Enhanced with better incognito detection and localStorage persistence
      */
     private collectFingerprint;
     /**
@@ -1355,6 +1356,7 @@ declare function hash32(input: string): string;
 declare function hashFingerprint(components: Record<string, any>, debug?: boolean): string;
 /**
  * Generate a visitor ID from fingerprint hash
+ * Returns a proper UUID v4 format for database compatibility
  */
 declare function generateVisitorId(fingerprintHash: string): string;
 

package/dist/index.esm.js

@@ -199,10 +199,19 @@ function hashFingerprint(components, debug = false) {
 }
 /**
  * Generate a visitor ID from fingerprint hash
+ * Returns a proper UUID v4 format for database compatibility
  */
 function generateVisitorId(fingerprintHash) {
-    // Use first 16 characters of the hash for visitor ID
-    return "vis_" + fingerprintHash.substring(0, 16);
+    // Generate UUID v4 format from fingerprint hash
+    const hash = fingerprintHash.length >= 32 ? fingerprintHash : (fingerprintHash + fingerprintHash + fingerprintHash + fingerprintHash).substring(0, 32);
+    // Extract bytes for UUID construction
+    const hex = hash.substring(0, 32);
+    // Set version 4 and variant bits according to RFC 4122
+    const chars = hex.split('');
+    chars[12] = '4'; // Version 4
+    chars[16] = (parseInt(chars[16] || '0', 16) & 0x3 | 0x8).toString(16); // Variant 10
+    // Format as UUID: xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx
+    return `${chars.slice(0, 8).join('')}-${chars.slice(8, 12).join('')}-${chars.slice(12, 16).join('')}-${chars.slice(16, 20).join('')}-${chars.slice(20, 32).join('')}`;
 }
 /**
  * Check if a key represents an unstable component that should be excluded from hashing
@@ -19608,6 +19617,292 @@ class AutoTracker {
     }
 }
 
+/**
+ * Visitor Persistence Manager for SDK
+ * Implements client-side visitor identification with localStorage camouflage
+ */
+// Camuflaged storage keys to avoid detection/blocking
+const STORAGE_KEYS = {
+    session: "__zp_s", // Session identifier
+    visitor: "__zp_v", // Visitor identifier (camuflado)
+    device: "__zp_d", // Device fingerprint cache
+    prefs: "__zp_p", // User preferences (decoy storage)
+    analytics: "__zp_a", // Analytics preferences (additional decoy)
+};
+/**
+ * Multi-layer persistence manager with fallbacks
+ */
+class PersistenceManager {
+    // 1. LocalStorage (primary) - Most persistent
+    static setLocal(key, value) {
+        try {
+            if (typeof window !== "undefined" && window.localStorage) {
+                localStorage.setItem(key, value);
+                return true;
+            }
+        }
+        catch (e) {
+            // Storage disabled/private mode
+        }
+        return false;
+    }
+    static getLocal(key) {
+        try {
+            if (typeof window !== "undefined" && window.localStorage) {
+                return localStorage.getItem(key);
+            }
+        }
+        catch (e) {
+            // Storage disabled/private mode
+        }
+        return null;
+    }
+    // 2. SessionStorage (secondary) - Session-only
+    static setSession(key, value) {
+        try {
+            if (typeof window !== "undefined" && window.sessionStorage) {
+                sessionStorage.setItem(key, value);
+                return true;
+            }
+        }
+        catch (e) {
+            // Storage disabled/private mode
+        }
+        return false;
+    }
+    static getSession(key) {
+        try {
+            if (typeof window !== "undefined" && window.sessionStorage) {
+                return sessionStorage.getItem(key);
+            }
+        }
+        catch (e) {
+            // Storage disabled/private mode
+        }
+        return null;
+    }
+    // 3. Cookie (tertiary) - Cross-session with expiration
+    static setCookie(key, value, days = 365) {
+        try {
+            if (typeof document !== "undefined") {
+                const expires = new Date(Date.now() + days * 24 * 60 * 60 * 1000).toUTCString();
+                document.cookie = `${key}=${value}; expires=${expires}; path=/; SameSite=Lax`;
+                return true;
+            }
+        }
+        catch (e) {
+            // Cookies disabled
+        }
+        return false;
+    }
+    static getCookie(key) {
+        try {
+            if (typeof document !== "undefined") {
+                const name = key + "=";
+                const decodedCookie = decodeURIComponent(document.cookie);
+                const ca = decodedCookie.split(";");
+                for (let i = 0; i < ca.length; i++) {
+                    let c = ca[i];
+                    if (c) {
+                        while (c.charAt(0) === " ") {
+                            c = c.substring(1);
+                        }
+                        if (c.indexOf(name) === 0) {
+                            return c.substring(name.length, c.length);
+                        }
+                    }
+                }
+            }
+        }
+        catch (e) {
+            // Cookies disabled
+        }
+        return null;
+    }
+    // 4. Memory (fallback) - Current session only
+    static setMemory(key, value) {
+        this.memoryStore.set(key, value);
+        return true;
+    }
