Merge pull request #29 from scify/v2-gdpr-improvements

V2 - GDPR & UI improvements

.gitignore

@@ -9,3 +9,5 @@ phpstan.neon
 testbench.yaml
 vendor
 node_modules
+public
+storage

README.md

@@ -22,6 +22,12 @@
 [![GitHub pull-requests](https://img.shields.io/github/issues-pr/scify/laravel-cookies-consent)](https://github.com/scify/laravel-cookies-consent/pulls)
 [![GitHub closed pull-requests](https://img.shields.io/github/issues-pr-closed/scify/laravel-cookies-consent)](https://github.com/scify/laravel-cookies-consent/pulls?q=is%3Apr+is%3Aclosed)
 
+## Upgrading from v1 to v2
+
+As of **October 2024**, The v2 of the Laravel Cookies Consent plugin has been released! 🎉🥳😍
+In order to upgrade from v1 to v2, please follow the instructions in the [How To Upgrade to v2](how-to-upgrade-to-v2.md)
+file.
+
 ## About the plugin
 
 According to the [GDPR law](https://gdpr-info.eu/), every platform is required to allow the users to decide which cookie
@@ -34,12 +40,23 @@ allow.
 After the user submission, the page reloads and the relevant cookies are set on the browser, and can then be used in the
 front-end.
 
+# Screenshots
+
+![img.png](readme-images/img.png)
+
+![img2.png](readme-images/img2.png)
+
 ## Features
 
 - Customizable cookie categories
-- Customizable pop-up view and style
-- Customizable show/hide "Read more" link
-- Customizable translations (6 languages already included)
+- A new configuration file format. Now you can declare the cookies each cookie category uses in a
+  more structured way.
+- A new, clean, and intuitive UI for the cookies consent modal.
+- An option to present the cookies consent dialog in a separate page instead of a modal.
+- A stick cookies button that allows users to change their cookies preferences at any time. This button is optional and
+  it's existence can be tweaked in the configuration file.
+- A separate page for the cookies preferences, where users can read more about each cookie category and change their
+  preferences.
 
 ## Installation
 
@@ -59,7 +76,9 @@ php artisan vendor:publish \
 
 By doing so, the assets files will be copied to `public/vendor/cookies_consent`.
 
-You can then either decide to include the `public/vendor/cookies_consent/css/style.css` file to git (especially if you
+**IMPORTANT:**
+
+You can then either decide to include the `public/vendor/cookies_consent/*` files to git (especially if you
 want
 to edit it first), or add it to `.gitignore`, and make sure to also run this command on the staging/production server.
 
@@ -73,28 +92,69 @@ php artisan vendor:publish \
 
 The configuration file will be published to `config/cookies_consent.php`.
 
+### Explanation of the configuration file
+
 In the config file, you can change the cookie categories of your application, set the required and pre-selected
 categories, as well as add new categories.
 
 This is the contents of the published config file:
 
 ```bash
 return [
+    /**
+     * This prefix will be applied when setting and getting all cookies.
+     * If not set, the cookies will not be prefixed.
+     * If set, a good strategy is to also add a trailing underscore "_", that will be added between the field value, and each cookie.
+     * For example, if `cookie_prefix` is set to `my_app_`, then the targeting cookie will have a value of `my_app_cookies_consent_targeting`.
+     * When using this plugin for multiple apps, it is a good strategy to set a prefix that is relevant to the app
+     * (for example "my_app_", in order for the cookies not to be mingled when running locally.
+     */
     'cookie_prefix' => '',
+    'display_floating_button' => true, // Set to false to display the footer link instead
+    'use_separate_page' => false, // Set to true to use a separate page for cookies explanation
+    /*
+    |--------------------------------------------------------------------------
+    | Editor
+    |--------------------------------------------------------------------------
+    |
+    | Choose your preferred cookies to be shown. You can add more cookies as desired.
+    | If, for example you add another cookie with the name "marketing", then you should also
+    | publish the translation files and add a "cookie_marketing" key in the translation file,
+    | since the plugin will try to display the cookie name by this convention.
+    |
+    | Built-in: "strictly_necessary"
+    |
+    */
     'cookies' => [
-        'strictly_necessary', 
-        'targeting', 
-        'performance', 
-        'functionality'
+        'strictly_necessary' => [
+            [
+                'name' => 'cookieConsent',
+                'description' => 'This cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.',
+                'duration' => '2 years',
+                'policy_external_link' => null,
+            ],
+            [
+                'name' => 'XSRF-TOKEN',
+                'description' => 'This cookie is set by Laravel to prevent Cross-Site Request Forgery (CSRF) attacks.',
+                'duration' => '2 hours',
+                'policy_external_link' => null,
+            ],
+            [
+                'name' => 'laravel_session',
+                'description' => 'This cookie is set by Laravel to identify a session instance for the user.',
+                'duration' => '2 hours',
+                'policy_external_link' => null,
+            ],
+        ],
     ],
     'enabled' => [
-        'strictly_necessary', 
-        'targeting', 
-        'performance', 
-        'functionality'
+        'strictly_necessary',
     ],
     'required' => ['strictly_necessary'],
-    'cookie_lifetime' => 365 * 10,
+    /*
+     * Set the cookie duration in days.  Default is 365 days.
+     */
+    'cookie_lifetime' => 365,
 ];
 ```
 
