diff --git a/test/api/v3/integration/analytics/POST-analytics_track_eventName.test.js b/test/api/v3/integration/analytics/POST-analytics_track_eventName.test.js index eb00ee8927..dd174fc108 100644 --- a/test/api/v3/integration/analytics/POST-analytics_track_eventName.test.js +++ b/test/api/v3/integration/analytics/POST-analytics_track_eventName.test.js @@ -1,19 +1,10 @@ import { generateUser, requester, - translate as t, } from '../../../../helpers/api-integration/v3'; import { mockAnalyticsService as analytics } from '../../../../../website/server/libs/analyticsService'; describe('POST /analytics/track/:eventName', () => { - it('requires authentication', async () => { - await expect(requester().post('/analytics/track/event')).to.eventually.be.rejected.and.eql({ - code: 401, - error: 'NotAuthorized', - message: t('missingAuthHeaders'), - }); - }); - it('calls res.analytics', async () => { const user = await generateUser(); sandbox.spy(analytics, 'track'); diff --git a/website/server/controllers/top-level/analytics.js b/website/server/controllers/top-level/analytics.js index f663a10dcb..1d5d573864 100644 --- a/website/server/controllers/top-level/analytics.js +++ b/website/server/controllers/top-level/analytics.js @@ -19,7 +19,7 @@ api.trackEvent = { method: 'POST', url: '/analytics/track/:eventName', // we authenticate these requests to make sure they actually came from a real user - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ optional: true })], async handler (req, res) { // As of now only web can track events using this route if (req.headers['x-client'] !== 'habitica-web') { @@ -30,7 +30,7 @@ api.trackEvent = { const eventProperties = req.body; res.analytics.track(req.params.eventName, { - uuid: user._id, + uuid: user ? user._id : null, headers: req.headers, category: 'behaviour', gaLabel: 'local',