umami/pages/api/collect.js

import isbot from 'isbot';
import ipaddr from 'ipaddr.js';
import { savePageView, saveEvent } from 'lib/queries';
import { useCors, useSession } from 'lib/middleware';
import { getJsonBody, getIpAddress } from 'lib/request';
import { ok, send, badRequest } from 'lib/response';
import { createToken } from 'lib/crypto';
import { removeTrailingSlash } from 'lib/url';

export default async (req, res) => {
  await useCors(req, res);

  if (isbot(req.headers['user-agent'])) {
    return ok(res);
  }

  if (process.env.IGNORE_IP) {
    const ips = process.env.IGNORE_IP.split(',').map(n => n.trim());
    const ip = getIpAddress(req);
    const blocked = ips.find(i => {
      if (i === ip) return true;

      // CIDR notation
      if (i.indexOf('/') > 0) {
        const addr = ipaddr.parse(ip);
        const range = ipaddr.parseCIDR(i);

        if (addr.kind() === range[0].kind() && addr.match(range)) return true;
      }

      return false;
    });

    if (blocked) {
      return ok(res);
    }
  }

  await useSession(req, res);

  const {
    session: { website_id, session_id },
  } = req;

  const { type, payload } = getJsonBody(req);

  let { url, referrer, event_type, event_value } = payload;

  if (process.env.REMOVE_TRAILING_SLASH) {
    url = removeTrailingSlash(url);
  }

  if (type === 'pageview') {
    await savePageView(website_id, session_id, url, referrer);
  } else if (type === 'event') {
    await saveEvent(website_id, session_id, url, event_type, event_value);
  } else {
    return badRequest(res);
  }

  const token = await createToken({ website_id, session_id });

  return send(res, token);
};
Updated bot detection library. 2021-03-13 06:44:25 +00:00			`import isbot from 'isbot';`
Support CIDR notation in IGNORE_IP, closes #544. 2021-04-26 06:57:49 +00:00			`import ipaddr from 'ipaddr.js';`
Refactor database queries. 2020-08-12 05:24:41 +00:00			`import { savePageView, saveEvent } from 'lib/queries';`
Auth and session middleware. 2020-07-28 06:52:14 +00:00			`import { useCors, useSession } from 'lib/middleware';`
Fix issue with sendBeacon request. 2022-03-11 03:01:33 +00:00			`import { getJsonBody, getIpAddress } from 'lib/request';`
Updated collect API response. 2022-03-11 04:39:11 +00:00			`import { ok, send, badRequest } from 'lib/response';`
Implement session caching. 2020-10-03 03:33:46 +00:00			`import { createToken } from 'lib/crypto';`
Added option to remove trailing slash from urls. 2022-01-26 05:23:40 +00:00			`import { removeTrailingSlash } from 'lib/url';`
Initial commit. 2020-07-17 08:03:38 +00:00
			`export default async (req, res) => {`
Updated log merge logic to prevent duplicates. 2020-10-09 17:48:47 +00:00			`await useCors(req, res);`

Updated bot detection library. 2021-03-13 06:44:25 +00:00			`if (isbot(req.headers['user-agent'])) {`
Added check for bots. 2020-09-11 03:37:07 +00:00			`return ok(res);`
			`}`

Added IP address ignore list. 2020-10-04 02:07:56 +00:00			`if (process.env.IGNORE_IP) {`
			`const ips = process.env.IGNORE_IP.split(',').map(n => n.trim());`
			`const ip = getIpAddress(req);`
Support CIDR notation in IGNORE_IP, closes #544. 2021-04-26 06:57:49 +00:00			`const blocked = ips.find(i => {`
			`if (i === ip) return true;`
Added IP address ignore list. 2020-10-04 02:07:56 +00:00
Support CIDR notation in IGNORE_IP, closes #544. 2021-04-26 06:57:49 +00:00			`// CIDR notation`
			`if (i.indexOf('/') > 0) {`
			`const addr = ipaddr.parse(ip);`
			`const range = ipaddr.parseCIDR(i);`

Ensure comparaison of same CIDR IP version 2021-08-11 12:31:32 +00:00			`if (addr.kind() === range[0].kind() && addr.match(range)) return true;`
Support CIDR notation in IGNORE_IP, closes #544. 2021-04-26 06:57:49 +00:00			`}`

			`return false;`
			`});`

			`if (blocked) {`
Added IP address ignore list. 2020-10-04 02:07:56 +00:00			`return ok(res);`
			`}`
			`}`

Auth and session middleware. 2020-07-28 06:52:14 +00:00			`await useSession(req, res);`
Added CORS middleware. Updated umami script. 2020-07-18 17:36:46 +00:00
Removed session code. 2020-08-21 02:17:27 +00:00			`const {`
			`session: { website_id, session_id },`
			`} = req;`
Initial commit. 2020-07-17 08:03:38 +00:00
Fix issue with sendBeacon request. 2022-03-11 03:01:33 +00:00			`const { type, payload } = getJsonBody(req);`

Added option to remove trailing slash from urls. 2022-01-26 05:23:40 +00:00			`let { url, referrer, event_type, event_value } = payload;`

			`if (process.env.REMOVE_TRAILING_SLASH) {`
			`url = removeTrailingSlash(url);`
			`}`
Accounts and login. 2020-07-24 02:56:55 +00:00
Added option to remove trailing slash from urls. 2022-01-26 05:23:40 +00:00			`if (type === 'pageview') {`
Accounts and login. 2020-07-24 02:56:55 +00:00			`await savePageView(website_id, session_id, url, referrer);`
Refactored session and collect process. 2020-07-20 08:54:21 +00:00			`} else if (type === 'event') {`
Accounts and login. 2020-07-24 02:56:55 +00:00			`await saveEvent(website_id, session_id, url, event_type, event_value);`
Handle website delete. Added response helper functions. 2020-08-08 00:19:42 +00:00			`} else {`
			`return badRequest(res);`
Accounts and login. 2020-07-24 02:56:55 +00:00			`}`
Switch to json web tokens. 2020-07-23 03:45:09 +00:00
Implement session caching. 2020-10-03 03:33:46 +00:00			`const token = await createToken({ website_id, session_id });`

Updated collect API response. 2022-03-11 04:39:11 +00:00			`return send(res, token);`
Initial commit. 2020-07-17 08:03:38 +00:00			`};`