RubyGems - ip_anonymizer - Versions diffs - 0.1.0 → 0.1.1 - Mend

ip_anonymizer 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

checksums.yaml +4 -4
data/.gitignore +1 -0
data/CHANGELOG.md +4 -0
data/LICENSE.txt +1 -1
data/README.md +20 -6
data/ip_anonymizer.gemspec +1 -1
data/lib/ip_anonymizer.rb +2 -2
data/lib/ip_anonymizer/hash_ip.rb +13 -2
data/lib/ip_anonymizer/mask_ip.rb +12 -2
data/lib/ip_anonymizer/version.rb +1 -1
metadata +3 -4
data/Gemfile.lock +0 -24

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dca65ff3aed9d29044a1e20925670a110aff00a527071991a5bfa9ba5cb9b269
-  data.tar.gz: ed6c97bd345eae2ac1ecabe9e1cb8db434d79a5df4dc99cdd2e561de91a42db7
+  metadata.gz: 4cb80464583a7c13916477c6fa46fee62c33619face6e13daf75f174ab795db4
+  data.tar.gz: e3b71d92e2f819f697f16bac77f5c07cfdf87b17d77770f71368ca6c32dae6ef
 SHA512:
-  metadata.gz: 565e3cbbe4d119a859de314d7b658f810ba53e513bb1b92f54652ba2baa936b0dcba8ac83acc761b32b98a04ca62b3b52b192d7ba0a597027a18741c46207fa8
-  data.tar.gz: 9321631e81f1510de578f2b9298f5c1998270e0ee6c938c559ca2309cc8a61d9f55e997187dee36cc61c18c6a167dda9b2754332138e2e471da06ea8ad95b60e
+  metadata.gz: 7522dd1c6fe7c87b24c943964507177c1426ec0b4668b86f754b1f0b7e99afa05bfe4983ffcedc71cdaf990ded12d0b456f8e2b0446e6f77515d87ebc1aa20ff
+  data.tar.gz: 5629b162d83e5d2af257660d1135062e70d63224c14ac781ed60bd9e9738b5716f0aece034d268a523535a4d3f373fdc921649b93443a178e501c17d54867ef1

data/.gitignore CHANGED

@@ -6,3 +6,4 @@
 /pkg/
 /spec/reports/
 /tmp/
+Gemfile.lock

data/CHANGELOG.md CHANGED

@@ -1,3 +1,7 @@
+## 0.1.1
+- Better performance when IP not needed
 ## 0.1.0
 - First release

data/LICENSE.txt CHANGED

@@ -1,6 +1,6 @@
 The MIT License (MIT)
-Copyright (c) 2018 Andrew
+Copyright (c) 2018 Andrew Kane
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md CHANGED

@@ -1,8 +1,12 @@
 # IP Anonymizer
-:earth_americas: IP address anonymizer for Ruby
+:earth_americas: IP address anonymizer for Ruby and Rails
-Works with IPv4 and IPv6, and includes middleware for Rails
+Works with IPv4 and IPv6
+Designed to help with [GDPR](https://en.wikipedia.org/wiki/General_Data_Protection_Regulation) compliance
+[![Build Status](https://travis-ci.org/ankane/ip_anonymizer.svg?branch=master)](https://travis-ci.org/ankane/ip_anonymizer)
 ## Getting Started
@@ -18,8 +22,8 @@ There are two strategies for anonymizing IPs.
 This is the approach [Google Analytics uses for IP anonymization](https://support.google.com/analytics/answer/2763052):
-- For IPv4, the last octet is set to 0
-- For IPv6, the last 80 bits are set to zeros
+- For IPv4, set the last octet to 0
+- For IPv6, set the last 80 bits to zeros
 ```ruby
 IpAnonymizer.mask_ip("8.8.4.4")
@@ -29,7 +33,7 @@ IpAnonymizer.mask_ip("2001:4860:4860:0:0:0:0:8844")
 # => "2001:4860:4860::"
 ```
-An advantange of this approach is geocoding will still work, only with slightly less accuracy.
+An advantange of this approach is geocoding will still work, only with slightly less accuracy. A potential disadvantage is different IPs will have the same mask (`8.8.4.4` and `8.8.4.5` both become `8.8.4.0`).
 ### Hashing
@@ -43,7 +47,13 @@ IpAnonymizer.hash_ip("2001:4860:4860:0:0:0:0:8844", key: "secret")
 # => "f6e4:a4fe:32dc:2f39:3e47:84cc:e85e:865c"
 ```
-Be sure to keep the key secret, or else a rainbow table can be constructed.
+An advantage of this approach is different IPs will have different hashes.
+Make sure the key is kept secret and at least 30 random characters. Otherwise, a rainbow table can be constructed. In Rails, you can generate a good key with:
+```sh
+rails secret
+```
 ## Rails
@@ -61,6 +71,10 @@ For hashing, use:
 config.middleware.insert_after ActionDispatch::RemoteIp, IpAnonymizer::HashIp, key: "secret"
 ```
+## Related Projects
+- [Logstop](https://github.com/ankane/logstop) - Keep personally identifiable information (PII) out of your logs
 ## History
 View the [changelog](https://github.com/ankane/ip_anonymizer/blob/master/CHANGELOG.md)

