From 12fdd7042f6e2af4c21182609631d76afd42d437 Mon Sep 17 00:00:00 2001
From: Bibhas <me@bibhas.in>
Date: Wed, 4 Apr 2018 01:40:10 +0530
Subject: [PATCH 01/14] Moving anon user tracking from image element to form
 submit

---
 hasjob/templates/formlayout.html.jinja2 |   2 +
 hasjob/templates/layout.html.jinja2     |   8 +-
 hasjob/templates/macros.html.jinja2     |  34 ++++++
 hasjob/templates/sheet.html.jinja2      |   3 +-
 hasjob/templates/tablayout.html.jinja2  |   2 +
 hasjob/views/helper.py                  | 139 +++++++++++-------------
 hasjob/views/index.py                   |   1 -
 7 files changed, 107 insertions(+), 82 deletions(-)

diff --git a/hasjob/templates/formlayout.html.jinja2 b/hasjob/templates/formlayout.html.jinja2
index a81c7c9a7..dee9b718a 100644
--- a/hasjob/templates/formlayout.html.jinja2
+++ b/hasjob/templates/formlayout.html.jinja2
@@ -1,3 +1,4 @@
+{% from "macros.html.jinja2" import anon_user_script %}
 {%- if current_view.tabs -%}
   {%- extends "tablayout.html.jinja2" -%}
 {%- else -%}
@@ -27,4 +28,5 @@
   {%- if header_campaign %}{{ campaign_script() }}{% endif %}
   {% assets "js_tinymce" %}<script src="{{ ASSET_URL }}" type="text/javascript"></script>{% endassets %}
   {% block footerscripts %}{% endblock %}
+  {{ anon_user_script() }}
 {% endblock %}
diff --git a/hasjob/templates/layout.html.jinja2 b/hasjob/templates/layout.html.jinja2
index 68c3b45da..ef338e4d3 100644
--- a/hasjob/templates/layout.html.jinja2
+++ b/hasjob/templates/layout.html.jinja2
@@ -1,6 +1,6 @@
 {%- extends "baseframe.html.jinja2" -%}
 {%- from "baseframe/components.html.jinja2" import hgnav -%}
-{%- from "macros.html.jinja2" import campaign_header, campaign_script, filters_setup_script -%}
+{%- from "macros.html.jinja2" import campaign_header, campaign_script, filters_setup_script, anon_user_script -%}
 
 {%- block doctypehtml -%}
 <!DOCTYPE html>
@@ -54,7 +54,7 @@
       {{ filters_setup_script(job_filters, data_filters) }}
     {%- else %}
       {{ filters_setup_script(job_filters) }}
-  {%- endif %}
+    {%- endif %}
   {%- endif %}
 {%- endblock %}
 
@@ -225,13 +225,11 @@
     to find out when new jobs are posted. Hosted by
     <a href="http://e2enetworks.com/">E2E Networks</a>.
   {%- endif %}
-  {%- if not g.user and not g.anon_user %}
-    <img src="{{ url_for('sniffle') }}" width="1" height="1" alt=""/>
-  {%- endif %}
 </p>
 {% endblock %}
 
 {% block layoutscripts %}
   {%- if header_campaign %}{{ campaign_script() }}{% endif %}
   {% block footerscripts %}{% endblock %}
+  {{ anon_user_script() }}
 {% endblock %}
diff --git a/hasjob/templates/macros.html.jinja2 b/hasjob/templates/macros.html.jinja2
index 65ad2e12e..c47d4d0ff 100644
--- a/hasjob/templates/macros.html.jinja2
+++ b/hasjob/templates/macros.html.jinja2
@@ -207,3 +207,37 @@
     </script>
   {%- endwith %}
 {%- endmacro -%}
+
+{%- macro anon_user_script() -%}
+  {%- if not g.user and not g.anon_user %}
+  <script type="text/javascript">
+    $(function () {
+      var sniffurl = "{{ url_for('sniffle') }}";
+      var sniffed = false;
+      var sniff = function (event) {
+        jQuery.post(
+          sniffurl,
+          {
+            event: event,
+            token: "{{ session['au'] }}"
+          },
+          function (data) {
+            console.log(data);
+          })
+        sniffed = true;
+      }
+      window.onscroll = function (e) {
+        if (!sniffed) {
+          sniff("scolll");
+        }
+      }
+      window.onpointermove = function (e) {
+        if (!sniffed) {
+          sniff("pointermove");
+        }
+      }
+    })
+  </script>
+  {%- endif %}
+{%- endmacro -%}
+
diff --git a/hasjob/templates/sheet.html.jinja2 b/hasjob/templates/sheet.html.jinja2
index 95f023cd1..4a52ec016 100644
--- a/hasjob/templates/sheet.html.jinja2
+++ b/hasjob/templates/sheet.html.jinja2
@@ -1,5 +1,5 @@
 {%- extends "layout.html.jinja2" -%}
-{%- from "macros.html.jinja2" import campaign_header, campaign_script -%}
+{%- from "macros.html.jinja2" import campaign_header, campaign_script, anon_user_script -%}
 {% block messages %}{% endblock %}
 {% block basecontent %}
   {%- if header_campaign %}<div id="header-campaign"></div>{% endif %}
@@ -24,4 +24,5 @@
 {% block layoutscripts %}
   {%- if header_campaign %}{{ campaign_script() }}{% endif %}
   {% block footerscripts %}{% endblock %}
+  {{ anon_user_script() }}
 {% endblock %}
diff --git a/hasjob/templates/tablayout.html.jinja2 b/hasjob/templates/tablayout.html.jinja2
index 6f669d089..332ba08c2 100644
--- a/hasjob/templates/tablayout.html.jinja2
+++ b/hasjob/templates/tablayout.html.jinja2
@@ -1,3 +1,4 @@
+{% from "macros.html.jinja2" import anon_user_script %}
 {%- extends "layout.html.jinja2" -%}
 {% block pageheaders %}
   <link href="//cdnjs.cloudflare.com/ajax/libs/c3/0.4.14/c3.min.css" rel="stylesheet"/>
@@ -31,4 +32,5 @@
   <script type="text/javascript" src="//cdnjs.cloudflare.com/ajax/libs/d3/3.5.17/d3.min.js"></script>
   <script type="text/javascript" src="//cdnjs.cloudflare.com/ajax/libs/c3/0.4.14/c3.min.js"></script>
   {% block footerscripts %}{% endblock %}
+  {{ anon_user_script() }}
 {% endblock %}
diff --git a/hasjob/views/helper.py b/hasjob/views/helper.py
index ff9802ee7..f37f71710 100644
--- a/hasjob/views/helper.py
+++ b/hasjob/views/helper.py
@@ -10,7 +10,7 @@
 from sqlalchemy import or_
 from sqlalchemy.exc import IntegrityError
 from geoip2.errors import AddressNotFoundError
-from flask import Markup, request, g, session
+from flask import Markup, request, g, session, Response
 from flask_rq import job
 from flask_lastuser import signal_user_looked_up
 from coaster.sqlalchemy import failsafe_add
@@ -28,14 +28,55 @@
 gif1x1 = 'R0lGODlhAQABAJAAAP8AAAAAACH5BAUQAAAALAAAAAABAAEAAAICBAEAOw=='.decode('base64')
 
