krikkert/habitica
1
0
Fork 0
mirror of https://github.com/HabitRPG/habitica.git synced 2025-12-18 07:07:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

allow mobile to send analytics calls

Browse Source
This commit is contained in:
Phillip Thelen
2025-09-05 16:12:23 +02:00
parent 58b0e323a3
commit a06dfc9ed8
1 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
website/server/controllers/top-level/analytics.js
View File

@@ -21,9 +21,10 @@ api.trackEvent = {
// we authenticate these requests to make sure they actually came from a real user
middlewares: [authWithHeaders()],
async handler (req, res) {
// As of now only web can track events using this route
if (req.headers['x-client'] !== 'habitica-web') {
throw new NotAuthorized('Only habitica.com is allowed to track analytics events.');
if (req.headers['x-client'] !== 'habitica-web'
&& req.headers['x-client'] !== 'habitica-ios'
&& req.headers['x-client'] !== 'habitica-android') {
throw new NotAuthorized('Only official clients are allowed to track analytics events.');
}
const { user } = res.locals;
@@ -49,9 +50,10 @@ api.updateUserProperties = {
// we authenticate these requests to make sure they actually came from a real user
middlewares: [authWithHeaders()],
async handler (req, res) {
// As of now only web can track events using this route
if (req.headers['x-client'] !== 'habitica-web') {
throw new NotAuthorized('Only habitica.com is allowed to track analytics events.');
if (req.headers['x-client'] !== 'habitica-web'
&& req.headers['x-client'] !== 'habitica-ios'
&& req.headers['x-client'] !== 'habitica-android') {
throw new NotAuthorized('Only official clients are allowed to track analytics events.');
}
const { user } = res.locals;