@bucketco/tracking-sdk - npm Package Compare versions

Comparing version 2.1.7 to 2.1.8-0

dist/package.json

 {
     "name": "@bucketco/tracking-sdk",
-    "version": "2.1.7",
+    "version": "2.1.8-0",
     "license": "MIT",
@@ -5,0 +5,0 @@ "private": false,

dist/src/main.js

@@ -44,2 +44,3 @@ "use strict";
 const feedbackLib = __importStar(require("./feedback"));
+const prompt_storage_1 = require("./prompt-storage");
 const prompts_1 = require("./prompts");
@@ -299,19 +300,23 @@ const sse_1 = require("./sse");
             userId = resolveUser(userId);
+            const existingAuth = (0, prompt_storage_1.getAuthToken)(userId);
+            let channel = existingAuth === null || existingAuth === void 0 ? void 0 : existingAuth.channel;
             // while initializing, consider the channel active
             liveSatisfactionActive = true;
             try {
-                const res = yield request(`${getUrl()}/feedback/prompting-init`, {
-                    userId,
-                });
-                log(`feedback prompting status sent`, res);
-                const body = yield res.json();
-                if (!body.success || !body.channel) {
-                    log(`feedback prompting not enabled`);
-                    return res;
+                if (!channel) {
+                    const res = yield request(`${getUrl()}/feedback/prompting-init`, {
+                        userId,
+                    });
+                    log(`feedback prompting status sent`, res);
+                    const body = yield res.json();
+                    if (!body.success || !body.channel) {
+                        log(`feedback prompting not enabled`);
+                        return res;
+                    }
+                    channel = body.channel;
                 }
-                log(`feedback prompting enabled`);
-                sseChannel = (0, sse_1.openAblySSEChannel)(`${getUrl()}/feedback/prompting-auth`, userId, body.channel, (message) => handleFeedbackPromptRequest(userId, message), { debug, sseHost });
+                log(`feedback prompting enabled`, channel);
+                sseChannel = (0, sse_1.openAblySSEChannel)(`${getUrl()}/feedback/prompting-auth`, userId, channel, (message) => handleFeedbackPromptRequest(userId, message), { debug, sseHost });
                 feedbackPromptingUserId = userId;
                 log(`feedback prompting connection established`);
-                return res;
             }
@@ -322,2 +327,3 @@ finally {
             }
+            return channel;
         });
@@ -324,0 +330,0 @@ }

dist/src/prompt-storage.js

@@ -6,6 +6,10 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.checkPromptMessageCompleted = exports.markPromptMessageCompleted = void 0;
+exports.getAuthToken = exports.rememberAuthToken = exports.checkPromptMessageCompleted = exports.markPromptMessageCompleted = void 0;
 const js_cookie_1 = __importDefault(require("js-cookie"));
 const markPromptMessageCompleted = (userId, promptId, expiresAt) => {
-    js_cookie_1.default.set(`bucket-prompt-${userId}`, promptId, { expires: expiresAt });
+    js_cookie_1.default.set(`bucket-prompt-${userId}`, promptId, {
+        expires: expiresAt,
+        sameSite: "strict",
+        secure: true,
+    });
 };
@@ -18,2 +22,25 @@ exports.markPromptMessageCompleted = markPromptMessageCompleted;
 exports.checkPromptMessageCompleted = checkPromptMessageCompleted;
+const rememberAuthToken = (userId, channel, token, expiresAt) => {
+    js_cookie_1.default.set(`bucket-token-${userId}`, `${channel}:${token}`, {
+        expires: expiresAt,
+        sameSite: "strict",
+        secure: true,
+    });
+};
+exports.rememberAuthToken = rememberAuthToken;
+const getAuthToken = (userId) => {
+    const val = js_cookie_1.default.get(`bucket-token-${userId}`);
+    if (!val) {
+        return undefined;
+    }
+    const [channel, token] = val.split(":");
+    if (!(channel === null || channel === void 0 ? void 0 : channel.length) || !(token === null || token === void 0 ? void 0 : token.length)) {
+        return undefined;
+    }
+    return {
+        channel,
+        token,
+    };
+};
+exports.getAuthToken = getAuthToken;
 //# sourceMappingURL=prompt-storage.js.map

