bennetgallein/vat-api.eu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: anonymize IPs via HMAC before persisting to MongoDB

Browse Source 
GDPR compliance — IPs are HMAC-SHA256'd (truncated to 16 hex chars)
before being pushed to the Redis queue, so only pseudonymous tokens
are ever stored.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Bennet Gallein
2026-02-14 10:30:20 +01:00
parent f2b690f3f5
commit b0e78086f4
2 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
server/utils/requestLogger.ts
View File

@@ -1,3 +1,5 @@
import { createHmac } from "node:crypto";
export interface RequestLogEntry {
ip: string;
path: string;
@@ -7,6 +9,11 @@ export interface RequestLogEntry {
timestamp: string;
}
export function anonymizeIp(ip: string): string {
const secret = useRuntimeConfig().adminPassword || "default-hmac-key";
return createHmac("sha256", secret).update(ip).digest("hex").slice(0, 16);
}
export function logRequest(data: RequestLogEntry): void {
try {
const redis = getRedis();