Skip to content

Latest commit

 

History

History
369 lines (255 loc) · 12.7 KB

README.md

File metadata and controls

369 lines (255 loc) · 12.7 KB

Laravel Cookies Consent Plugin - Make your Laravel app compliant with the EU GDPR cookie law

Latest Version on Packagist GitHub Tests Action Status GitHub Code Style Action Status Total Downloads GitHub Issues GitHub Stars GitHub forks contributions welcome License Maintenance Ask Me Anything !

About the plugin

According to the GDPR law, every platform is required to allow the users to decide which cookie categories they will allow, and, if a cookie category is not allowed, the application should not use the functionality tied to that cookie.

This plugin provides a simple cookie consent window through which the user can specify the cookies they would like to allow.

After the user submission, the page reloads and the relevant cookies are set on the browser, and can then be used in the front-end.

Features

  • Customizable cookie categories
  • Customizable pop-up view and style
  • Customizable show/hide "Read more" link
  • Customizable translations (6 languages already included)

Installation

You can install the package via composer:

composer require scify/laravel-cookies-consent

Make sure to manually publish the styles file, by running:

php artisan vendor:publish \
--provider="SciFY\LaravelCookiesConsent\LaravelCookiesConsentServiceProvider" \
--tag="cookies-consent-assets"

By doing so, the assets files will be copied to public/vendor/cookies_consent.

You can then either decide to include the public/vendor/cookies_consent/css/style.css file to git (especially if you want to edit it first), or add it to .gitignore, and make sure to also run this command on the staging/production server.

Next, you need to publish the config file:

php artisan vendor:publish \
--provider="SciFY\LaravelCookiesConsent\LaravelCookiesConsentServiceProvider" \
--tag="cookies-consent-config"

The configuration file will be published to config/cookies_consent.php.

In the config file, you can change the cookie categories of your application, set the required and pre-selected categories, as well as add new categories.

This is the contents of the published config file:

return [
    'cookie_prefix' => '',
    'cookies' => [
        'strictly_necessary', 
        'targeting', 
        'performance', 
        'functionality'
    ],
    'enabled' => [
        'strictly_necessary', 
        'targeting', 
        'performance', 
        'functionality'
    ],
    'required' => ['strictly_necessary'],
    'cookie_lifetime' => 365 * 10,
];

The cookie_prefix is optional and, if set, will be applied to every cookie.

If set, a good strategy is to also add a trailing underscore "_", that will be added between the field value, and each cookie.

For example, if cookie_prefix is set to my_app_, then the targeting cookie will have a value of my_app_cookies_consent_targeting. You can add as many cookie categories as you like, simply by adding values to the cookies array.

If you want to remove a cookie category, simply remove it from the array.

You can use the enabled array to set the cookie categories that will be pre-selected, and the required array to set the cookies that the user won't be able to deselect.

If you want to change how long the cookies will be stored, edit the cookie_lifetime variable.

Usage

When the plugin is installed, a laravel-cookies-consent custom Laravel View Component is automatically registered.

This will render the following cookies consent that, will look very much like this one.

dialog

You can then use this component in order to display the cookies consent window, wherever you'd like.

Typically, a good strategy is to put the component just before the closing <body> tag:

<body>
    ...
    ...
    ...
    <x-laravel-cookies-consent></x-laravel-cookies-consent>
</body>

After that, you can use the $_COOKIE global object, in order to check for the appropriate cookie.

Now you can use this object in your Blade files like this:

$_COOKIE[config('cookies_consent.cookie_prefix') . {{ COOKIE_NAME }}]

For example, An application that wants to load the Google Analytics script only if the user has given their consent to the targeting cookie category, might do the following:

google-analytics.blade.php

<!-- Check the 'targeting' cookie: -->
@if(isset($_COOKIE[config('cookies_consent.cookie_prefix') 
. 'cookies_consent_targeting']) && config('app.google_analytics_id'))
    
    <!-- Google Analytics -->
    <script defer async>
        (function (i, s, o, g, r, a, m) {
            i['GoogleAnalyticsObject'] = r;
            i[r] = i[r] || function () {
                (i[r].q = i[r].q || []).push(arguments)
            }, i[r].l = 1 * new Date();
            a = s.createElement(o),
                m = s.getElementsByTagName(o)[0];
            a.async = 1;
            a.src = g;
            m.parentNode.insertBefore(a, m)
        })(window, document, 'script', 'https://www.google-analytics.com/analytics.js', 'ga');

        window.ga('create', '{{ config('app.google_analytics_id') }}', 'auto');
        window.ga('set', 'anonymizeIp', true);
        window.ga('send', 'pageview');
    </script>
@endif

In this example, we checked whether the $_COOKIE[config('cookies_consent.cookie_prefix') . 'cookies_consent_targeting'] key exists or not.