 
-@app.route('/_sniffle.gif')
+@app.route('/_sniffle', methods=['POST'])
 def sniffle():
-    return gif1x1, 200, {
-        'Content-Type': 'image/gif',
-        'Cache-Control': 'no-cache, no-store, must-revalidate',
-        'Pragma': 'no-cache',
-        'Expires': '0'
-    }
+    """
+    Load anon user:
+
+    1. If there's g.user and session['anon_user'], it loads that anon_user and tags with user=g.user, then removes anon
+    2. If there's no g.user and no session['anon_user'] and form submitted token matches session['au'], sets session['anon_user'] = 'test'
+    3. If there's no g.user and there is session['au'] != form['token'], loads g.anon_user
+    """
+    # Loading an anon user only if we're not rendering static resources
+    if g.user:
+        if 'au' in session and session['au'] is not None and not unicode(session['au']).startswith(u'test'):
+            anon_user = AnonUser.query.get(session['au'])
+            if anon_user:
+                anon_user.user = g.user
+        session.pop('au', None)
+    else:
+        if unicode(session['au']).startswith('test') and unicode(session['au']) == request.form.get('token'):
+            # This client sent us back our test cookie, so set a real value now
+            g.anon_user = AnonUser()
+            db.session.add(g.anon_user)
+            g.esession = EventSession.new_from_request(request)
+            g.esession.anon_user = g.anon_user
+            db.session.add(g.esession)
+            g.esession.load_from_cache(session['au'], UserEvent)
+            # We'll update session['au'] below after database commit
+        else:
+            anon_user = AnonUser.query.get(session['au'])
+            if not anon_user:
+                # XXX: We got a fake value? This shouldn't happen
+                g.event_data['anon_cookie_test'] = session['au']
+                session['au'] = u'test-' + unicode(uuid4())  # Try again
+                g.esession = EventSessionBase.new_from_request(request)
+            else:
+                g.anon_user = anon_user
+
+    db.session.commit()
+
+    if g.anon_user:
+        session['au'] = g.anon_user.id
+        session.permanent = True
+
+    # Prepare event session if it's not already present
+    if g.user or g.anon_user and not g.esession:
+        g.esession = EventSession.get_session(uuid=session.get('es'), user=g.user, anon_user=g.anon_user)
+    if g.esession:
+        session['es'] = g.esession.uuid
+
+    return Response("OK")
 
 
 def index_is_paginated():
@@ -66,18 +107,11 @@ def load_user_data(user):
     """
     All pre-request utilities, run after g.user becomes available.
 
-    Part 1: Load anon user:
-
-    1. If there's g.user and session['anon_user'], it loads that anon_user and tags with user=g.user, then removes anon
-    2. If there's no g.user and no session['anon_user'], sets session['anon_user'] = 'test'
-    3. If there's no g.user and there is session['anon_user'] = 'test', creates a new anon user, then saves to cookie
-    4. If there's no g.user and there is session['anon_user'] != 'test', loads g.anon_user
-
     Part 2: Are we in kiosk mode? Is there a preview campaign?
     Part 3: Look up user's IP address location as geonameids for use in targeting.
     """
-    g.anon_user = None  # Could change below
-    g.event_data = {}   # Views can add data to the current pageview event
+    g.anon_user = None
+    g.event_data = {}
     g.esession = None
     g.viewcounts = {}
     g.impressions = session.pop('impressions', {})  # Retrieve from cookie session if present there
@@ -86,66 +120,21 @@ def load_user_data(user):
     g.bgroup = None
     now = datetime.utcnow()
 
-    if request.endpoint not in ('static', 'baseframe.static'):
-        # Loading an anon user only if we're not rendering static resources
-        if user:
-            if 'au' in session and session['au'] is not None and not unicode(session['au']).startswith(u'test'):
-                anon_user = AnonUser.query.get(session['au'])
-                if anon_user:
-                    anon_user.user = user
-            session.pop('au', None)
-        else:
-            if not session.get('au'):
-                session['au'] = u'test-' + unicode(uuid4())
-                g.esession = EventSessionBase.new_from_request(request)
-                g.event_data['anon_cookie_test'] = session['au']
-            # elif session['au'] == 'test':  # Legacy test cookie, original request now lost
-            #     g.anon_user = AnonUser()
-            #     db.session.add(g.anon_user)
-            #     g.esession = EventSession.new_from_request(request)
-            #     g.esession.anon_user = g.anon_user
-            #     db.session.add(g.esession)
-            #     # We'll update session['au'] below after database commit
-            # elif unicode(session['au']).startswith('test-'):  # Newer redis-backed test cookie
-            #     # This client sent us back our test cookie, so set a real value now
-            #     g.anon_user = AnonUser()
-            #     db.session.add(g.anon_user)
-            #     g.esession = EventSession.new_from_request(request)
-            #     g.esession.anon_user = g.anon_user
-            #     db.session.add(g.esession)
-            #     g.esession.load_from_cache(session['au'], UserEvent)
-            #     # We'll update session['au'] below after database commit
-            else:
-                anon_user = None  # AnonUser.query.get(session['au'])
-                if not anon_user:
-                    # XXX: We got a fake value? This shouldn't happen
-                    g.event_data['anon_cookie_test'] = session['au']
-                    session['au'] = u'test-' + unicode(uuid4())  # Try again
-                    g.esession = EventSessionBase.new_from_request(request)
-                else:
-                    g.anon_user = anon_user
+    if 'au' not in session or session['au'] is None:
+        session['au'] = u'test-' + unicode(uuid4())
+        g.esession = EventSessionBase.new_from_request(request)
+        g.event_data['anon_cookie_test'] = session['au']
+    elif not unicode(session['au']).startswith(u'test'):
+        anon_user = AnonUser.query.get(session['au'])
+        if anon_user:
+            g.anon_user = anon_user
 
