Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@fingerprintjs/fingerprintjs-pro-spa

Package Overview
Dependencies
Maintainers
2
Versions
28
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@fingerprintjs/fingerprintjs-pro-spa

FingerprintJS Pro JavaScript agent for Single-Page Applications (SPA)

  • 1.3.2
  • latest
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
30K
decreased by-1.52%
Maintainers
2
Weekly downloads
 
Created
Source

Fingerprint logo

Current NPM version coverage Monthly downloads from NPM MIT license Discord server Documentation

Fingerprint Pro SPA

Fingerprint is a device intelligence platform offering 99.5% accurate visitor identification

This library is a framework-agnostic wrapper around the Fingerprint Pro JavaScript Agent, adding multiple built-in caching mechanisms with recommended default settings.

  • If you just need the Fingerprint Pro JS agent without caching, you can use it directly.
  • If you're looking for a framework-specific integration, we have dedicated SDKs for React (including Next, Preact), Vue, Svelte and Angular.
  • If you have a single-page web application that needs caching, but also more low-level control over the agent than framework-specific SDKs provide, this library is for you.

[!NOTE] This library assumes you have a Fingerprint Pro subscription or trial, it is not compatible with the source-available FingerprintJS. See our documentation to learn more about the differences between Fingerprint Pro and FingerprintJS.

Table of Contents

Requirements

  • For TypeScript users: Typescript 4.5 or higher

Installation

Using npm:

npm install @fingerprintjs/fingerprintjs-pro-spa

Using yarn:

yarn add @fingerprintjs/fingerprintjs-pro-spa

Using pnpm:

pnpm add @fingerprintjs/fingerprintjs-pro-spa

Getting Started

1. Get your Fingerprint Pro Public API key

In order to identify visitors you'll need a Fingerprint Pro account (you can sign up for free).

  • Go to Fingerprint Dashboard > App settings > API Keys.
  • Find your Public API key.

2. Create the client

Create a FpjsClient instance before rendering or initializing your application. You should only have one instance of the client. You need to specify your public API key and other configuration options based on your chosen region and active integration.

import { FpjsClient, FingerprintJSPro } from '@fingerprintjs/fingerprintjs-pro-spa'

const fpjsClient = new FpjsClient({
  // You can also pass these options later in `.init()` method
  loadOptions: {
    apiKey: '<PUBLIC_API_KEY>',
    endpoint: [
      //'https://metrics.yourwebsite.com',
      FingerprintJSPro.defaultEndpoint,
    ],
    scriptUrlPattern: [
      // 'https://metrics.yourwebsite.com/web/v<version>/<apiKey>/loader_v<loaderVersion>.js',
      FingerprintJSPro.defaultScriptUrlPattern,
    ],
    // region: "eu"
  },
})

[!NOTE] You must provide loadOptions containing your public API key either in the constructor or in the init method. If you don't, the SDK will throw an error. You can learn more about different load options here in the JS Agent documentation.

3. Initialize the JS Agent

Before you start making identification requests to the Fingerprint Pro API, you need to initialize the JS Agent. This downloads the latest client-side logic from Fingerprint CDN. Call init() before the getVisitorData() method to avoid errors.

// with async/await
await fpjsClient.init()

const visitorData = await fpjsClient.getVisitorData()

// with promises
const visitorData = fpjsClient.init().then(() => {
  return fpjsClient.getVisitorData()
})

You can also pass the loadOptions into the init method here. They will be merged with the options passed to the constructor.

await fpjsClient.init({
  apiKey: '<PUBLIC_API_KEY>',
  // endpoint: ["<CUSTOM_ENDPOINT>", FingerprintJSPro.defaultEndpoint],
  // scriptUrlPattern: ["<CUSTOM_SCRIPT_URL>", FingerprintJSPro.defaultScriptUrlPattern],
  // region: "eu"
})

4. Identify visitors

The getVisitorData method returns visitor identification data based on the request options. Set ignoreCache to true to call the API even if the data is present in the cache.