@@ -105,6 +165,19 @@ cookie.
 
 For example, if `cookie_prefix` is set to `my_app_`, then the targeting cookie will have a value
 of `my_app_cookies_consent_targeting`.
+
+The `display_floating_button` field is optional and, if set to `true`, will display a floating button on the bottom
+right corner of the page.
+If set to `false`, then you will need to add a relevant link in your footer, in order to show the cookies preferences
+page:
+
+```html
+<a href="#" onclick="toggleCookieBanner()">Cookies Preferences</a>
+```
+
+The `use_separate_page` field is optional and, if set to `true`, will display the cookies preferences in a separate
+page.
+
 You can add as many cookie categories as you like, simply by adding values to the `cookies` array.
 
 If you want to remove a cookie category, simply remove it from the array.
@@ -121,7 +194,7 @@ custom [Laravel View Component](https://laravel.com/docs/9.x/blade#components) i
 
 This will render the following cookies consent that, will look very much like this one.
 
-![dialog](https://github.com/scify/laravel-cookies-consent/blob/9c0ddafe15ad8118ab07979b72094799417f93db/images/dialog.png)
+![dialog](readme-images/img2.png)
 
 You can then use this component in order to display the cookies consent window, wherever you'd like.
 

config/cookies_consent.php

@@ -10,6 +10,8 @@
      * (for example "my_app_", in order for the cookies not to be mingled when running locally.
      */
     'cookie_prefix' => '',
+    'display_floating_button' => true, // Set to false to display the footer link instead
+    'use_separate_page' => false, // Set to true to use a separate page for cookies explanation
     /*
     |--------------------------------------------------------------------------
     | Editor
@@ -20,24 +22,37 @@
     | publish the translation files and add a "cookie_marketing" key in the translation file,
     | since the plugin will try to display the cookie name by this convention.
     |
-    | Built-in: "strictly_necessary", "performance", "targeting", "functionality"
+    | Built-in: "strictly_necessary"
     |
     */
     'cookies' => [
-        'strictly_necessary',
-        'targeting',
-        'performance',
-        'functionality',
+        'strictly_necessary' => [
+            [
+                'name' => 'cookieConsent',
+                'description' => 'This cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.',
+                'duration' => '2 years',
+                'policy_external_link' => null,
+            ],
+            [
+                'name' => 'XSRF-TOKEN',
+                'description' => 'This cookie is set by Laravel to prevent Cross-Site Request Forgery (CSRF) attacks.',
+                'duration' => '2 hours',
+                'policy_external_link' => null,
+            ],
+            [
+                'name' => 'laravel_session',
+                'description' => 'This cookie is set by Laravel to identify a session instance for the user.',
+                'duration' => '2 hours',
+                'policy_external_link' => null,
+            ],
+        ],
     ],
     'enabled' => [
         'strictly_necessary',
-        'targeting',
-        'performance',
-        'functionality',
     ],
     'required' => ['strictly_necessary'],
     /*
-     * Set the cookie duration in days.  Default is 365 * 10.
+     * Set the cookie duration in days.  Default is 365 days.
      */
-    'cookie_lifetime' => 365 * 10,
+    'cookie_lifetime' => 365,
 ];