dist/src/sse.js

@@ -18,2 +18,3 @@ "use strict";
 const config_1 = require("./config");
+const prompt_storage_1 = require("./prompt-storage");
 const ABLY_TOKEN_ERROR_MIN = 40140;
@@ -70,2 +71,7 @@ const ABLY_TOKEN_ERROR_MAX = 40149;
         return __awaiter(this, void 0, void 0, function* () {
+            const cached = (0, prompt_storage_1.getAuthToken)(this.userId);
+            if (cached && cached.channel === this.channel) {
+                this.log("using existing token", cached.channel, cached.token);
+                return cached.token;
+            }
             const tokenRequest = yield this.refreshTokenRequest();
@@ -80,5 +86,6 @@ const res = yield (0, cross_fetch_1.default)(`${this.sseHost}/keys/${encodeURIComponent(tokenRequest.keyName)}/requestToken`, {
             if (res.ok) {
-                const token = yield res.json();
-                this.log("obtained new token", token);
-                return token;
+                const details = yield res.json();
+                this.log("obtained new token", details);
+                (0, prompt_storage_1.rememberAuthToken)(this.userId, this.channel, details.token, new Date(details.expires));
+                return details.token;
             }
@@ -159,3 +166,3 @@ this.err("server did not release a token", res);
                 const token = yield this.refreshToken();
-                this.eventSource = new EventSource(`${this.sseHost}/sse?v=1.2&accessToken=${encodeURIComponent(token.token)}&channels=${encodeURIComponent(this.channel)}&rewind=1`);
+                this.eventSource = new EventSource(`${this.sseHost}/sse?v=1.2&accessToken=${encodeURIComponent(token)}&channels=${encodeURIComponent(this.channel)}&rewind=1`);
                 this.eventSource.addEventListener("error", (e) => this.onError(e));
@@ -162,0 +169,0 @@ this.eventSource.addEventListener("open", (e) => this.onOpen(e));

dist/types/src/index.d.ts

@@ -17,5 +17,5 @@ declare const _default: {
     requestFeedback: (options: import("./types").RequestFeedbackOptions) => void;
-    initLiveSatisfaction: (userId?: string | undefined) => Promise<Response | undefined>;
-    initLiveFeedback: (userId?: string | undefined) => Promise<Response | undefined>;
+    initLiveSatisfaction: (userId?: string | undefined) => Promise<string | Response | undefined>;
+    initLiveFeedback: (userId?: string | undefined) => Promise<string | Response | undefined>;
 };
 export default _default;

dist/types/src/main.d.ts

@@ -10,4 +10,4 @@ import type { Company, Context, Feedback, Key, Options, RequestFeedbackOptions, TrackedEvent, User } from "./types";
     requestFeedback: (options: RequestFeedbackOptions) => void;
-    initLiveSatisfaction: (userId?: User["userId"]) => Promise<Response | undefined>;
-    initLiveFeedback: (userId?: User["userId"]) => Promise<Response | undefined>;
+    initLiveSatisfaction: (userId?: User["userId"]) => Promise<string | Response | undefined>;
+    initLiveFeedback: (userId?: User["userId"]) => Promise<string | Response | undefined>;
 };

dist/types/src/prompt-storage.d.ts

 export declare const markPromptMessageCompleted: (userId: string, promptId: string, expiresAt: Date) => void;
 export declare const checkPromptMessageCompleted: (userId: string, promptId: string) => boolean;
+export declare const rememberAuthToken: (userId: string, channel: string, token: string, expiresAt: Date) => void;
+export declare const getAuthToken: (userId: string) => {
+    channel: string;
+    token: string;
+} | undefined;

package.json

 {
   "name": "@bucketco/tracking-sdk",
-  "version": "2.1.7",
+  "version": "2.1.8-0",
   "license": "MIT",
@@ -5,0 +5,0 @@ "private": false,

README.md

@@ -157,3 +157,3 @@ # Bucket Tracking SDK
 | connect-src | https://livemessaging.bucket.co | live satisfaction | Server sent events from the Bucket Live Satisfaction service, which allows for automatically collecting feedback when a user used a feature. |
-| style-src   | 'unsafe-inline'                 | feedback UI       | The feedback UI is styled with inline script tags. Not having this directive results unstyled HTML elements.                                 |
+| style-src   | 'unsafe-inline'                 | feedback UI       | The feedback UI is styled with inline styles. Not having this directive results unstyled HTML elements.                                      |
 
@@ -160,0 +160,0 @@ If you are including the Bucket tracking SDK with a `<script>`-tag from `jsdelivr.net` you will also need:

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Deprecated

Maintenance

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

358721

increased by1.32%

Lines of code

2417

increased by1.9%

Worsened metrics

Number of medium maintenance alerts

1

increased byInfinity%

Number of low quality alerts

3

increased by50%

No dependency changes