data/ip_anonymizer.gemspec CHANGED

@@ -9,7 +9,7 @@ Gem::Specification.new do |spec|
   spec.authors       = ["Andrew Kane"]
   spec.email         = ["andrew@chartkick.com"]
-  spec.summary       = "IP address anonymizer for Ruby"
+  spec.summary       = "IP address anonymizer for Ruby and Rails"
   spec.homepage      = "https://github.com/ankane/ip_anonymizer"
   spec.license       = "MIT"

data/lib/ip_anonymizer.rb CHANGED

@@ -7,7 +7,7 @@ require "ip_anonymizer/version"
 module IpAnonymizer
   def self.mask_ip(ip)
-    addr = IPAddr.new(ip)
+    addr = IPAddr.new(ip.to_s)
     if addr.ipv4?
       # set last octet to 0
       addr.mask(24).to_s
@@ -18,7 +18,7 @@ module IpAnonymizer
   end
   def self.hash_ip(ip, key:, iterations: 1)
-    addr = IPAddr.new(ip)
+    addr = IPAddr.new(ip.to_s)
     key_len = addr.ipv4? ? 4 : 16
     family = addr.ipv4? ? Socket::AF_INET : Socket::AF_INET6

data/lib/ip_anonymizer/hash_ip.rb CHANGED

@@ -7,9 +7,20 @@ module IpAnonymizer
     def call(env)
       req = ActionDispatch::Request.new(env)
-      # TODO lazy load, like ActionDispatch::RemoteIp
-      req.remote_ip = IpAnonymizer.hash_ip(req.remote_ip, key: @key)
+      # get header directly to preserve ActionDispatch::RemoteIp lazy loading
+      req.remote_ip = GetIp.new(req.get_header("action_dispatch.remote_ip".freeze), @key)
       @app.call(req.env)
     end
+    class GetIp
+      def initialize(remote_ip, key)
+        @remote_ip = remote_ip
+        @key = key
+      end
+      def to_s
+        @ip ||= IpAnonymizer.hash_ip(@remote_ip, key: @key)
+      end
+    end
   end
 end

data/lib/ip_anonymizer/mask_ip.rb CHANGED

@@ -6,9 +6,19 @@ module IpAnonymizer
     def call(env)
       req = ActionDispatch::Request.new(env)
-      # TODO lazy load, like ActionDispatch::RemoteIp
-      req.remote_ip = IpAnonymizer.mask_ip(req.remote_ip)
+      # get header directly to preserve ActionDispatch::RemoteIp lazy loading
+      req.remote_ip = GetIp.new(req.get_header("action_dispatch.remote_ip".freeze))
       @app.call(req.env)
     end
+    class GetIp
+      def initialize(remote_ip)
+        @remote_ip = remote_ip
+      end
+      def to_s
+        @ip ||= IpAnonymizer.mask_ip(@remote_ip)
+      end
+    end
   end
 end

data/lib/ip_anonymizer/version.rb CHANGED

@@ -1,3 +1,3 @@
 module IpAnonymizer
-  VERSION = "0.1.0"
+  VERSION = "0.1.1"
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ip_anonymizer
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Andrew Kane
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2018-05-06 00:00:00.000000000 Z
+date: 2018-05-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: benchmark-ips
@@ -77,7 +77,6 @@ files:
 - ".travis.yml"
 - CHANGELOG.md
 - Gemfile
-- Gemfile.lock
 - LICENSE.txt
 - README.md
 - Rakefile
@@ -109,5 +108,5 @@ rubyforge_project:
 rubygems_version: 2.7.6
 signing_key:
 specification_version: 4
-summary: IP address anonymizer for Ruby
+summary: IP address anonymizer for Ruby and Rails
 test_files: []

data/Gemfile.lock DELETED

@@ -1,24 +0,0 @@
-PATH
-  remote: .
-  specs:
-    ip_anonymizer (0.1.0)
-GEM
-  remote: https://rubygems.org/
-  specs:
-    benchmark-ips (2.7.2)
-    minitest (5.11.3)
-    rake (12.3.1)
-PLATFORMS
-  ruby
-DEPENDENCIES
-  benchmark-ips
-  bundler
-  ip_anonymizer!
-  minitest
-  rake
-BUNDLED WITH
-   1.16.1