-    # Prepare event session if it's not already present
-    if g.user or g.anon_user and not g.esession:
-        g.esession = EventSession.get_session(uuid=session.get('es'), user=g.user, anon_user=g.anon_user)
-    if g.esession:
-        session['es'] = g.esession.uuid
-
-    # Don't commit here. It flushes SQLAlchemy's session cache and forces
-    # fresh database hits. Let after_request commit. (Commented out 30-03-2016)
-    # db.session.commit()
-    g.db_commit_needed = True
-
-    if g.anon_user:
-        session['au'] = g.anon_user.id
-        session.permanent = True
-        if 'impressions' in session:
-            # Run this in the foreground since we need this later in the request for A/B display consistency.
-            # This is most likely being called from the UI-non-blocking sniffle.gif anyway.
-            save_impressions(g.esession.id, session.pop('impressions').values(), now)
+    if g.anon_user and 'impressions' in session:
+        # Run this in the foreground since we need this later in the request for A/B display consistency.
+        # This is most likely being called from the UI-non-blocking sniffle.gif anyway.
+        save_impressions(g.esession.id, session.pop('impressions').values(), now)
 
     # We have a user, now look up everything else
-
     if session.get('kiosk'):
         g.kiosk = True
     else:
@@ -313,7 +302,7 @@ def session_jobpost_ab():
     Returns the user's B-group assignment (NA, True, False) for all jobs shown to the user
     in the current event session (impressions or views) as a dictionary of {id: bgroup}
     """
-    if not g.esession.persistent:
+    if g.esession and not g.esession.persistent:
         return {key: value[2] for key, value in session.get('impressions', {}).items()}
     result = {ji.jobpost_id: ji.bgroup for ji in JobImpression.query.filter_by(event_session=g.esession)}
     result.update({jvs.jobpost_id: jvs.bgroup for jvs in JobViewSession.query.filter_by(event_session=g.esession)})
diff --git a/hasjob/views/index.py b/hasjob/views/index.py
index 892f4cd10..239d65a93 100644
--- a/hasjob/views/index.py
+++ b/hasjob/views/index.py
@@ -353,7 +353,6 @@ def index(basequery=None, filters={}, md5sum=None, tag=None, domain=None, locati
                 BoardJobPost.board == g.board, JobPost.state.LISTED).options(
                     db.load_only('jobpost_id', 'pinned')).all()
         }
-
     else:
         board_jobs = {}
 

From 6dd80bea5ce921fa91fd2ce8388ed0efccfd9cd1 Mon Sep 17 00:00:00 2001
From: Bibhas <me@bibhas.in>
Date: Thu, 5 Apr 2018 01:58:35 +0530
Subject: [PATCH 02/14] fixes in handling anon user and associating with actual
 user upon login

---
 hasjob/views/helper.py | 43 ++++++++++++++++++++----------------------
 1 file changed, 20 insertions(+), 23 deletions(-)

diff --git a/hasjob/views/helper.py b/hasjob/views/helper.py
index f37f71710..d068a268e 100644
--- a/hasjob/views/helper.py
+++ b/hasjob/views/helper.py
@@ -37,14 +37,7 @@ def sniffle():
     2. If there's no g.user and no session['anon_user'] and form submitted token matches session['au'], sets session['anon_user'] = 'test'
     3. If there's no g.user and there is session['au'] != form['token'], loads g.anon_user
     """
-    # Loading an anon user only if we're not rendering static resources
-    if g.user:
-        if 'au' in session and session['au'] is not None and not unicode(session['au']).startswith(u'test'):
-            anon_user = AnonUser.query.get(session['au'])
-            if anon_user:
-                anon_user.user = g.user
-        session.pop('au', None)
-    else:
+    if not g.user:
         if unicode(session['au']).startswith('test') and unicode(session['au']) == request.form.get('token'):
             # This client sent us back our test cookie, so set a real value now
             g.anon_user = AnonUser()
@@ -55,16 +48,12 @@ def sniffle():
             g.esession.load_from_cache(session['au'], UserEvent)
             # We'll update session['au'] below after database commit
         else:
-            anon_user = AnonUser.query.get(session['au'])
-            if not anon_user:
-                # XXX: We got a fake value? This shouldn't happen
-                g.event_data['anon_cookie_test'] = session['au']
-                session['au'] = u'test-' + unicode(uuid4())  # Try again
-                g.esession = EventSessionBase.new_from_request(request)
-            else:
-                g.anon_user = anon_user
-
-    db.session.commit()
+            # form submitted token doesn't match the already set session['au']
+            # XXX: We got a fake value? This shouldn't happen
+            g.event_data['anon_cookie_test'] = session['au']
+            session['au'] = u'test-' + unicode(uuid4())  # Try again
+            g.esession = EventSessionBase.new_from_request(request)
+        db.session.commit()
 
     if g.anon_user:
         session['au'] = g.anon_user.id
@@ -120,14 +109,22 @@ def load_user_data(user):
     g.bgroup = None
     now = datetime.utcnow()
 
-    if 'au' not in session or session['au'] is None:
+    if 'au' in session and session['au'] is not None:
+        if not unicode(session['au']).startswith(u'test'):
+            # fetch anon user and set anon_user.user
+            anon_user = AnonUser.query.get(session['au'])
+            if anon_user and g.user:
+                # we have anon user id in session['au'], set anon_user.user to current user
+                anon_user.user = g.user
+                g.db_commit_needed = True
+                session.pop('au', None)
+            elif anon_user and not g.user:
+                # set g.anon_user
+                g.anon_user = anon_user
+    elif not g.user:
         session['au'] = u'test-' + unicode(uuid4())
         g.esession = EventSessionBase.new_from_request(request)
         g.event_data['anon_cookie_test'] = session['au']
-    elif not unicode(session['au']).startswith(u'test'):
-        anon_user = AnonUser.query.get(session['au'])
-        if anon_user:
-            g.anon_user = anon_user
 
     if g.anon_user and 'impressions' in session:
         # Run this in the foreground since we need this later in the request for A/B display consistency.

From 8648385e2a983d8734431c1ae1451a4b3b7f00d4 Mon Sep 17 00:00:00 2001
From: Bibhas <me@bibhas.in>
Date: Thu, 5 Apr 2018 02:04:59 +0530
Subject: [PATCH 03/14] added comment

---
 hasjob/views/helper.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/hasjob/views/helper.py b/hasjob/views/helper.py
index d068a268e..21fa03e5d 100644
--- a/hasjob/views/helper.py
+++ b/hasjob/views/helper.py
@@ -96,6 +96,8 @@ def load_user_data(user):
     """
     All pre-request utilities, run after g.user becomes available.
 
