├── .gitignore ├── LICENSE ├── README.md ├── errors.js ├── index.js └── package.json /.gitignore: -------------------------------------------------------------------------------- 1 | node_modules/ 2 | coverage/ 3 | tmp/ 4 | dist/ 5 | npm-debug.log* 6 | .DS_Store 7 | .nyc_output 8 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2016 Yoshua Wuyts 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # analytics-service 2 | Lil analytics service. 3 | 4 | ## Routes 5 | ```txt 6 | GET /ping Query the service to see if it's responding to requests 7 | PUT /log Persist a log event to the database 8 | ``` 9 | 10 | ## Environment 11 | ```txt 12 | PORT Number Port to listen on 13 | DB String Location where the DB should be written to 14 | ``` 15 | 16 | ## Making DDOS slightly harder 17 | Generally analytics logs aren't particularly sensitive to write to - at worst 18 | there'll be skewed data which can be filtered in post-processing. To make it 19 | slightly harder though, it's recommended to add at least a little hurdle. An 20 | example approach of this would be to include a `set-cookie` directive on the 21 | first request to the site (e.g. `index.html`). This would include something 22 | like an encrypted timestamp that can only be decoded by the service. By 23 | checking that the timestamp was recent, a lot of trivial DDOSsing and 24 | accidental write scenarios would be mitigated. This doesn't prevent any 25 | directed attacks, for which more elaborate methods such as IP banning (e.g. 26 | `fail2ban` and the like should be deployed). 27 | 28 | ## See Also 29 | - [yoshuawuyts/microanalytics](https://github.com/yoshuawuyts/microanalytics) 30 | 31 | ## License 32 | [MIT](https://tldrlegal.com/license/mit-license) 33 | -------------------------------------------------------------------------------- /errors.js: -------------------------------------------------------------------------------- 1 | exports.EDBPUTFAIL = function (req, res, ctx) { 2 | ctx.log.error('EDBPUTFAIL') 3 | ctx.send(500, { message: 'Internal server error' }) 4 | } 5 | 6 | exports.EPARSEFAIL = function (req, res, ctx) { 7 | ctx.log.error('EPARSEFAIL') 8 | ctx.send(400, { message: 'Could not parse body' }) 9 | } 10 | -------------------------------------------------------------------------------- /index.js: -------------------------------------------------------------------------------- 1 | var toObject = require('json-stream-to-object') 2 | var hyperdiscovery = require('hyperdiscovery') 3 | var raf = require('random-access-file') 4 | var hypercore = require('hypercore') 5 | var hyperdb = require('hyperdb') 6 | var merry = require('merry') 7 | 8 | var errors = require('./errors') 9 | 10 | var env = { 11 | PORT: Number, 12 | DB: '/tmp/analytics.db' 13 | } 14 | var app = merry({ env: env }) 15 | 16 | var core = hypercore(storage, { valueEncoding: 'json', sparse: true }) 17 | var db = hyperdb([ core ]) 18 | 19 | app.route('GET', '/ping', function (req, res, ctx) { 20 | ctx.send(200, { status: 'ok' }) 21 | }) 22 | 23 | app.route('PUT', '/log', function (req, res, ctx) { 24 | toObject(req, function (err, obj) { 25 | if (err) return errors.EPARSEFAIL(req, res, ctx) 26 | 27 | db.put(obj, 'true', function (err) { 28 | if (err) return errors.EDBPUTFAIL(req, res, ctx) 29 | ctx.send(200, {}) 30 | }) 31 | }) 32 | }) 33 | 34 | // start 35 | db.ready(function () { 36 | hyperdiscovery(db.feeds[0], { live: true }) 37 | app.listen(app.env.PORT) 38 | }) 39 | 40 | function storage (name) { 41 | return raf(app.env.DB + name) 42 | } 43 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "analytics-service", 3 | "description": "Lil analytics service", 4 | "repository": "shipharbor/analytics-service", 5 | "version": "1.0.0", 6 | "private": true, 7 | "scripts": { 8 | "deps": "dependency-check . && dependency-check . --extra --no-dev", 9 | "start": "PORT=8080 nodemon . | merry", 10 | "test": "standard && npm run deps" 11 | }, 12 | "dependencies": { 13 | "hypercore": "^6.3.8", 14 | "hyperdb": "github:mafintosh/hyperdb", 15 | "hyperdiscovery": "^6.0.4", 16 | "json-stream-to-object": "^1.0.0", 17 | "merry": "^5.0.5", 18 | "random-access-file": "^1.7.3" 19 | }, 20 | "devDependencies": { 21 | "dependency-check": "^2.8.0", 22 | "nodemon": "^1.11.0", 23 | "standard": "^10.0.2", 24 | "tape": "^4.6.3" 25 | } 26 | } 27 | --------------------------------------------------------------------------------