partially redacts IP address on token lookup page

src/admin/web/views/admin_view-user.ejs

@@ -50,7 +50,7 @@
     <tr>
       <th scope="row">IPs</th>
       <td colspan="2">
-        <%- include("partials/shared_user_ip_list", { user }) %>
+        <%- include("partials/shared_user_ip_list", { user, shouldRedact: false }) %>
       </td>
     </tr>
     <% if (user.type === "temporary") { %>

src/shared/inject-locals.ts

@@ -1,6 +1,7 @@
 import { RequestHandler } from "express";
 import { config } from "../config";
 import { getTokenCostUsd, prettyTokens } from "./stats";
+import { redactIp } from "./utils";
 import * as userStore from "./users/user-store";
 
 export const injectLocals: RequestHandler = (req, res, next) => {
@@ -25,6 +26,7 @@ export const injectLocals: RequestHandler = (req, res, next) => {
   // view helpers
   res.locals.prettyTokens = prettyTokens;
   res.locals.tokenCost = getTokenCostUsd;
+  res.locals.redactIp = redactIp;
 
   next();
 };

src/shared/utils.ts

@@ -75,3 +75,8 @@ export function makeOptionalPropsNullable<Schema extends z.AnyZodObject>(
   );
   return z.object(newProps);
 }
+
+export function redactIp(ip: string) {
+  const ipv6 = ip.includes(":");
+  return ipv6 ? "redacted:ipv6" : ip.replace(/\.\d+\.\d+$/, ".xxx.xxx");
+}

src/shared/views/partials/shared_user_ip_list.ejs

@@ -1,7 +1,7 @@
 <a href="#" id="ip-list-toggle">Show all (<%- user.ip.length %>)</a>
 <ol id="ip-list" style="display: none; padding-left: 1em; margin: 0">
   <% user.ip.forEach((ip) => { %>
-  <li><code><%- ip %></code></li>
+  <li><code><%- shouldRedact ? redactIp(ip) : ip %></code></li>
   <% }) %>
 </ol>
 

src/user/web/views/user_lookup.ejs

@@ -52,7 +52,7 @@
     </tr>
     <tr>
       <th scope="row">IPs<%- maxIps ? ` (max ${maxIps})` : "" %> </th>
-      <td colspan="2"><%- include("partials/shared_user_ip_list", { user }) %></td>
+      <td colspan="2"><%- include("partials/shared_user_ip_list", { user, shouldRedact: true }) %></td>
     </tr>
     <% if (user.type === "temporary") { %>
     <tr>