+    Part 1: If session['au'] exists, either set g.anon_user or set anon_user.user (if g.user exists).
+            If session['au'] does not exist, set it
     Part 2: Are we in kiosk mode? Is there a preview campaign?
     Part 3: Look up user's IP address location as geonameids for use in targeting.
     """

From 72139e28af27bd9ac6b7cbc0dd25f336b0e9f5ec Mon Sep 17 00:00:00 2001
From: Bibhas <me@bibhas.in>
Date: Thu, 5 Apr 2018 14:04:47 +0530
Subject: [PATCH 04/14] moved eventsession setting to per request

---
 hasjob/views/helper.py | 55 +++++++++++++++++++++---------------------
 1 file changed, 28 insertions(+), 27 deletions(-)

diff --git a/hasjob/views/helper.py b/hasjob/views/helper.py
index 21fa03e5d..daf1d0703 100644
--- a/hasjob/views/helper.py
+++ b/hasjob/views/helper.py
@@ -59,12 +59,6 @@ def sniffle():
         session['au'] = g.anon_user.id
         session.permanent = True
 
-    # Prepare event session if it's not already present
-    if g.user or g.anon_user and not g.esession:
-        g.esession = EventSession.get_session(uuid=session.get('es'), user=g.user, anon_user=g.anon_user)
-    if g.esession:
-        session['es'] = g.esession.uuid
-
     return Response("OK")
 
 
@@ -111,27 +105,34 @@ def load_user_data(user):
     g.bgroup = None
     now = datetime.utcnow()
 
-    if 'au' in session and session['au'] is not None:
-        if not unicode(session['au']).startswith(u'test'):
-            # fetch anon user and set anon_user.user
-            anon_user = AnonUser.query.get(session['au'])
-            if anon_user and g.user:
-                # we have anon user id in session['au'], set anon_user.user to current user
-                anon_user.user = g.user
-                g.db_commit_needed = True
-                session.pop('au', None)
-            elif anon_user and not g.user:
-                # set g.anon_user
-                g.anon_user = anon_user
-    elif not g.user:
-        session['au'] = u'test-' + unicode(uuid4())
-        g.esession = EventSessionBase.new_from_request(request)
-        g.event_data['anon_cookie_test'] = session['au']
-
-    if g.anon_user and 'impressions' in session:
-        # Run this in the foreground since we need this later in the request for A/B display consistency.
-        # This is most likely being called from the UI-non-blocking sniffle.gif anyway.
-        save_impressions(g.esession.id, session.pop('impressions').values(), now)
+    if request.endpoint not in ('static', 'baseframe.static'):
+        if 'au' in session and session['au'] is not None:
+            if not unicode(session['au']).startswith(u'test'):
+                # fetch anon user and set anon_user.user
+                anon_user = AnonUser.query.get(session['au'])
+                if anon_user and g.user:
+                    # we have anon user id in session['au'], set anon_user.user to current user
+                    anon_user.user = g.user
+                    g.db_commit_needed = True
+                    session.pop('au', None)
+                elif anon_user and not g.user:
+                    # set g.anon_user
+                    g.anon_user = anon_user
+        elif not g.user:
+            session['au'] = u'test-' + unicode(uuid4())
+            g.esession = EventSessionBase.new_from_request(request)
+            g.event_data['anon_cookie_test'] = session['au']
+
+        # Prepare event session if it's not already present
+        if g.user or g.anon_user and not g.esession:
+            g.esession = EventSession.get_session(uuid=session.get('es'), user=g.user, anon_user=g.anon_user)
+        if g.esession:
+            session['es'] = g.esession.uuid
+
+        if g.anon_user and 'impressions' in session:
+            # Run this in the foreground since we need this later in the request for A/B display consistency.
+            # This is most likely being called from the UI-non-blocking sniffle.gif anyway.
+            save_impressions(g.esession.id, session.pop('impressions').values(), now)
 
     # We have a user, now look up everything else
     if session.get('kiosk'):

From 426e753451ff230aae5df1e0f936b68a2c636b2a Mon Sep 17 00:00:00 2001
From: Bibhas <me@bibhas.in>
Date: Fri, 6 Apr 2018 01:46:51 +0530
Subject: [PATCH 05/14] renamed sniffle and moved to api views

---
 hasjob/templates/macros.html.jinja2 | 24 +++++-----
 hasjob/views/api.py                 | 37 +++++++++++++--
 hasjob/views/helper.py              | 71 ++++++++---------------------
 3 files changed, 64 insertions(+), 68 deletions(-)

diff --git a/hasjob/templates/macros.html.jinja2 b/hasjob/templates/macros.html.jinja2
index c47d4d0ff..9c284d4a0 100644
--- a/hasjob/templates/macros.html.jinja2
+++ b/hasjob/templates/macros.html.jinja2
@@ -212,28 +212,28 @@
   {%- if not g.user and not g.anon_user %}
   <script type="text/javascript">
     $(function () {
-      var sniffurl = "{{ url_for('sniffle') }}";
-      var sniffed = false;
-      var sniff = function (event) {
-        jQuery.post(
-          sniffurl,
+      var anonymized = false;
+      var csrf_token = $('meta[name="csrf-token"]').attr('content');
+      var anonymize = function (event) {
+        $.post(
+          "{{ url_for('anon_session') }}",
           {
             event: event,
-            token: "{{ session['au'] }}"
+            csrf_token: csrf_token
           },
           function (data) {
             console.log(data);
-          })
-        sniffed = true;
+          });
+        anonymized = true;
       }
       window.onscroll = function (e) {
-        if (!sniffed) {
-          sniff("scolll");
+        if (!anonymized) {
+          anonymize("scroll");
         }
       }
       window.onpointermove = function (e) {
-        if (!sniffed) {
-          sniff("pointermove");
+        if (!anonymized) {
+          anonymize("pointermove");
         }
       }
     })
diff --git a/hasjob/views/api.py b/hasjob/views/api.py
index 4208d72d9..c4122e4b2 100644
--- a/hasjob/views/api.py
+++ b/hasjob/views/api.py
@@ -1,8 +1,10 @@
 # -*- coding: utf-8 -*-
 
-from flask import jsonify
-from coaster.views import requestargs
-from ..models import Tag
+from flask import jsonify, g, session, request, Response
+from flask_wtf import FlaskForm
+from coaster.views import requestargs, render_with
+
+from ..models import db, Tag, AnonUser, EventSession, EventSessionBase, UserEvent
 from .. import app, lastuser
 
