Class: Otto::Security::Middleware::IPPrivacyMiddleware

Inherits:

Object

• Object
• Otto::Security::Middleware::IPPrivacyMiddleware

Defined in:

lib/otto/security/middleware/ip_privacy_middleware.rb

Overview

IP Privacy Middleware

Automatically masks IP addresses for privacy by default. Original IPs are never stored unless privacy is explicitly disabled.

This middleware runs FIRST in the stack to ensure all downstream middleware and application code receives masked IPs by default.

Examples:

Default behavior (privacy enabled)

# env['REMOTE_ADDR'] is masked to 192.168.1.0
# env['otto.redacted_fingerprint'] contains full anonymized data
# env['otto.original_ip'] is NOT set

Privacy disabled

otto.disable_ip_privacy!
# env['REMOTE_ADDR'] contains real IP
# env['otto.original_ip'] also contains real IP

Instance Method Summary

• #call(env) ⇒ Array

  Process request with IP privacy.

• #initialize(app, security_config = nil) ⇒ IPPrivacyMiddleware constructor

  Initialize IP Privacy middleware.

Constructor Details

#initialize(app, security_config = nil) ⇒ IPPrivacyMiddleware

Initialize IP Privacy middleware

Parameters:

• app (#call) —

  Rack application

• security_config (Otto::Security::Config) (defaults to: nil) —

  Security configuration

# File 'lib/otto/security/middleware/ip_privacy_middleware.rb', line 31

def initialize(app, security_config = nil)
  @app = app
  @security_config = security_config
  @config = security_config&.ip_privacy_config || Otto::Privacy::Config.new

  # Privacy is enabled by default unless explicitly disabled
  @privacy_enabled = @config.enabled?
end

Instance Method Details

#call(env) ⇒ Array

Process request with IP privacy

Parameters:

• env (Hash) —

  Rack environment

Returns:

• (Array) —

  Rack response tuple [status, headers, body]

# File 'lib/otto/security/middleware/ip_privacy_middleware.rb', line 44

def call(env)
  if @privacy_enabled
    apply_privacy(env)
  else
    apply_no_privacy(env)
  end

  @app.call(env)
end