Skip to content
This repository has been archived by the owner on Feb 22, 2023. It is now read-only.

Remove usage session cookie #798

Merged
merged 2 commits into from Feb 9, 2022
Merged

Remove usage session cookie #798

merged 2 commits into from Feb 9, 2022

Conversation

sarayourfriend
Copy link
Contributor

Fixes

Fixes #791 by @zackkrida

Description

I ended up choosing not to go with the localStorage or sessionStorage approaches primarily because those are confined to the client side of the application, meaning that any events happening during the SSR rendering of a page would be impossible to tie to a specific session.

In the linked issue I proposed a solution for being able to tie session IDs together on the analytics server side, essentially by treated each new one generated by the server that is replacing an ID the client already held in session storage as a node in a linked list (the client would be able to create a link between the previous session ID and the new one). That would have the benefit of creating a longer lived session ID than the ephemeral one we have in this PR while still maintaining the basic browser definition of session storage, because if the client doesn't have an ID in session storage then it wouldn't be able to create the link between the previous ID and the new one the server generates.

In any case, I don't know if that level of complexity is necessary yet as we're not even really using the analytics data in any detailed way at the moment as far as I know. The primary goal here, at least in my view, is to be able to continue gathering some analytics data (once we turn the feature back on in production) while still eliminating the cookie that is currently being used.

In the future if we decide we do want that broader full-session ID chain then we can work on an RFC for how to implement that. It will require coordination between the frontend and API to make the changes.

Testing Instructions

Checkout the branch and run pnpm dev. Load the site and ensure analytics requests are sent as expected with a single session ID between the server and client sides of the application.

Checklist

  • My pull request has a descriptive title (not a vague title like Update index.md).
  • My pull request targets the default branch of the repository (main) or a parent feature branch.
  • My commit messages follow best practices.
  • My code follows the established code style of the repository.
  • I added or updated tests for the changes I made (if applicable).
  • I added or updated documentation (if applicable).
  • I tried running the project locally and verified that there are no visible errors.

Developer Certificate of Origin

Developer Certificate of Origin 
Developer Certificate of Origin
Version 1.1

Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
1 Letterman Drive
Suite D4700
San Francisco, CA, 94129

Everyone is permitted to copy and distribute verbatim copies of this
license document, but changing it is not allowed.


Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I
    have the right to submit it under the open source license
    indicated in the file; or

(b) The contribution is based upon previous work that, to the best
    of my knowledge, is covered under an appropriate open source
    license and I have the right under that license to submit that
    work with modifications, whether created in whole or in part
    by me, under the same open source license (unless I am
    permitted to submit under a different license), as indicated
    in the file; or

(c) The contribution was provided directly to me by some other
    person who certified (a), (b) or (c) and I have not modified
    it.

(d) I understand and agree that this project and the contribution
    are public and that a record of the contribution (including all
    personal information I submit with it, including my sign-off) is
    maintained indefinitely and may be redistributed consistent with
    this project or the open source license(s) involved.

@sarayourfriend sarayourfriend added 🟥 priority: critical Must be addressed ASAP 💻 aspect: code Concerns the software code in the repository 🧰 goal: internal improvement Improvement that benefits maintainers, not users labels Feb 3, 2022
@sarayourfriend sarayourfriend requested a review from a team as a code owner February 3, 2022 19:17
@dhruvkb dhruvkb added this to Needs review in Openverse PRs Feb 3, 2022
@sarayourfriend sarayourfriend force-pushed the update/remove-usage-session-cookie branch from 8211525 to 1d68f56 Compare February 7, 2022 19:11
zackkrida
zackkrida reviewed Feb 7, 2022
View reviewed changes
src/store/user.js
Comment on lines +12 to +17
/**
* Default to `undefined` on the client and let client side
* SSR state hydration pull the SSR generated ID into the client.
* This way we avoid generating any spurious IDs on the client.
*/
usageSessionId: process.server ? uuidv4() : undefined,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔥 🔥 🔥

zackkrida
zackkrida approved these changes Feb 7, 2022
View reviewed changes
Copy link
Member

@zackkrida zackkrida left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This definition of a 'session' should be fine for some time and the new types are great.

obulat
obulat approved these changes Feb 8, 2022
View reviewed changes
Copy link
Contributor

@obulat obulat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very interesting to read about the approach.

src/data/usage-data-service.js
/**
* @param {object} props
* @param {string} props.query
* @param {unknown} props.resultRank
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This type can be set to a number because it's a result of a findIndex call: https://cs.github.com/WordPress/openverse-frontend/blob/af82bcd215933032fd3c557495bd32d41866b44d/src/store/media.js#L170

test/unit/specs/store/user.spec.js
})

afterAll(() => {
// avoid polluting other tests that might be affected by these flags
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice cleanup and comment of why it's necessary, especially for future use and copying :)

Openverse PRs automation moved this from Needs review to Reviewer approved Feb 8, 2022
@sarayourfriend sarayourfriend enabled auto-merge (squash) February 9, 2022 14:17
@sarayourfriend sarayourfriend force-pushed the update/remove-usage-session-cookie branch from 97c522b to 6e165c2 Compare February 9, 2022 14:17
@sarayourfriend sarayourfriend merged commit a1eb4a7 into main Feb 9, 2022
Openverse PRs automation moved this from Reviewer approved to Merged! Feb 9, 2022
@sarayourfriend sarayourfriend deleted the update/remove-usage-session-cookie branch February 9, 2022 14:17
@zackkrida zackkrida mentioned this pull request Feb 24, 2022
Closed
1 task
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@zackkrida zackkrida zackkrida approved these changes

@obulat obulat obulat approved these changes

Assignees
No one assigned
Labels
💻 aspect: code Concerns the software code in the repository 🧰 goal: internal improvement Improvement that benefits maintainers, not users 🟥 priority: critical Must be addressed ASAP
Projects
No open projects
Openverse PRs
  
Merged!
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Move analytics server sessionId to localstorage; rename.
3 participants
@sarayourfriend @zackkrida @obulat