// with async/await
const visitorData = await fpjsClient.getVisitorData({ extendedResult: true, ignoreCache: false })

// with promises
const visitorData = fpjsClient.getVisitorData({ extendedResult: true }).then((visitorData) => {
  // use visitor data in your fraud prevention logic
  checkIfFingerprintIsFraudulent(visitorData.visitorId) // this method is just an example, this SDK doesn't actually supply it
})

See the JS Agent API reference for more details.

Linking and tagging information

The visitorId provided by Fingerprint Identification is especially useful when combined with information you already know about your users, for example, account IDs, order IDs, etc. To learn more about various applications of the linkedId and tag, see Linking and tagging information.

const visitorData = await fpjsClient.getVisitorData({
  linkedId: 'user_1234',
  tag: {
    userAction: 'login',
    analyticsId: 'UA-5555-1111-1',
  },
})

Caching

Fingerprint Pro usage is billed per API call. To avoid unnecessary API calls, it is a good practice to cache identification results. The SDK provides three ways to cache visitor data out of the box:

  • Session storage (default) - sessionStorage
  • Local storage - localStorage
  • Memory - memory
  • No cache - nocache

You can specify the cacheLocation option when creating the FpjsClient:

const fpjsClient = new FpjsClient({
  loadOptions: {
    apiKey: 'your-fpjs-public-api-key',
  },
  cacheLocation: 'localstorage',
  // You can also use the provided TypeScript enum
  // cacheLocation: CacheLocation.LocalStorage
})

Cache keys are based on the combination of GetOptions. For example, API responses for calls with extendedResult: true and extendedResult: false are stored independently.

[!NOTE] If you use data from extendedResult, pay additional attention to your caching strategy. Some fields, for example, ip or lastSeenAt, might change over time for the same visitor.

You can ignore the cached result for a specific API call and using { ignoreCache: true }:

const visitorData = await fpjsClient.getVisitorData({ ignoreCache: true })

Check if your response was retrieved from cache using the returned cacheHit flag:

const { cacheHit, ...visitorData } = await fpjsClient.getVisitorData()

Use getVisitorDataFromCache to directly retrieve responses from cache:

// Checks if request matching given options is present in cache
await fpjsClient.isInCache({ extendedResult: true })

// Returns cached visitor data based on the request options, or undefined if the data is not present in cache
const cachedResult = await fpjsClient.getVisitorDataFromCache({ extendedResult: true })

You can also use your custom cache implementation as described below.

Creating a custom cache

The SDK can use a custom cache store implemented inside your application. This is useful when a different data store is more convenient in your environment, such as a hybrid mobile app.

You can provide an object to the cache property of the SDK configuration that implements the following functions. All the functions can return a Promise or a static value.

SignatureReturn typeDescription
get(key)Promise or objectReturns the item from the cache with the specified key, or undefined if it was not found
set(key: string, object: any) Promise or voidSets an item into the cache
remove(key)Promise or voidRemoves a single item from the cache at the specified key, or no-op if the item was not found
allKeys()Promise<string[]> or string []Returns the list of all keys. By default, the keys we use are prefixed with @fpjs@client@ but you can pass your own custom prefix as an option when you create the FpjsClient

[!NOTE] The cache property takes priority over cacheLocation if both are set. A warning is displayed in the console if that happens.

We export the internal InMemoryCache, LocalStorageCache, SessionStorageCache, and CacheStub implementations, so you can wrap your custom cache around these implementations if you wish.

Cache time

Use the cacheTimeInSeconds client constructor option to set a custom cache time. To ensure high identification accuracy we recommend not to cache visitors data for longer than 24 hours. If you pass a value higher than 86400 (60 x 60 x 24), the FpjsClient constructor will throw an error.

Support and feedback

To report problems, ask questions, or provide feedback, please use Issues. If you need private support, you can email us at oss-support@fingerprint.com.

Documentation

This library uses Fingerprint Pro under the hood.

License

This project is licensed under the MIT license. See the LICENSE file for more information.

Keywords

FAQs

Package last updated on 11 Sep 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Risky Business Podcast: Why Open Source Software Needs Better Malware Tracking

Security News

Risky Business Podcast: Why Open Source Software Needs Better Malware Tracking

In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.

By Sarah Gooding  -  Nov 20, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc