FEATURE: Ignore anonymous page views on private sites (#12800)

For sites with login_required set to true, counting anonymous pageviews is confusing. Requests to /login and other pages would make it look like anonymous users have access to site's content.
2025-02-25 18:55:32 -06:00 · 2021-04-26 14:19:47 +03:00 · 2021-04-26 14:19:47 +03:00 · 765ba1ab2d
commit 765ba1ab2d
parent 7217dcb67a
2 changed files with 48 additions and 1 deletions
--- a/lib/middleware/request_tracker.rb
+++ b/lib/middleware/request_tracker.rb
@ -61,7 +61,7 @@ class Middleware::RequestTracker
      elsif data[:has_auth_cookie]
        ApplicationRequest.increment!(:page_view_logged_in)
        ApplicationRequest.increment!(:page_view_logged_in_mobile) if data[:is_mobile]
-      else
+      elsif !SiteSetting.login_required
        ApplicationRequest.increment!(:page_view_anon)
        ApplicationRequest.increment!(:page_view_anon_mobile) if data[:is_mobile]
      end
--- a/spec/components/middleware/request_tracker_spec.rb
+++ b/spec/components/middleware/request_tracker_spec.rb
@ -129,6 +129,53 @@ describe Middleware::RequestTracker do
      expect(ApplicationRequest.page_view_crawler.first.count).to eq(1)
      expect(ApplicationRequest.page_view_anon.first.count).to eq(1)
    end
+
+    context "ignore_anonymous_pageviews" do
+      let(:anon_data) do
+        Middleware::RequestTracker.get_data(env(
+          "HTTP_USER_AGENT" => "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36"
+        ), ["200", { "Content-Type" => 'text/html' }], 0.1)
+      end
+
+      let(:logged_in_data) do
+        user = Fabricate(:user, active: true)
+        token = UserAuthToken.generate!(user_id: user.id)
+        Middleware::RequestTracker.get_data(env(
+          "HTTP_USER_AGENT" => "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36",
+          "HTTP_COOKIE" => "_t=#{token.unhashed_auth_token};"
+        ), ["200", { "Content-Type" => 'text/html' }], 0.1)
+      end
+
+      it "does not ignore anonymous requests for public sites" do
+        SiteSetting.login_required = false
+
+        Middleware::RequestTracker.log_request(anon_data)
+        Middleware::RequestTracker.log_request(logged_in_data)
+
+        ApplicationRequest.write_cache!
+
+        expect(ApplicationRequest.http_total.first.count).to eq(2)
+        expect(ApplicationRequest.http_2xx.first.count).to eq(2)
+
+        expect(ApplicationRequest.page_view_logged_in.first.count).to eq(1)
+        expect(ApplicationRequest.page_view_anon.first.count).to eq(1)
+      end
+
+      it "ignores anonymous requests for private sites" do
+        SiteSetting.login_required = true
+
+        Middleware::RequestTracker.log_request(anon_data)
+        Middleware::RequestTracker.log_request(logged_in_data)
+
+        ApplicationRequest.write_cache!
+
+        expect(ApplicationRequest.http_total.first.count).to eq(2)
+        expect(ApplicationRequest.http_2xx.first.count).to eq(2)
+
+        expect(ApplicationRequest.page_view_logged_in.first.count).to eq(1)
+        expect(ApplicationRequest.page_view_anon.first).to eq(nil)
+      end
+    end
  end

  context "rate limiting" do