+    static getMemory(key) {
+        return this.memoryStore.get(key) || null;
+    }
+    // Multi-layer get with fallbacks
+    static get(key) {
+        // Try localStorage first (most persistent)
+        let value = this.getLocal(key);
+        if (value)
+            return { value, method: "localStorage" };
+        // Try sessionStorage (session-only)
+        value = this.getSession(key);
+        if (value)
+            return { value, method: "sessionStorage" };
+        // Try cookies (cross-session)
+        value = this.getCookie(key);
+        if (value)
+            return { value, method: "cookie" };
+        // Try memory (current session)
+        value = this.getMemory(key);
+        if (value)
+            return { value, method: "memory" };
+        return { value: null, method: "none" };
+    }
+    // Multi-layer set with fallbacks
+    static set(key, value) {
+        // Try localStorage first (most persistent)
+        if (this.setLocal(key, value)) {
+            return { success: true, method: "localStorage" };
+        }
+        // Try sessionStorage (session-only)
+        if (this.setSession(key, value)) {
+            return { success: true, method: "sessionStorage" };
+        }
+        // Try cookies (cross-session)
+        if (this.setCookie(key, value)) {
+            return { success: true, method: "cookie" };
+        }
+        // Fallback to memory (current session)
+        this.setMemory(key, value);
+        return { success: true, method: "memory" };
+    }
+}
+PersistenceManager.memoryStore = new Map();
+/**
+ * Advanced Visitor Identity Manager with Camouflaged Storage
+ */
+class VisitorIdentityManager {
+    generateVisitorId() {
+        // Generate UUID v4 format instead of vis_ prefix
+        const bytes = crypto.getRandomValues(new Uint8Array(16));
+        // Set version 4
+        bytes[6] = (bytes[6] & 0x0f) | 0x40;
+        // Set variant
+        bytes[8] = (bytes[8] & 0x3f) | 0x80;
+        const hex = Array.from(bytes).map(b => b.toString(16).padStart(2, '0')).join('');
+        return `${hex.substr(0, 8)}-${hex.substr(8, 4)}-${hex.substr(12, 4)}-${hex.substr(16, 4)}-${hex.substr(20, 12)}`;
+    }
+    generateVisitorIdFromHash(hash) {
+        // Generate deterministic UUID v4 format from fingerprint hash
+        // This ensures same fingerprint = same visitor ID
+        const hashExtended = hash.length >= 32 ? hash : (hash + hash + hash + hash).substring(0, 32);
+        // Extract hex characters for UUID construction
+        const hex = hashExtended.substring(0, 32);
+        const chars = hex.split('');
+        // Set version 4 and variant bits according to RFC 4122
+        chars[12] = '4'; // Version 4
+        chars[16] = (parseInt(chars[16] || '0', 16) & 0x3 | 0x8).toString(16); // Variant 10
+        // Format as UUID: xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx
+        return `${chars.slice(0, 8).join('')}-${chars.slice(8, 12).join('')}-${chars.slice(12, 16).join('')}-${chars.slice(16, 20).join('')}-${chars.slice(20, 32).join('')}`;
+    }
+    generateSessionId() {
+        return "ses_" + Array.from(crypto.getRandomValues(new Uint8Array(8)))
+            .map(b => b.toString(16).padStart(2, '0'))
+            .join('') + "_" + Date.now().toString(36);
+    }
+    createCamouflageData(visitorId, sessionId, stableCoreHash) {
+        return {
+            theme: "auto",
+            lang: (navigator.language || "en-US").substring(0, 2),
+            tz: Intl.DateTimeFormat().resolvedOptions().timeZone,
+            analytics: true,
+            cookies: true,
+            _v: visitorId, // Hidden visitor ID
+            _s: sessionId, // Hidden session ID  
+            _sc: stableCoreHash, // Hidden stable core
+            ts: Date.now(),
+        };
+    }
+    extractFromCamouflage(data) {
+        try {
+            const parsed = JSON.parse(data);
+            if (parsed._v && parsed._s && parsed._sc) {
+                return {
+                    visitorId: parsed._v,
+                    sessionId: parsed._s,
+                    stableCoreHash: parsed._sc,
+                    persistenceMethod: "localStorage",
+                    confidence: 0.95,
+                    createdAt: parsed.ts || Date.now(),
+                    lastSeen: Date.now(),
+                    reused: true,
+                };
+            }
+        }
+        catch (e) {
+            // Invalid data
+        }
+        return null;
+    }
+    async getOrCreateVisitorIdentity(params) {
+        const { stableCoreHash } = params;
+        // Try to recover existing identity from camouflaged storage
+        const { value: storedData, method } = PersistenceManager.get(STORAGE_KEYS.prefs);
+        if (storedData) {
+            const existingIdentity = this.extractFromCamouflage(storedData);
+            if (existingIdentity && existingIdentity.stableCoreHash === stableCoreHash) {
+                // Update last seen time
+                const updatedCamouflage = this.createCamouflageData(existingIdentity.visitorId, existingIdentity.sessionId, stableCoreHash);
+                PersistenceManager.set(STORAGE_KEYS.prefs, JSON.stringify(updatedCamouflage));
+                return {
+                    ...existingIdentity,
