AshAuthentication.AddOn.AuditLog.IpPrivacy (ash_authentication v4.13.3)

View Source

Provides IP address privacy transformations for audit logging.

This module handles transforming IP addresses according to privacy settings to help comply with privacy regulations like GDPR.

Summary

Functions

apply_privacy(ip, arg2, opts)

Apply privacy transformation to an IP address string.

apply_to_request(request, mode, opts)

Apply privacy transformation to request data containing IP addresses.

hash_ip(ip)

Hash an IP address using SHA256.

truncate_ip(ip, masks)

Truncate an IP address to a network prefix.

Functions

apply_privacy(ip, arg2, opts)

@spec apply_privacy(String.t() | nil, atom(), map()) :: String.t() | nil

Apply privacy transformation to an IP address string.

Options

  • :mode - The privacy mode (:none, :hash, :truncate, :exclude)
  • :truncation_masks - Map with :ipv4 and :ipv6 keys for truncation bits

apply_to_request(request, mode, opts)

@spec apply_to_request(map(), atom(), map()) :: map()

Apply privacy transformation to request data containing IP addresses.

Transforms the following fields:

  • remote_ip
  • x_forwarded_for (list of IPs)
  • forwarded (list of forwarded headers)

hash_ip(ip)

@spec hash_ip(String.t()) :: String.t()

Hash an IP address using SHA256.

Uses the application's secret key base as salt for consistent hashing.

truncate_ip(ip, masks)

@spec truncate_ip(String.t(), map()) :: String.t() | nil

Truncate an IP address to a network prefix.

For IPv4: Applies a subnet mask (e.g., /24 keeps first 3 octets) For IPv6: Applies a prefix length (e.g., /48 keeps first 3 hextets)