 
@@ -11,3 +13,32 @@
 @requestargs('q')
 def tag_autocomplete(q):
     return jsonify({'tags': [t.title for t in Tag.autocomplete(q)]})
+
+
+@app.route('/api/1/anonsession', methods=['POST'])
+@render_with(json=True)
+def anon_session():
+    """
+    Load anon user:
+
+    1. If client returns valid csrf token, create and set g.anon_user
+    2. if g.anon_user exists, set session['au'] to anon_user.id
+    """
+    csrf_form = FlaskForm()
+    if csrf_form.validate_on_submit():
+        # This client sent us back valid csrf token
+        g.anon_user = AnonUser()
+        db.session.add(g.anon_user)
+        g.esession = EventSession.new_from_request(request)
+        g.esession.anon_user = g.anon_user
+        db.session.add(g.esession)
+        if 'au' in session:
+            g.esession.load_from_cache(session['au'], UserEvent)
+        # We'll update session['au'] below after database commit
+        db.session.commit()
+
+    if g.anon_user:
+        session['au'] = g.anon_user.id
+        session.permanent = True
+
+    return Response({'status': 'ok'})
diff --git a/hasjob/views/helper.py b/hasjob/views/helper.py
index daf1d0703..bfbf4b5de 100644
--- a/hasjob/views/helper.py
+++ b/hasjob/views/helper.py
@@ -2,7 +2,6 @@
 
 from os import path
 from datetime import datetime, timedelta
-from uuid import uuid4
 from urllib import quote, quote_plus
 import hashlib
 import bleach
@@ -10,7 +9,7 @@
 from sqlalchemy import or_
 from sqlalchemy.exc import IntegrityError
 from geoip2.errors import AddressNotFoundError
-from flask import Markup, request, g, session, Response
+from flask import Markup, request, g, session
 from flask_rq import job
 from flask_lastuser import signal_user_looked_up
 from coaster.sqlalchemy import failsafe_add
@@ -19,49 +18,16 @@
 
 from .. import app, redis_store, lastuser
 from ..extapi import location_geodata
-from ..models import (agelimit, newlimit, db, JobCategory, JobPost, JobType, POST_STATE, BoardJobPost, Tag, JobPostTag,
-    Campaign, CampaignView, CampaignAnonView, EventSessionBase, EventSession, UserEventBase, UserEvent, JobImpression,
-    JobViewSession, AnonUser, campaign_event_session_table, JobLocation, PAY_TYPE)
+from ..models import (db, JobCategory, JobPost, JobType, BoardJobPost, Tag, JobPostTag,
+    Campaign, CampaignView, CampaignAnonView, EventSessionBase, EventSession, UserEventBase,
+    UserEvent, JobImpression, JobViewSession, AnonUser, campaign_event_session_table,
+    JobLocation, PAY_TYPE)
 from ..utils import scrubemail, redactemail, cointoss
 
 
 gif1x1 = 'R0lGODlhAQABAJAAAP8AAAAAACH5BAUQAAAALAAAAAABAAEAAAICBAEAOw=='.decode('base64')
 
 
-@app.route('/_sniffle', methods=['POST'])
-def sniffle():
-    """
-    Load anon user:
-
-    1. If there's g.user and session['anon_user'], it loads that anon_user and tags with user=g.user, then removes anon
-    2. If there's no g.user and no session['anon_user'] and form submitted token matches session['au'], sets session['anon_user'] = 'test'
-    3. If there's no g.user and there is session['au'] != form['token'], loads g.anon_user
-    """
-    if not g.user:
-        if unicode(session['au']).startswith('test') and unicode(session['au']) == request.form.get('token'):
-            # This client sent us back our test cookie, so set a real value now
-            g.anon_user = AnonUser()
-            db.session.add(g.anon_user)
-            g.esession = EventSession.new_from_request(request)
-            g.esession.anon_user = g.anon_user
-            db.session.add(g.esession)
-            g.esession.load_from_cache(session['au'], UserEvent)
-            # We'll update session['au'] below after database commit
-        else:
-            # form submitted token doesn't match the already set session['au']
-            # XXX: We got a fake value? This shouldn't happen
-            g.event_data['anon_cookie_test'] = session['au']
-            session['au'] = u'test-' + unicode(uuid4())  # Try again
-            g.esession = EventSessionBase.new_from_request(request)
-        db.session.commit()
-
-    if g.anon_user:
-        session['au'] = g.anon_user.id
-        session.permanent = True
-
-    return Response("OK")
-
-
 def index_is_paginated():
     return request.method == 'POST' and 'startdate' in request.values
 
@@ -91,7 +57,6 @@ def load_user_data(user):
     All pre-request utilities, run after g.user becomes available.
 
     Part 1: If session['au'] exists, either set g.anon_user or set anon_user.user (if g.user exists).
-            If session['au'] does not exist, set it
     Part 2: Are we in kiosk mode? Is there a preview campaign?
     Part 3: Look up user's IP address location as geonameids for use in targeting.
     """
@@ -107,21 +72,20 @@ def load_user_data(user):
 
     if request.endpoint not in ('static', 'baseframe.static'):
         if 'au' in session and session['au'] is not None:
-            if not unicode(session['au']).startswith(u'test'):
-                # fetch anon user and set anon_user.user
+            if unicode(session['au']).startswith('test'):
+                # old test token that we no longer need
+                session.pop('au', None)
+            else:
+                # fetch anon user and set anon_user.user if g.user exists
                 anon_user = AnonUser.query.get(session['au'])
-                if anon_user and g.user:
-                    # we have anon user id in session['au'], set anon_user.user to current user
-                    anon_user.user = g.user
-                    g.db_commit_needed = True
-                    session.pop('au', None)
-                elif anon_user and not g.user:
-                    # set g.anon_user
+                if anon_user:
+                    if g.user:
+                        anon_user.user = g.user
                     g.anon_user = anon_user
+                session.pop('au', None)
         elif not g.user:
-            session['au'] = u'test-' + unicode(uuid4())
+            # g.user, g.anon_user, session['au'], none of them are set
             g.esession = EventSessionBase.new_from_request(request)
-            g.event_data['anon_cookie_test'] = session['au']
 
         # Prepare event session if it's not already present
         if g.user or g.anon_user and not g.esession:
@@ -180,7 +144,7 @@ def load_user_data(user):
 
 @app.after_request
 def record_views_and_events(response):
-    if hasattr(g, 'db_commit_needed') and g.db_commit_needed:
+    if len(db.session.dirty) > 0 or len(db.session.new) > 0:
         db.session.commit()
 