Customization

Customizing the component texts

If you want to modify the texts shown in the cookies dialog, you can publish the language resource files with this command:

php artisan vendor:publish \
--provider="SciFY\LaravelCookiesConsent\LaravelCookiesConsentServiceProvider" \
--tag="cookies-consent-translations"

This will publish this file to resources/lang/vendor/cookies_consent/{{lang}}/messages.php.

The plugin comes with 6 built-in languages. You can change the translations for a given language, or add additional languages yourself.

Customizing the "Read more" link

In the cookies dialog, there is also an optional "Read more" link. This link is specified in the language translation files, since it is common to have a different link for each language.

Example (file lang/vendor/cookies_consent/en/messages.php):

return [
    ...
    'read_more_link' => '',
    ...
];

If the link is left empty (default state), it won't be shown.

Customizing the component contents

If you need full control over the contents of the cookies dialog, you can publish the views of the package:

php artisan vendor:publish \
--provider="SciFY\LaravelCookiesConsent\LaravelCookiesConsentServiceProvider" \
--tag="cookies-consent-components"

This will copy the resources/views/components/laravel-cookies-consent view file over to resources/views/components/vendor/cookies_consent directory.

Development

In order to locally run the package, you should use a local Laravel application, in which you are going to install it.

Make sure that the composer.json file of the Laravel app has the following entry:


"require": {
    "scify/laravel-cookies-consent": "@dev",
}
...
...
"repositories": [
        {
            "type": "path",
            "url": "../path/to/laravel-cookies-consent/",
            "options": {
                "symlink": true
            }
        }
    ]

This will tell composer that the code for the package is of the "@dev" version and that it exists in the specified path.

Then run:

composer update scify/laravel-cookies-consent --prefer-source

To fetch the local package.

Testing

This project uses Pest for testing. To execute the test suite, run:

composer test

FAQ

Question: Is this plugin free to use?

Answer: Yes. This plugin is totally free and developed as an Open-Source project.


Question: How long do the cookies last?

Answer: The duration is set in days, in config/cookies_consent.php file. In order to publish this file, run

php artisan vendor:publish \
--provider="SciFY\LaravelCookiesConsent\LaravelCookiesConsentServiceProvider" \
--tag="cookies-consent-config"

The configuration file will be published to config/cookies_consent.php.

Then, edit the cookie_lifetime field (in days).


Question: Will the cookie consent window show every time?

Answer: No. As soon as the user clicks one of the "Accept all", "Accept selection", or "Decline all", the selection will be stored in another cookie, and the window won't pop up again, until this cookie expires, or is deleted.


Question: In which languages is the plugin available?

Answer: The plugin has 6 built-in languages: English, Greek, Spanish, German, Italian, and Swedish. If you would like to add a language, publish the translations by running:

php artisan vendor:publish \
--provider="SciFY\LaravelCookiesConsent\LaravelCookiesConsentServiceProvider" \
--tag="cookies-consent-translations"

And add/change your own translations. If you add a new language, consider also opening a pull request, in order for this language to be included in the plugin.


Question: Does this plugin work with all Laravel versions?

Answer: We have tested the plugin with Laravel 7, 8, and 9. The plugin's simplicity allows it to work with any Laravel version, but if you try it with a version other that the tested ones and it does not work, please open an issue on GitHub.


Question: If I install later a new cookie category, how can I force the plugin to "reset" and show again?

Answer: The easiest way is to publish the configuration file, and change the cookie_prefix field. This will force the plugin to show again.

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for general details.

PHP code style - Laravel Pint

This application uses Laravel Pint in order to perform code-style.

In order to run the styler, run :

./vendor/bin/pint --test -v # the --test will not do any changes, it will just output the changes needed

./vendor/bin/pint -v # this command will actually perform the code style changes 

Releasing a new version

After you have committed your changes, create a new git tag:

git tag -a vx.y.z -m "This is a nice tag name"

Then, push the tag:

git push origin vx.y.z

Then, in the GitHub Releases page, create a new Release and correlate it with the tag that you just created.

That's it! Packagist will be updated automatically.

Also, the .github/workflows/update-changelog.yml GitHub action will run, and it will update the CHANGELOG.md file.

Make sure that you run git pull afterwards, to get the updates.

Credits

License

The Apache Licence. Please see the Licence File for more information.