diff --git a/src/core/TawktoGenerator.php b/src/core/TawktoGenerator.php index cbd870a..f38843e 100644 --- a/src/core/TawktoGenerator.php +++ b/src/core/TawktoGenerator.php @@ -6,6 +6,7 @@ require_once __DIR__ . '/../../vendor/autoload.php'; } +use Drupal\Component\Utility\Html; use Drupal\Core\Cache\Cache; use Drupal\user\Entity\User; use Symfony\Component\HttpFoundation\JsonResponse; @@ -54,12 +55,22 @@ public function getWidget() { $display_opts = $options; // Default value. $enable_visitor_recognition = TRUE; + $secure_mode_enabled = FALSE; + $js_api_key = NULL; if (!is_null($display_opts)) { $display_opts = json_decode($display_opts); if (!is_null($display_opts->enable_visitor_recognition)) { $enable_visitor_recognition = $display_opts->enable_visitor_recognition; } + + if (!is_null($display_opts->secure_mode_enabled)) { + $secure_mode_enabled = $display_opts->secure_mode_enabled; + } + + if (!is_null($display_opts->js_api_key)) { + $js_api_key = $display_opts->js_api_key; + } } if ($enable_visitor_recognition) { @@ -67,11 +78,21 @@ public function getWidget() { if ($user) { $username = $user->get('name')->value; $usermail = $user->get('mail')->value; + $hash = NULL; + + if ($secure_mode_enabled && !is_null($js_api_key)) { + $key = $this->getKey($js_api_key); + + if (!is_null($key)) { + $hash = hash_hmac('sha256', $usermail, $key); + } + } $apiString = 'Tawk_API.visitor = { - name : "' . $username . '", - email : "' . $usermail . '", - };'; + name : "' . Html::escape($username) . '", + email : "' . $usermail . '",' . + (!is_null($hash) ? PHP_EOL . 'hash : "' . $hash . '",' : '') . + '};'; } } @@ -95,6 +116,46 @@ public function getWidget() { return $output; } + /** + * Get keys. + * + * @return array + * Key module installed and keys + */ + private function getKeyModule() { + $installed = \Drupal::getContainer()->has('key.repository'); + $keys = []; + + if ($installed) { + $keys = \Drupal::service('key.repository')->getKeysByType('authentication'); + } + + return [ + 'installed' => $installed, + 'keys' => $keys, + ]; + } + + /** + * Get key value. + * + * @param string $key_id + * Key ID. + * + * @return string|null + * Key value. + */ + private function getKey($key_id) { + $installed = \Drupal::getContainer()->has('key.repository'); + + if (!$installed) { + return NULL; + } + + $key = \Drupal::service('key.repository')->getKey($key_id); + return $key->getKeyValue(); + } + /** * Check widget visibility based on set options. * @@ -214,6 +275,11 @@ public function getIframe() { if (!is_null($display_opts)) { $display_opts = json_decode($display_opts); } + + $keyModule = $this->getKeyModule(); + $keyModuleInstalled = $keyModule['installed']; + $keys = $keyModule['keys']; + ob_start(); ?> @@ -284,7 +350,7 @@ public function getIframe() {
-
Visibility Settings
+
Visibility Options
@@ -453,6 +519,53 @@ public function getIframe() {
+
+
+
Security Options
+
+
Note: If Secure Mode is enabled on your property, please enter your Javascript API Key to ensure visitor recognition works correctly.
+
+ +
+ secure_mode_enabled) { + $checked = ''; + } + ?> + /> +
+
+
+ +
+ + + The Key module is not installed. Please install it and create an Authentication key for JS API Key. + + + + Keys: + +
To create a new key, go to /admin/config/system/keys.
Tawk.to will use an Authentication key to secure the visitor recognition.
+ + +
+
+
@@ -685,10 +798,15 @@ public function setOptions($options) { $jsonOpts[$column] = json_encode($non_empty_values); break; + case 'js_api_key': + $jsonOpts[$column] = trim($value); + break; + case 'show_onfrontpage': case 'show_oncategory': case 'always_display': case 'enable_visitor_recognition': + case 'secure_mode_enabled': $jsonOpts[$column] = $value == 1; break; }