umami/pages/api/collect.js

import isbot from 'isbot';
import ipaddr from 'ipaddr.js';
import { savePageView, saveEvent } from 'lib/queries';
import { useCors, useSession } from 'lib/middleware';
import { getJsonBody, getIpAddress } from 'lib/request';
import { ok, badRequest } from 'lib/response';
import { createToken } from 'lib/crypto';
import { removeTrailingSlash } from 'lib/url';

export default async (req, res) => {
  await useCors(req, res);

  if (isbot(req.headers['user-agent'])) {
    return ok(res);
  }

  if (process.env.IGNORE_IP) {
    const ips = process.env.IGNORE_IP.split(',').map(n => n.trim());
    const ip = getIpAddress(req);
    const blocked = ips.find(i => {
      if (i === ip) return true;

      // CIDR notation
      if (i.indexOf('/') > 0) {
        const addr = ipaddr.parse(ip);
        const range = ipaddr.parseCIDR(i);

        if (addr.kind() === range[0].kind() && addr.match(range)) return true;
      }

      return false;
    });

    if (blocked) {
      return ok(res);
    }
  }

  await useSession(req, res);

  const {
    session: { website_id, session_id },
  } = req;

  const { type, payload } = getJsonBody(req);

  let { url, referrer, event_type, event_value } = payload;

  if (process.env.REMOVE_TRAILING_SLASH) {
    url = removeTrailingSlash(url);
  }

  if (type === 'pageview') {
    await savePageView(website_id, session_id, url, referrer);
  } else if (type === 'event') {
    await saveEvent(website_id, session_id, url, event_type, event_value);
  } else {
    return badRequest(res);
  }

  const token = await createToken({ website_id, session_id });

  return ok(res, token);
};
Updated bot detection library. 2021-03-13 07:44:25 +01:00			`import isbot from 'isbot';`
Support CIDR notation in IGNORE_IP, closes #544. 2021-04-26 08:57:49 +02:00			`import ipaddr from 'ipaddr.js';`
Refactor database queries. 2020-08-12 07:24:41 +02:00			`import { savePageView, saveEvent } from 'lib/queries';`
Auth and session middleware. 2020-07-28 08:52:14 +02:00			`import { useCors, useSession } from 'lib/middleware';`
Fix issue with sendBeacon request. 2022-03-11 04:01:33 +01:00			`import { getJsonBody, getIpAddress } from 'lib/request';`
Handle website delete. Added response helper functions. 2020-08-08 02:19:42 +02:00			`import { ok, badRequest } from 'lib/response';`
Implement session caching. 2020-10-03 05:33:46 +02:00			`import { createToken } from 'lib/crypto';`
Added option to remove trailing slash from urls. 2022-01-26 06:23:40 +01:00			`import { removeTrailingSlash } from 'lib/url';`
Initial commit. 2020-07-17 10:03:38 +02:00
			`export default async (req, res) => {`
Updated log merge logic to prevent duplicates. 2020-10-09 19:48:47 +02:00			`await useCors(req, res);`

Updated bot detection library. 2021-03-13 07:44:25 +01:00			`if (isbot(req.headers['user-agent'])) {`
Added check for bots. 2020-09-11 05:37:07 +02:00			`return ok(res);`
			`}`

Added IP address ignore list. 2020-10-04 04:07:56 +02:00			`if (process.env.IGNORE_IP) {`
			`const ips = process.env.IGNORE_IP.split(',').map(n => n.trim());`
			`const ip = getIpAddress(req);`
Support CIDR notation in IGNORE_IP, closes #544. 2021-04-26 08:57:49 +02:00			`const blocked = ips.find(i => {`
			`if (i === ip) return true;`
Added IP address ignore list. 2020-10-04 04:07:56 +02:00
Support CIDR notation in IGNORE_IP, closes #544. 2021-04-26 08:57:49 +02:00			`// CIDR notation`
			`if (i.indexOf('/') > 0) {`
			`const addr = ipaddr.parse(ip);`
			`const range = ipaddr.parseCIDR(i);`

Ensure comparaison of same CIDR IP version 2021-08-11 14:31:32 +02:00			`if (addr.kind() === range[0].kind() && addr.match(range)) return true;`
Support CIDR notation in IGNORE_IP, closes #544. 2021-04-26 08:57:49 +02:00			`}`

			`return false;`
			`});`

			`if (blocked) {`
Added IP address ignore list. 2020-10-04 04:07:56 +02:00			`return ok(res);`
			`}`
			`}`

Auth and session middleware. 2020-07-28 08:52:14 +02:00			`await useSession(req, res);`
Added CORS middleware. Updated umami script. 2020-07-18 19:36:46 +02:00
Removed session code. 2020-08-21 04:17:27 +02:00			`const {`
			`session: { website_id, session_id },`
			`} = req;`
Initial commit. 2020-07-17 10:03:38 +02:00
Fix issue with sendBeacon request. 2022-03-11 04:01:33 +01:00			`const { type, payload } = getJsonBody(req);`

Added option to remove trailing slash from urls. 2022-01-26 06:23:40 +01:00			`let { url, referrer, event_type, event_value } = payload;`

			`if (process.env.REMOVE_TRAILING_SLASH) {`
			`url = removeTrailingSlash(url);`
			`}`
Accounts and login. 2020-07-24 04:56:55 +02:00
Added option to remove trailing slash from urls. 2022-01-26 06:23:40 +01:00			`if (type === 'pageview') {`
Accounts and login. 2020-07-24 04:56:55 +02:00			`await savePageView(website_id, session_id, url, referrer);`
Refactored session and collect process. 2020-07-20 10:54:21 +02:00			`} else if (type === 'event') {`
Accounts and login. 2020-07-24 04:56:55 +02:00			`await saveEvent(website_id, session_id, url, event_type, event_value);`
Handle website delete. Added response helper functions. 2020-08-08 02:19:42 +02:00			`} else {`
			`return badRequest(res);`
Accounts and login. 2020-07-24 04:56:55 +02:00			`}`
Switch to json web tokens. 2020-07-23 05:45:09 +02:00
Implement session caching. 2020-10-03 05:33:46 +02:00			`const token = await createToken({ website_id, session_id });`

			`return ok(res, token);`
Initial commit. 2020-07-17 10:03:38 +02:00			`};`