how-to-upgrade-to-v2.md

@@ -0,0 +1,75 @@
+# How To Upgrade to v2
+
+The v2 of the Laravel Cookies Consent plugin has been released! 🎉🥳😍
+
+## Why Upgrade?
+
+According to the EU General Data Protection Regulation (GDPR), websites must obtain user consent before storing cookies
+on a user's device. The Laravel Cookies Consent plugin helps you comply with this regulation by providing a customizable
+cookies consent dialog that allows users to choose which cookies they want to accept.
+
+The intuition behind the v2 release was to provide a more analytical, user-friendly and intuitive UI for the cookies
+consent dialog,
+as well as to make the configuration file more structured and easier to use.
+
+Additionally, we wanted to provide the users with a more detailed list of each cookie category and the cookies that are
+being used, and allow the users to change their cookies preferences at any time.
+
+## Changes - New Features
+
+This version includes some important changes and improvements, such as:
+
+- A new configuration file format. Now you can declare the cookies each cookie category uses in a
+  more structured way.
+- A new, clean, and intuitive UI for the cookies consent modal.
+- An option to present the cookies consent dialog in a separate page instead of a modal.
+- A stick cookies button that allows users to change their cookies preferences at any time. This button is optional and
+  it's existence can be tweaked in the configuration file.
+- A separate page for the cookies preferences, where users can read more about each cookie category and change their
+  preferences.
+
+This guide will help you upgrade your existing v1 plugin to v2.
+
+## How to transition from v1 to v2
+
+### Step 0: Backup Your Current Configuration File
+
+The configuration file has been updated in v2. The new configuration file has some important changes and generally is
+not 100% backward compatible with the v1 configuration file.
+
+So, in order to update to the new configuration file, you should save your current configuration file (e.g.
+`config/cookies-consent.php`) to a safe place.
+
+### Step 1: Update the Plugin
+
+First, update the plugin to the latest version. You can do this by running the following command:
+
+```bash
+composer update scify/laravel-cookies-consent
+```
+
+### Step 2: Update the Configuration file
+
+1. Publish the new configuration file by running the following command:
+
+```bash
+php artisan vendor:publish --tag=cookies-consent-config --force
+```
+
+**CAUTION**: The `--force` flag is necessary in order to overwrite the existing configuration file.
+
+2. Go over the "Explanation of the configuration file" in the [README.md](README.md) file, in order to understand the new structure
+   of the configuration file.
+
+3. Compare the new configuration file (`config/cookies-consent.php`) with your old configuration file. You should copy
+   the values from your old configuration file to the new one. Most importantly, you should migrate the `cookies` array
+   from the old configuration file to the new one, which contains the cookies that your website uses.
+
+4. Make sure that the new configuration file is correct and that it contains all the necessary information about the
+   cookies and the cookie categories that your website uses.
+
+5. Make sure that the `cookies` array in the new configuration file is structured correctly. The `cookies` array should
+   contain the cookies that your website uses, grouped by category.
+
+6. Make sure that the `cookies` array in the new configuration file contains the necessary information about each cookie
+   (e.g. name, description, duration, etc.).