     # We had a few error reports with g.* variables missing in this function, so now
@@ -289,7 +253,8 @@ def record_views_and_events(response):
                     jobpost_id=g.jobpost_viewed[0],
                     bgroup=g.jobpost_viewed[1])
         else:
-            g.esession.save_to_cache(session['au'])
+            if 'au' in session:
+                g.esession.save_to_cache(session['au'])
             if g.impressions:
                 # Save impressions to user's cookie session to write to db later
                 session['impressions'] = g.impressions

From ce31a8afdef8090615ac1ef32089f45c8788c660 Mon Sep 17 00:00:00 2001
From: Bibhas <me@bibhas.in>
Date: Fri, 6 Apr 2018 01:49:54 +0530
Subject: [PATCH 06/14] removed check for g.esession

---
 hasjob/views/helper.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hasjob/views/helper.py b/hasjob/views/helper.py
index bfbf4b5de..1e909380b 100644
--- a/hasjob/views/helper.py
+++ b/hasjob/views/helper.py
@@ -267,7 +267,7 @@ def session_jobpost_ab():
     Returns the user's B-group assignment (NA, True, False) for all jobs shown to the user
     in the current event session (impressions or views) as a dictionary of {id: bgroup}
     """
-    if g.esession and not g.esession.persistent:
+    if not g.esession.persistent:
         return {key: value[2] for key, value in session.get('impressions', {}).items()}
     result = {ji.jobpost_id: ji.bgroup for ji in JobImpression.query.filter_by(event_session=g.esession)}
     result.update({jvs.jobpost_id: jvs.bgroup for jvs in JobViewSession.query.filter_by(event_session=g.esession)})

From 80ba99d85a624baef96e8fe68e8f115075adc3aa Mon Sep 17 00:00:00 2001
From: Bibhas <me@bibhas.in>
Date: Wed, 11 Apr 2018 02:52:28 +0530
Subject: [PATCH 07/14] deleting session cookie if user is logged in

---
 hasjob/views/helper.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/hasjob/views/helper.py b/hasjob/views/helper.py
index 1e909380b..6561d73ad 100644
--- a/hasjob/views/helper.py
+++ b/hasjob/views/helper.py
@@ -81,8 +81,12 @@ def load_user_data(user):
                 if anon_user:
                     if g.user:
                         anon_user.user = g.user
+                        session.pop('au', None)
                     g.anon_user = anon_user
-                session.pop('au', None)
+                else:
+                    # the AnonUser record has been deleted for some reason,
+                    # this should not happen.
+                    session.pop('au', None)
         elif not g.user:
             # g.user, g.anon_user, session['au'], none of them are set
             g.esession = EventSessionBase.new_from_request(request)

From 424e5cd213214725634ecac4f047771d3140e6be Mon Sep 17 00:00:00 2001
From: Bibhas <me@bibhas.in>
Date: Wed, 11 Apr 2018 17:58:35 +0530
Subject: [PATCH 08/14] fetching g.esession from cache after anon user is saved
 in db

---
 hasjob/views/api.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/hasjob/views/api.py b/hasjob/views/api.py
index e4ad23be2..823fd8e1d 100644
--- a/hasjob/views/api.py
+++ b/hasjob/views/api.py
@@ -39,13 +39,12 @@ def anon_session():
         g.esession = EventSession.new_from_request(request)
         g.esession.anon_user = g.anon_user
         db.session.add(g.esession)
-        if 'au' in session:
-            g.esession.load_from_cache(session['au'], UserEvent)
         # We'll update session['au'] below after database commit
         db.session.commit()
 
     if g.anon_user:
         session['au'] = g.anon_user.id
+        g.esession.load_from_cache(session['au'], UserEvent)
         session.permanent = True
 
     return Response({'status': 'ok'})

From 507e6b3bc334163b6e801343ac6fb159266acf7f Mon Sep 17 00:00:00 2001
From: Bibhas <me@bibhas.in>
Date: Wed, 18 Apr 2018 13:28:27 +0530
Subject: [PATCH 09/14] session['au'] can only be integer now, so converting to
 string

---
 hasjob/models/user.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hasjob/models/user.py b/hasjob/models/user.py
index 91086ec35..1a55b0716 100644
--- a/hasjob/models/user.py
+++ b/hasjob/models/user.py
@@ -101,10 +101,10 @@ def as_dict(self):
     def save_to_cache(self, key):
         # Use cache instead of redis_store because we're too lazy to handle type marshalling
         # manually. Redis only stores string values in a hash and we have some integer data.
-        cache.set('anon/' + key, self.as_dict(), timeout=120)
+        cache.set('anon/' + str(key), self.as_dict(), timeout=120)
 
     def load_from_cache(self, key, eventclass):
-        result = cache.get('anon/' + key)
+        result = cache.get('anon/' + str(key))
         if result:
             for key in result:
                 if key != 'events':

From 24380f479655c4bba1fa00bcd89d53a67b4711ff Mon Sep 17 00:00:00 2001
From: Bibhas <me@bibhas.in>
Date: Wed, 18 Apr 2018 15:29:14 +0530
Subject: [PATCH 10/14] removed anon macro import from templates where it's not
 needed anymore

---
 hasjob/templates/formlayout.html.jinja2 | 1 -
 hasjob/templates/sheet.html.jinja2      | 2 +-
 hasjob/templates/tablayout.html.jinja2  | 1 -
 3 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/hasjob/templates/formlayout.html.jinja2 b/hasjob/templates/formlayout.html.jinja2
index 7c1d5e9c1..f6cd82343 100644
--- a/hasjob/templates/formlayout.html.jinja2
+++ b/hasjob/templates/formlayout.html.jinja2
@@ -1,4 +1,3 @@
-{% from "macros.html.jinja2" import anon_user_script %}
 {%- if current_view.tabs -%}
   {%- extends "tablayout.html.jinja2" -%}
 {%- else -%}
diff --git a/hasjob/templates/sheet.html.jinja2 b/hasjob/templates/sheet.html.jinja2
index faa97dba1..575fb4582 100644
--- a/hasjob/templates/sheet.html.jinja2
+++ b/hasjob/templates/sheet.html.jinja2
@@ -1,5 +1,5 @@
 {%- extends "layout.html.jinja2" -%}
-{%- from "macros.html.jinja2" import campaign_header, campaign_script, anon_user_script -%}
+{%- from "macros.html.jinja2" import campaign_header, campaign_script -%}
 {% block messages %}{% endblock %}
 {% block basecontent %}
   {%- if header_campaign %}<div id="header-campaign"></div>{% endif %}
diff --git a/hasjob/templates/tablayout.html.jinja2 b/hasjob/templates/tablayout.html.jinja2
index d9a548e7f..09ed0ae8d 100644
--- a/hasjob/templates/tablayout.html.jinja2
+++ b/hasjob/templates/tablayout.html.jinja2
@@ -1,4 +1,3 @@
-{% from "macros.html.jinja2" import anon_user_script %}
 {%- extends "layout.html.jinja2" -%}
 {% block pageheaders %}
   <link href="//cdnjs.cloudflare.com/ajax/libs/c3/0.4.14/c3.min.css" rel="stylesheet"/>

