From a27fb52d6fe1909e6673ced878ae3cfcae766925 Mon Sep 17 00:00:00 2001
From: chrisokamoto <christiane.okamoto@gapfish.com>
Date: Thu, 31 May 2018 15:19:32 +0200
Subject: [PATCH] transforms ips to hashes (#6)

* transforms ips to hashes

* updates version

* transforms forwarded_ip to hash only if it is present

* changes from SHA1 to SHA256

* don't set forwarded_ip anymore
---
 Gemfile                                   | 2 ++
 gemfiles/rails_3.gemfile                  | 3 ++-
 gemfiles/rails_4.gemfile                  | 3 ++-
 lib/re_track/session_data.rb              | 9 +++++++--
 lib/re_track/version.rb                   | 2 +-
 spec/controllers/referer_tracking_spec.rb | 5 +++--
 6 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/Gemfile b/Gemfile
index 8851a59..0bca7c0 100644
--- a/Gemfile
+++ b/Gemfile
@@ -5,3 +5,5 @@ gemspec
 gem "jquery-rails"
 
 gem "responders"
+
+gem 'test-unit', '~> 3.0'
diff --git a/gemfiles/rails_3.gemfile b/gemfiles/rails_3.gemfile
index 0a71a6f..8927a2a 100644
--- a/gemfiles/rails_3.gemfile
+++ b/gemfiles/rails_3.gemfile
@@ -4,7 +4,8 @@ source "https://rubygems.org/"
 
 gem "jquery-rails"
 gem "responders"
+gem "test-unit", "~> 3.0"
 gem "rails", "~> 3.2.21"
 gem "mongoid", "~> 3.1.6"
 
-gemspec :path => "../"
+gemspec path: "../"
diff --git a/gemfiles/rails_4.gemfile b/gemfiles/rails_4.gemfile
index 000d0a1..7d0a52d 100644
--- a/gemfiles/rails_4.gemfile
+++ b/gemfiles/rails_4.gemfile
@@ -4,7 +4,8 @@ source "https://rubygems.org/"
 
 gem "jquery-rails"
 gem "responders"
+gem "test-unit", "~> 3.0"
 gem "rails", "~> 4.0"
 gem "mongoid", "~> 4"
 
-gemspec :path => "../"
+gemspec path: "../"
diff --git a/lib/re_track/session_data.rb b/lib/re_track/session_data.rb
index 00e5761..05772cd 100644
--- a/lib/re_track/session_data.rb
+++ b/lib/re_track/session_data.rb
@@ -29,7 +29,7 @@ def first_visited_at
       end
 
       def ip
-        @request.remote_ip
+        Digest::SHA256.hexdigest(@request.remote_ip + ip_secret)
       end
 
       def accept_language
@@ -37,7 +37,12 @@ def accept_language
       end
 
       def forwarded_ip
-        @request.env['HTTP_X_FORWARDED_FOR'] || @request.env['HTTP_CLIENT_IP']
+        # we don't need this information anymore
+        nil
+      end
+
+      def ip_secret
+        ENV['ENCRYPT_IP_SECRET'] || ''
       end
 
     extend self
diff --git a/lib/re_track/version.rb b/lib/re_track/version.rb
index d45cd40..f195c68 100644
--- a/lib/re_track/version.rb
+++ b/lib/re_track/version.rb
@@ -1,3 +1,3 @@
 module ReTrack
-  VERSION = '0.6.0'
+  VERSION = '0.7.4'
 end
diff --git a/spec/controllers/referer_tracking_spec.rb b/spec/controllers/referer_tracking_spec.rb
index 068807d..49d8b03 100644
--- a/spec/controllers/referer_tracking_spec.rb
+++ b/spec/controllers/referer_tracking_spec.rb
@@ -75,7 +75,8 @@
       end
 
       it 'saves the ip in RefererTracking' do
-        @rt.ip.should == @ip
+        encrypted_ip = Digest::SHA256.hexdigest(@ip)
+        @rt.ip.should == encrypted_ip
       end
 
       it 'saves the accept_language in RefererTracking' do
@@ -83,7 +84,7 @@
       end
 
       it 'saves forwarded_ip in RefererTracking' do
-        expect(@rt.forwarded_ip).to eq @forwarded_ip
+        expect(@rt.forwarded_ip).to eq nil
       end
     end