lang/de/messages.php

@@ -1,15 +1,32 @@
 <?php
 
 return [
-    'title' => 'Diese Website verwendet Cookies',
-    'body' => 'Diese Website verwendet Cookies, um die Benutzererfahrung zu verbessern. Durch die Nutzung unserer Website stimmen Sie allen Cookies gemäß unserer Cookie-Richtlinie zu.',
-    'read_more_text' => 'Weiterlesen.',
-    'read_more_link' => '',
-    'cookie_strictly_necessary' => 'UNBEDINGT ERFORDERLICH',
-    'cookie_performance' => 'LEISTUNG',
-    'cookie_targeting' => 'ZIELSETZUNG',
-    'cookie_functionality' => 'FUNKTIONALITÄT',
-    'accept_selection_btn' => 'AUSWAHL AKZEPTIEREN',
-    'accept_all_btn' => 'AKZEPTIERE ALLE',
-    'decline_all_btn' => 'ALLE ABLEHNEN',
+    'title' => 'Cookie-Einwilligung',
+    'description' => 'Wir verwenden Cookies, um unsere Website und unseren Service zu optimieren. Sie können auswählen, welchen Kategorien Sie zustimmen.',
+    'please_visit_1' => 'Für detailliertere Informationen über Cookies besuchen Sie bitte unsere',
+    'cookie_policy_page' => 'Cookie-Richtlinien-Seite',
+    'accept_selection_btn' => 'Auswahl akzeptieren',
+    'accept_all_btn' => 'Alle akzeptieren',
+    'reject_optional_btn' => 'Optionale ablehnen',
+    'accept_additional_cookies_btn' => 'Zusätzliche Cookies akzeptieren',
+    'reject_additional_cookies_btn' => 'Zusätzliche Cookies ablehnen',
+    'cookie_policy_title' => 'Cookie-Richtlinie',
+    'cookie_policy_text_1' => 'Dies ist die Cookie-Richtlinien-Seite. Hier können Sie über die in der Anwendung verwendeten Cookies lesen und auswählen, welche Cookies Sie zulassen möchten.',
+    'what_are_cookies_title' => 'Was sind Cookies?',
+    'what_are_cookies_text_1' => 'Ein Cookie ist eine kleine Textdatei, die eine Website oder App an das Gerät eines Benutzers sendet. Diese Textdatei sammelt Informationen über Benutzeraktionen auf Ihrer Website.',
+    'what_are_cookies_text_2' => 'Cookies speichern hilfreiche Informationen, um die Benutzererfahrung auf Ihrer Website zu verbessern und möglicherweise Ihre Fähigkeit zu verbessern, später wieder mit ihnen in Kontakt zu treten.',
+    'what_are_cookies_text_3' => 'Von Cookies gesammelte Informationen können die bevorzugte Sprache des Benutzers, Geräteeinstellungen, Browsing-Aktivitäten und andere nützliche Informationen umfassen.',
+    'what_are_cookies_text_4' => 'Websites wie Google verwenden Cookies, um Anzeigen relevanter für ihre Benutzer zu machen. Sie verfolgen auch Analysen wie die Anzahl der Besucher auf einer Seite, die Standorte der Besucher, Suchpräferenzen usw.',
+    'what_are_cookies_text_5' => 'Cookies sind nicht schädlich für Ihr Gerät. Sie sind keine Viren oder Malware. Es sind nur Textdateien, die jederzeit gelöscht werden können.',
+    'use_of_cookies_title' => 'Verwendung von Cookies',
+    'use_of_cookies_text_1' => 'Cookies werden im Allgemeinen verwendet, um eine oder alle der folgenden Funktionen auszuführen:',
+    'use_of_cookies_text_2' => '<b>Authentifizierung:</b> Cookies helfen Websites festzustellen, ob ein Benutzer angemeldet ist, und liefern dann die richtige Erfahrung und Funktionen für diesen einzigartigen Benutzer.',
+    'use_of_cookies_text_3' => '<b>Sicherheit:</b> Cookies helfen, Sicherheitsmaßnahmen auf einer Website durchzusetzen. Sie helfen auch, ungewöhnliche und verdächtige Aktivitäten zu erkennen.',
+    'use_of_cookies_text_4' => '<b>Werbung:</b> Cookies bieten eine bessere Werbeerfahrung für Benutzer und Werbetreibende. Cookies helfen, Werbetreibende mit Benutzern zu verbinden, die am meisten an ihren Produkten interessiert sind, basierend auf dem Browserverlauf des Benutzers.',
+    'use_of_cookies_text_5' => '<b>Leistung:</b> Cookies helfen Ihrer Website zu lernen, wie Dienste für verschiedene Personen funktionieren und wie der Datenverkehr zwischen Servern geleitet wird.',
+    'use_of_cookies_text_6' => '<b>Analysen und Forschung:</b> Websites und Apps verwenden Cookies, um zu erfahren, welche ihrer Dienste am meisten genutzt werden. Dies hilft zu bestimmen, was verbessert, entfernt und gleich bleiben soll.',
+    'use_of_cookies_text_7' => '<b>Präferenzen:</b> Cookies helfen Websites, sich an Benutzereinstellungen wie Sprache, Standort und andere Einstellungen zu erinnern.',
+    'use_of_cookies_text_8' => 'Einige Cookies können Daten über mehrere Websites hinweg sammeln, um Benutzerverhaltensprofile zu erstellen. Diese Profile werden dann verwendet, um gezielte Inhalte und Werbung an Benutzer zu senden.',
+    'cookies_used_title' => 'In dieser Anwendung verwendete Cookies',
+    'cookies_used_text_1' => 'Die folgenden Cookies werden in dieser Anwendung verwendet. Bitte wählen Sie aus, welche Cookies Sie zulassen möchten.',
 ];