+                    persistenceMethod: method,
+                    lastSeen: Date.now(),
+                    reused: true,
+                };
+            }
+        }
+        // Create new visitor identity (deterministic from fingerprint)
+        // Use stableCoreHash for deterministic visitor ID generation
+        // This ensures same fingerprint = same visitor ID across devices and sessions
+        const deterministicVisitorId = this.generateVisitorIdFromHash(params.stableCoreHash);
+        const newSessionId = params.sessionId || this.generateSessionId();
+        const newIdentity = {
+            visitorId: deterministicVisitorId,
+            sessionId: newSessionId,
+            stableCoreHash,
+            deviceFingerprint: params.deviceFingerprint,
+            persistenceMethod: "localStorage",
+            confidence: 0.90,
+            createdAt: Date.now(),
+            lastSeen: Date.now(),
+            reused: false,
+        };
+        // Store in camouflaged format
+        const camouflageData = this.createCamouflageData(deterministicVisitorId, newSessionId, stableCoreHash);
+        const { method: storageMethod } = PersistenceManager.set(STORAGE_KEYS.prefs, JSON.stringify(camouflageData));
+        newIdentity.persistenceMethod = storageMethod;
+        // Also store device fingerprint cache for faster lookups
+        PersistenceManager.set(STORAGE_KEYS.device, params.deviceFingerprint);
+        return newIdentity;
+    }
+    // Get current visitor ID without creating new one
+    getCurrentVisitorId() {
+        const { value: storedData } = PersistenceManager.get(STORAGE_KEYS.prefs);
+        if (storedData) {
+            const identity = this.extractFromCamouflage(storedData);
+            return identity?.visitorId || null;
+        }
+        return null;
+    }
+    // Clear all stored identity data
+    clearIdentity() {
+        // Remove from all storage layers
+        try {
+            PersistenceManager.setLocal(STORAGE_KEYS.prefs, "");
+            PersistenceManager.setLocal(STORAGE_KEYS.device, "");
+            PersistenceManager.setSession(STORAGE_KEYS.prefs, "");
+            PersistenceManager.setSession(STORAGE_KEYS.device, "");
+            PersistenceManager.setCookie(STORAGE_KEYS.prefs, "", -1); // Expire immediately
+            PersistenceManager.setCookie(STORAGE_KEYS.device, "", -1);
+            PersistenceManager.setMemory(STORAGE_KEYS.prefs, "");
+            PersistenceManager.setMemory(STORAGE_KEYS.device, "");
+        }
+        catch (e) {
+            // Silent fail
+        }
+    }
+}
+
 /**
  * Zaplier SDK v1.0.0
  * 100% Cookieless Analytics Tracking
@@ -20043,10 +20338,12 @@ class ZaplierSDK {
     }
     /**
      * Collect fingerprint and generate visitor ID (IMPROVED - 2024)
-     * Enhanced with better incognito detection
+     * Enhanced with better incognito detection and localStorage persistence
      */
     async collectFingerprint() {
         try {
+            // Initialize visitor identity manager
+            this.visitorIdentityManager = new VisitorIdentityManager();
             // Use appropriate fingerprinting based on GDPR mode
             const result = this.config.gdprMode
                 ? await getLightweightFingerprint()
@@ -20064,6 +20361,26 @@ class ZaplierSDK {
                         sdkVersion: this.version,
                     };
                 }
+                // Generate or retrieve visitor identity using persistent storage
+                const visitorIdentity = await this.visitorIdentityManager.getOrCreateVisitorIdentity({
+                    fingerprintHash: result.data.hash,
+                    stableCoreHash: result.data.stableCoreHash,
+                    deviceFingerprint: result.data.hash,
+                    sessionId: this.sessionId,
+                    userAgent: navigator.userAgent,
+                    ipAddress: undefined, // Will be determined server-side
+                });
+                // Set the persistent visitor ID
+                this.visitorId = visitorIdentity.visitorId;
+                if (this.config.debug) {
+                    console.log("[Zaplier] Visitor identity resolved:", {
+                        visitorId: this.visitorId,
+                        sessionId: this.sessionId,
+                        persistenceMethod: visitorIdentity.persistenceMethod,
+                        confidence: visitorIdentity.confidence,
+                        isNewVisitor: !visitorIdentity.reused,
+                    });
+                }
                 if (this.config.debug) {
                     console.log("[Zaplier] Fingerprint collected:", {
                         components: result.collectedComponents,
@@ -20170,6 +20487,10 @@ class ZaplierSDK {
         try {
             const payload = {
                 // workspaceId moved to query parameter
+                // Visitor ID (persistido via localStorage camuflado)
+                visitorId: this.visitorId,
+                // Session ID (gerado por sessão)
+                sessionId: this.sessionId,
                 fingerprintHash: this.fingerprint?.hash,
                 stableCoreHash: this.fingerprint?.stableCoreHash,
                 stableCoreVector: this.fingerprint?.stableCoreVector,