A lightweight manager for complying with user consent.
Consentman provides an API for setting, changing and storing user consent and handling the event of consent being given or revoked.
Differently from other similar projects it will not provide any user interface or automation. It's your job as a developer to actually start and stop tracking the user, for instance, if consent is granted or revoked, respectively.
$ npm i --save consentmanAt a glance:
import {
addConsentSubject,
getConsent,
changeConsent,
enforceConsent
} from "consentman";
addConsentSubject("default", state => {
switch (state) {
case "allowed":
console.log("Consent has been granted. Installing trackers.");
break;
case "blocked":
console.log("Consent has been revoked. Removing trackers.");
break;
default:
console.log("User needs to consent first.");
break;
}
});
if ("indeterminate" === getConsent("default").consent) {
if (confirm("Would you like to consent?")) {
changeConsent("default", "granted");
} else {
changeConsent("default", "revoked");
}
}
enforceConsent();On the user's first visit to the website the consent named default will be indeterminate, so a confirmation will be shown asking the user for consent.
If the user clicks Yes consent will be granted and any subjects will get allowed.
If the user clicks No consent will be revoked and any subjects will be skipped.
Subsequent visits by the user will not trigger the confirmation since consent is remembered across visits--stored in local storage.
If at any time default consent is revoked and re-enforced, any subjects will be blocked.
You can also have additional consents with different names, e.g. one for trackers, one for advertising, etc.
addConsentSubject(name: string, callback: (state: "idle" | "allowed" | "blocked" | "skipped") => void): void
Push new consent subject to the registry. A consent subject is a state machine that updates whenever enforceConsent is called. The next state depends on whether a consent of same name has been granted or revoked.
getConsent(name: string): Entry
Return current consent entry with a given name. A consent entry has the following interface:
name: string- A string identifier.
date: number- Timestamp for when consent was last changed.
consent: "indeterminate" | "granted" | "revoked"- The current policy.
changeConsent(name: string, consent: "indeterminate" | "granted" | "revoked"): void
Update existing consent entry or create new one and save to storage.
enforceConsent(): void
Walk over registered consent subjects and update their states.
This project is licensed under MIT. See LICENSE.md for full notice.