Ensure logged-in users aren't identifiable in Sentry

Author: pimterry

package-lock.json

@@ -42,7 +42,7 @@
     "@fortawesome/free-regular-svg-icons": "^5.12.1",
     "@fortawesome/free-solid-svg-icons": "^5.12.1",
     "@fortawesome/react-fontawesome": "^0.1.8",
-    "@httptoolkit/accounts": "^2.2.0",
+    "@httptoolkit/accounts": "^2.3.0",
     "@httptoolkit/httpsnippet": "^2.1.7",
     "@open-rpc/meta-schema": "^1.14.2",
     "@phosphor-icons/react": "^2.1.5",

package.json

@@ -65,13 +65,18 @@ export function initSentry(dsn: string | undefined) {
     });
 }
 
-export function logErrorsAsUser(email: string | undefined) {
+export function logErrorsAsUser(id: string | undefined) {
     if (!sentryInitialized) return;
 
-    Sentry.getCurrentScope().setUser({
-        id: email,
-        email: email
-    });
+    if (!id) {
+        Sentry.getCurrentScope().setUser(null);
+    } else {
+        // We track errors by user id - this ensures that any actual identities are
+        // never exposed to Sentry (you need access to our user DB to link user error
+        // reports and the corresponding Sentry data).
+        id = id.replace('email|', '');
+        Sentry.getCurrentScope().setUser({ id: id });
+    }
 }
 
 function addErrorTag(key: string, value: string) {

src/errors.ts

@@ -129,9 +129,9 @@ export class AccountStore {
         this.user = yield getLatestUserData();
         this.accountDataLastUpdated = Date.now();
 
-        // Include the user email in error reports whilst they're logged in.
+        // Include the user id in error reports whilst they're logged in.
         // Useful generally, but especially for checkout/subscription issues.
-        logErrorsAsUser(this.user.email);
+        logErrorsAsUser(this.user.userId);
 
         if (this.user.banned) {
             alert('Your account has been blocked for abuse. Please contact [email protected].');