From 6f88b9d30f2a5bf53c5a018b6e81bc034e05d779 Mon Sep 17 00:00:00 2001
From: Bibhas <me@bibhas.in>
Date: Mon, 7 May 2018 14:46:14 +0530
Subject: [PATCH 11/14] Loading session details from cache when creating anon
 user

---
 hasjob/models/user.py  | 2 +-
 hasjob/views/api.py    | 8 ++++----
 hasjob/views/helper.py | 8 +++++---
 3 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/hasjob/models/user.py b/hasjob/models/user.py
index 1a55b0716..f61306433 100644
--- a/hasjob/models/user.py
+++ b/hasjob/models/user.py
@@ -101,7 +101,7 @@ def as_dict(self):
     def save_to_cache(self, key):
         # Use cache instead of redis_store because we're too lazy to handle type marshalling
         # manually. Redis only stores string values in a hash and we have some integer data.
-        cache.set('anon/' + str(key), self.as_dict(), timeout=120)
+        cache.set('anon/' + str(key), self.as_dict(), timeout=300)
 
     def load_from_cache(self, key, eventclass):
         result = cache.get('anon/' + str(key))
diff --git a/hasjob/views/api.py b/hasjob/views/api.py
index 823fd8e1d..2f7c3a6ee 100644
--- a/hasjob/views/api.py
+++ b/hasjob/views/api.py
@@ -28,18 +28,18 @@ def anon_session():
     """
     Load anon user:
 
-    1. If client returns valid csrf token, create and set g.anon_user
+    1. If client sends valid csrf token, create and set g.anon_user
     2. if g.anon_user exists, set session['au'] to anon_user.id
     """
     csrf_form = FlaskForm()
-    if csrf_form.validate_on_submit():
-        # This client sent us back valid csrf token
+    if not g.user and not g.anon_user and csrf_form.validate_on_submit():
+        # This client sent us valid csrf token
         g.anon_user = AnonUser()
         db.session.add(g.anon_user)
         g.esession = EventSession.new_from_request(request)
         g.esession.anon_user = g.anon_user
+        g.esession.load_from_cache(session['au'], UserEvent)
         db.session.add(g.esession)
-        # We'll update session['au'] below after database commit
         db.session.commit()
 
     if g.anon_user:
diff --git a/hasjob/views/helper.py b/hasjob/views/helper.py
index fc7af74ca..8648c14e9 100644
--- a/hasjob/views/helper.py
+++ b/hasjob/views/helper.py
@@ -60,8 +60,8 @@ def load_user_data(user):
     Part 2: Are we in kiosk mode? Is there a preview campaign?
     Part 3: Look up user's IP address location as geonameids for use in targeting.
     """
-    g.anon_user = None
-    g.event_data = {}
+    g.anon_user = None  # Could change below
+    g.event_data = {}  # Views can add data to the current pageview event
     g.esession = None
     g.viewcounts = {}
     g.impressions = session.pop('impressions', {})  # Retrieve from cookie session if present there
@@ -81,8 +81,10 @@ def load_user_data(user):
                 if anon_user:
                     if g.user:
                         anon_user.user = g.user
+                        g.anon_user = None
                         session.pop('au', None)
-                    g.anon_user = anon_user
+                    else:
+                        g.anon_user = anon_user
                 else:
                     # the AnonUser record has been deleted for some reason,
                     # this should not happen.

From b9234e97b43bbfcfbb43650d4fc4fcc0a8b414ef Mon Sep 17 00:00:00 2001
From: Bibhas <me@bibhas.in>
Date: Mon, 7 May 2018 22:13:28 +0530
Subject: [PATCH 12/14] saving and loading session from cache

---
 hasjob/views/api.py    | 14 ++++++++------
 hasjob/views/helper.py | 15 ++++++++++-----
 2 files changed, 18 insertions(+), 11 deletions(-)

diff --git a/hasjob/views/api.py b/hasjob/views/api.py
index 2f7c3a6ee..5b1b7665d 100644
--- a/hasjob/views/api.py
+++ b/hasjob/views/api.py
@@ -1,10 +1,10 @@
 # -*- coding: utf-8 -*-
-
+from datetime import datetime
 from flask import jsonify, g, session, request, Response
 from flask_wtf import FlaskForm
 from coaster.views import requestargs, render_with
-
-from ..models import db, Tag, Domain, AnonUser, EventSession, EventSessionBase, UserEvent
+from .helper import rq_save_impressions
+from ..models import db, Tag, Domain, AnonUser, EventSession, UserEvent
 from .. import app, lastuser
 
 
@@ -31,6 +31,8 @@ def anon_session():
     1. If client sends valid csrf token, create and set g.anon_user
     2. if g.anon_user exists, set session['au'] to anon_user.id
     """
+    now = datetime.utcnow()
+
     csrf_form = FlaskForm()
     if not g.user and not g.anon_user and csrf_form.validate_on_submit():
         # This client sent us valid csrf token
@@ -38,13 +40,13 @@ def anon_session():
         db.session.add(g.anon_user)
         g.esession = EventSession.new_from_request(request)
         g.esession.anon_user = g.anon_user
-        g.esession.load_from_cache(session['au'], UserEvent)
+        g.esession.load_from_cache(session['es'], UserEvent)
         db.session.add(g.esession)
         db.session.commit()
 
     if g.anon_user:
         session['au'] = g.anon_user.id
-        g.esession.load_from_cache(session['au'], UserEvent)
-        session.permanent = True
+        if 'impression' in session:
+            rq_save_impressions(g.esession.id, session.pop('impressions').values(), now, delay=False)
 
     return Response({'status': 'ok'})
diff --git a/hasjob/views/helper.py b/hasjob/views/helper.py
index 8648c14e9..45fbe5b93 100644
--- a/hasjob/views/helper.py
+++ b/hasjob/views/helper.py
@@ -100,9 +100,9 @@ def load_user_data(user):
             session['es'] = g.esession.uuid
 
         if g.anon_user and 'impressions' in session:
-            # Run this in the foreground since we need this later in the request for A/B display consistency.
-            # This is most likely being called from the UI-non-blocking sniffle.gif anyway.
-            save_impressions(g.esession.id, session.pop('impressions').values(), now)
+            # Run this in the foreground
+            # since we need this later in the request for A/B display consistency.
+            rq_save_impressions(g.esession.id, session.pop('impressions').values(), now, delay=False)
 
