watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2026-02-06 21:57:16 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

update visitId hash and expiration logic

Browse source
This commit is contained in:
Francis Cao 2024-03-25 17:47:53 -07:00
parent d3ca856521
commit 0aaf2c0b3b
5 changed files with 44 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/lib/crypto.ts
View file

@ -1,4 +1,4 @@
import { startOfMonth } from 'date-fns';
import { startOfHour, startOfMonth } from 'date-fns';
import { hash } from 'next-basics';
import { v4, v5, validate } from 'uuid';
@ -12,6 +12,12 @@ export function salt() {
return hash(secret(), ROTATING_SALT);
}
export function sessionSalt() {
const ROTATING_SALT = hash(startOfHour(new Date()).toUTCString());
return hash(secret(), ROTATING_SALT);
}
export function uuid(...args: any) {
if (!args.length) return v4();

7
src/lib/session.ts
View file

@ -1,4 +1,4 @@
import { isUuid, secret, uuid } from 'lib/crypto';
import { isUuid, secret, sessionSalt, uuid } from 'lib/crypto';
import { getClientInfo } from 'lib/detect';
import { parseToken } from 'next-basics';
import { NextApiRequestCollect } from 'pages/api/send';
@ -10,6 +10,7 @@ import { loadSession, loadWebsite } from './load';
export async function findSession(req: NextApiRequestCollect): Promise<{
id: any;
websiteId: string;
visitId: string;
hostname: string;
browser: string;
os: any;
@ -67,12 +68,14 @@ export async function findSession(req: NextApiRequestCollect): Promise<{
await getClientInfo(req, payload);
const sessionId = uuid(websiteId, hostname, ip, userAgent);
const visitId = uuid(sessionId, sessionSalt());
// Clickhouse does not require session lookup
if (clickhouse.enabled) {
return {
id: sessionId,
websiteId,
visitId,
hostname,
browser,
os: os as any,
@ -114,7 +117,7 @@ export async function findSession(req: NextApiRequestCollect): Promise<{
}
}
return { ...session, ownerId: website.userId };
return { ...session, ownerId: website.userId, visitId: visitId };
}
async function checkUserBlock(userId: string) {