Enable better tracking of users in GA

Author: dstufft

package.json

@@ -10,6 +10,7 @@
     "babel-preset-es2015-native-modules": "6.6.0",
     "babel-register": "6.7.2",
     "clipboard": "1.5.10",
+    "cookie": "0.3.1",
     "del": "2.2.0",
     "exports-loader": "0.6.3",
     "font-awesome": "4.5.0",

warehouse/accounts/views.py

@@ -12,6 +12,7 @@
 
 import datetime
 
+from pyblake2 import blake2b
 from pyramid.httpexceptions import HTTPMovedPermanently, HTTPSeeOther
 from pyramid.security import remember, forget
 from pyramid.view import view_config
@@ -25,6 +26,9 @@
 from warehouse.utils.http import is_safe_url
 
 
+USER_ID_INSECURE_COOKIE = "user_id__insecure"
+
+
 @view_config(
     route_name="accounts.profile",
     renderer="accounts/profile.html",
@@ -91,7 +95,23 @@ def login(request, redirect_field_name=REDIRECT_FIELD_NAME,
 
         # Now that we're logged in we'll want to redirect the user to either
         # where they were trying to go originally, or to the default view.
-        return HTTPSeeOther(redirect_to, headers=dict(headers))
+        resp = HTTPSeeOther(redirect_to, headers=dict(headers))
+
+        # We'll use this cookie so that client side javascript can Determine
+        # the actual user ID (not username, user ID). This is *not* a security
+        # sensitive context and it *MUST* not be used where security matters.
+        #
+        # We'll also hash this value just to avoid leaking the actual User IDs
+        # here, even though it really shouldn't matter.
+        resp.set_cookie(
+            USER_ID_INSECURE_COOKIE,
+            blake2b(
+                str(userid).encode("ascii"),
+                person=b"warehouse.userid",
+            ).hexdigest().lower(),
+        )
+
+        return resp
 
     return {
         "form": form,
@@ -141,7 +161,13 @@ def logout(request, redirect_field_name=REDIRECT_FIELD_NAME):
 
         # Now that we're logged out we'll want to redirect the user to either
         # where they were originally, or to the default view.
-        return HTTPSeeOther(redirect_to, headers=dict(headers))
+        resp = HTTPSeeOther(redirect_to, headers=dict(headers))
+
+        # Ensure that we delete our user_id__insecure cookie, since the user is
+        # no longer logged in.
+        resp.delete_cookie(USER_ID_INSECURE_COOKIE)
+
+        return resp
 
     return {"redirect": {"field": REDIRECT_FIELD_NAME, "data": redirect_to}}
 
@@ -213,7 +239,7 @@ def _login_user(request, userid):
             request.session.update(data)
 
         # Remember the userid using the authentication policy.
-        headers = remember(request, userid)
+        headers = remember(request, str(userid))
 
         # Cycle the CSRF token since we've crossed an authentication boundary
         # and we don't want to continue using the old one.

warehouse/static/js/warehouse/utils/analytics.js

@@ -14,6 +14,8 @@
 
 /* global ga */
 
+import * as cookie from "cookie";
+
 
 export default () => {
   // Here we want to ensure that our ga function exists in the global scope,
@@ -34,6 +36,14 @@ export default () => {
     // user's IP addresses.
     ga("create", element.dataset.GaId, "auto", { anonymizeIp: true });
 
+    // Determine if we have a user ID associated with this person, if so we'll
+    // go ahead and tell Google it to enable better tracking of individual
+    // users.
+    let cookies = cookie.parse(document.cookie);
+    if (cookies.user_id__insecure) {
+      ga("set", "userId", cookies.user_id__insecure);
+    }
+
     // Finally, we'll send an event to mark our page view.
     ga("send", "pageview");
   }