     # We have a user, now look up everything else
     if session.get('kiosk'):
@@ -259,8 +259,7 @@ def record_views_and_events(response):
                     jobpost_id=g.jobpost_viewed[0],
                     bgroup=g.jobpost_viewed[1])
         else:
-            if 'au' in session:
-                g.esession.save_to_cache(session['au'])
+            g.esession.save_to_cache(session['es'])
             if g.impressions:
                 # Save impressions to user's cookie session to write to db later
                 session['impressions'] = g.impressions
@@ -584,6 +583,12 @@ def save_impressions(session_id, impressions, viewed_time):
         mark_dirty_impression_counts([postid for pinned, postid, bgroup in impressions])
 
 
+def rq_save_impressions(session_id, impressions, viewed_time, delay=True):
+    func = save_impressions.delay if delay else save_impressions
+    print func, session_id
+    func(session_id, impressions, viewed_time)
+
+
 @job('hasjob')
 def campaign_view_count_update(campaign_id, user_id=None, anon_user_id=None):
     if not user_id and not anon_user_id:

From 3c1fa76ded16240e221d2430e1865efc114ef6ee Mon Sep 17 00:00:00 2001
From: Bibhas <me@bibhas.in>
Date: Mon, 14 May 2018 18:12:10 +0530
Subject: [PATCH 13/14] Fixed the eventsession flow

---
 hasjob/views/api.py    |  6 +++---
 hasjob/views/helper.py | 31 +++++++++++++++----------------
 2 files changed, 18 insertions(+), 19 deletions(-)

diff --git a/hasjob/views/api.py b/hasjob/views/api.py
index 5b1b7665d..9732ef42f 100644
--- a/hasjob/views/api.py
+++ b/hasjob/views/api.py
@@ -3,7 +3,7 @@
 from flask import jsonify, g, session, request, Response
 from flask_wtf import FlaskForm
 from coaster.views import requestargs, render_with
-from .helper import rq_save_impressions
+from .helper import save_impressions
 from ..models import db, Tag, Domain, AnonUser, EventSession, UserEvent
 from .. import app, lastuser
 
@@ -46,7 +46,7 @@ def anon_session():
 
     if g.anon_user:
         session['au'] = g.anon_user.id
-        if 'impression' in session:
-            rq_save_impressions(g.esession.id, session.pop('impressions').values(), now, delay=False)
+        if 'impressions' in session:
+            save_impressions(g.esession.id, session.pop('impressions').values(), now)
 
     return Response({'status': 'ok'})
diff --git a/hasjob/views/helper.py b/hasjob/views/helper.py
index 45fbe5b93..8b74314a2 100644
--- a/hasjob/views/helper.py
+++ b/hasjob/views/helper.py
@@ -74,7 +74,7 @@ def load_user_data(user):
         if 'au' in session and session['au'] is not None:
             if unicode(session['au']).startswith('test'):
                 # old test token that we no longer need
-                session.pop('au', None)
+                session.pop('au')
             else:
                 # fetch anon user and set anon_user.user if g.user exists
                 anon_user = AnonUser.query.get(session['au'])
@@ -88,21 +88,26 @@ def load_user_data(user):
                 else:
                     # the AnonUser record has been deleted for some reason,
                     # this should not happen.
-                    session.pop('au', None)
-        elif not g.user:
-            # g.user, g.anon_user, session['au'], none of them are set
-            g.esession = EventSessionBase.new_from_request(request)
+                    session.pop('au')
 
         # Prepare event session if it's not already present
-        if g.user or g.anon_user and not g.esession:
-            g.esession = EventSession.get_session(uuid=session.get('es'), user=g.user, anon_user=g.anon_user)
-        if g.esession:
-            session['es'] = g.esession.uuid
+        if g.esession is None:
+            if 'es' in session and session['es'] is not None:
+                # it's in cache or the db, load it
+                if g.user or g.anon_user:
+                    g.esession = EventSession.get_session(uuid=session['es'], user=g.user, anon_user=g.anon_user)
+                else:
+                    g.esession = EventSessionBase.new_from_request(request)
+                    g.esession.load_from_cache(session['es'], UserEvent)
+            else:
+                # create a new session
+                g.esession = EventSessionBase.new_from_request(request)
+                session['es'] = g.esession.uuid
 
         if g.anon_user and 'impressions' in session:
             # Run this in the foreground
             # since we need this later in the request for A/B display consistency.
-            rq_save_impressions(g.esession.id, session.pop('impressions').values(), now, delay=False)
+            save_impressions(g.esession.id, session.pop('impressions').values(), now)
 
     # We have a user, now look up everything else
     if session.get('kiosk'):
@@ -583,12 +588,6 @@ def save_impressions(session_id, impressions, viewed_time):
         mark_dirty_impression_counts([postid for pinned, postid, bgroup in impressions])
 
 
-def rq_save_impressions(session_id, impressions, viewed_time, delay=True):
-    func = save_impressions.delay if delay else save_impressions
-    print func, session_id
-    func(session_id, impressions, viewed_time)
-
-
 @job('hasjob')
 def campaign_view_count_update(campaign_id, user_id=None, anon_user_id=None):
     if not user_id and not anon_user_id:

From 6f34e5d4230fd0f7451d7537e8a863da45ef8e9f Mon Sep 17 00:00:00 2001
From: Bibhas <me@bibhas.in>
Date: Thu, 17 May 2018 15:46:20 +0530
Subject: [PATCH 14/14] No longer checking for dirty session before committing

---
 hasjob/views/helper.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/hasjob/views/helper.py b/hasjob/views/helper.py
index 8b74314a2..4aa51e0f7 100644
--- a/hasjob/views/helper.py
+++ b/hasjob/views/helper.py
@@ -155,8 +155,11 @@ def load_user_data(user):
 
 @app.after_request
 def record_views_and_events(response):
-    if len(db.session.dirty) > 0 or len(db.session.new) > 0:
-        db.session.commit()
+    # if there were any transaction changes in load_user_data(), that'll get commited here.
+    # commit() is supposed to raise an error if no transaction exists,
+    # but the default behavior of the Session is that a transaction is always present;
+    # http://docs.sqlalchemy.org/en/latest/orm/session_basics.html#committing
+    db.session.commit()
 
     # We had a few error reports with g.* variables missing in this function, so now
     # we look again and make note if something is missing. We haven't encountered