How do you detect admin user in JS?

Hello, I’ve been looking for a way to filter internal traffic in Google Analytics for a long time now. And I decided to try this way: if the user is admin, don’t load the js snippet. So my question is simple: how do you detect admin (or owner) user in Ghost CMS?

Hey @NicolasK :wave:

You can hit the /ghost/api/v3/admin/config/ endpoint to get the site config which is only visible to logged-in users

Thanks but I was looking for JS code to do that. Do you have an example?

Here’s an example:

fetch('/ghost/api/v3/admin/config/', {method: 'HEAD'}).then(() => {
  // The user is logged in
}).catch(() => {
  // The user is most likely not logged in
});
1 Like

Is there a documentation i can check to have more info?

What exactly are you looking for? The Ghost docs are available here:

I tried this but it didn’t work. Is this correct? I might miss a tag somewhere but don’t know where to put it. By the way is the code you provided javascript?

<script>
fetch('/ghost/api/v3/admin/config/', {method: 'HEAD'}).then(() => {
  // The user is logged in
}).catch(() => {
  // The user is most likely not logged in
<script src="//s3-us-west-2.amazonaws.com/momently-static/loader/wZYoUQAsARc_momently.js" name="momently-script"></script>
<!-- Hotjar Tracking Code for https://soundsirius.digitalpress.blog -->
(function(h,o,t,j,a,r){
    h.hj=h.hj||function(){(h.hj.q=h.hj.q||[]).push(arguments)};
    h._hjSettings={hjid:1812375,hjsv:6};
    a=o.getElementsByTagName('head')[0];
    r=o.createElement('script');r.async=1;
    r.src=t+h._hjSettings.hjid+j+h._hjSettings.hjsv;
    a.appendChild(r);
})(window,document,'https://static.hotjar.com/c/hotjar-','.js?sv=');
});

the code the previous user provided is javascript yes.

First have you tried the g analytics official documentation for excluding internal traffic? It recommends filtering IPs out, sounds better than attempting a manual hack.

regarding your code there is no need to add the script tag when you are inside javascript code already. thats for inserting js scripts inside html

Filtering the IP isn’t reliable because it changes. It’s much more reliable to allow the code snippet only if you’re not the owner or maybe part of the team writing the blog.

Yes, that code was js. Here’s what you might do:

<script>
fetch('/ghost/api/v3/admin/config/', {method: 'HEAD'}).then(() => {
  // The user is logged in
}).catch(() => {
  // The user is most likely not logged in

  // Add Momently
  const source = document.createElement('script'),
  const firstScript = document.getElementsByTagName('script')[0];
  source.src = '//s3-us-west-2.amazonaws.com/momently-static/loader/wZYoUQAsARc_momently.js';
  source.name = 'momently-script';
  firstScript.parentNode.insertBefore(source, firstScript);

  // Hotjar Tracking Code for https://soundsirius.digitalpress.blog
  (function(h,o,t,j,a,r){
      h.hj=h.hj||function(){(h.hj.q=h.hj.q||[]).push(arguments)};
      h._hjSettings={hjid:1812375,hjsv:6};
      a=o.getElementsByTagName('head')[0];
      r=o.createElement('script');r.async=1;
      r.src=t+h._hjSettings.hjid+j+h._hjSettings.hjsv;
      a.appendChild(r);
  })(window,document,'https://static.hotjar.com/c/hotjar-','.js?sv=');
});

Still not working. Maybe I should use IP filtering then. But thanks for the effort.

OK I had a nice idea to filter internal traffic. That way, if you’re on your iphone or the computer of a friend, you can visit your website without messing up the stats.

You have to visit the website with an “internal” flag.
Example: https://soundsirius.digitalpress.blog/?internal=false
Now we know your analytics snippet has to monitor the visit.

But there is a problem: make sure that, if you visit another page, the internal flag is carried forward.