diff --git a/app/api/chat/route.ts b/app/api/chat/route.ts
index 68d6d48..351f328 100644
--- a/app/api/chat/route.ts
+++ b/app/api/chat/route.ts
@@ -26,6 +26,7 @@ import {
     wrapWithObserve,
 } from "@/lib/langfuse"
 import { getSystemPrompt } from "@/lib/system-prompts"
+import { getUserIdFromRequest } from "@/lib/user-id"
 
 export const maxDuration = 120
 
@@ -167,13 +168,8 @@ async function handleChatRequest(req: Request): Promise<Response> {
 
     const { messages, xml, previousXml, sessionId } = await req.json()
 
-    // Get user IP for Langfuse tracking (hashed for privacy)
-    const forwardedFor = req.headers.get("x-forwarded-for")
-    const rawIp = forwardedFor?.split(",")[0]?.trim() || "anonymous"
-    const userId =
-        rawIp === "anonymous"
-            ? rawIp
-            : `user-${Buffer.from(rawIp).toString("base64url").slice(0, 8)}`
+    // Get user ID for Langfuse tracking and quota
+    const userId = getUserIdFromRequest(req)
 
     // Validate sessionId for Langfuse (must be string, max 200 chars)
     const validSessionId =
diff --git a/app/api/log-feedback/route.ts b/app/api/log-feedback/route.ts
index 82901ff..cfa41ca 100644
--- a/app/api/log-feedback/route.ts
+++ b/app/api/log-feedback/route.ts
@@ -1,6 +1,7 @@
 import { randomUUID } from "crypto"
 import { z } from "zod"
 import { getLangfuseClient } from "@/lib/langfuse"
+import { getUserIdFromRequest } from "@/lib/user-id"
 
 const feedbackSchema = z.object({
     messageId: z.string().min(1).max(200),
@@ -32,13 +33,8 @@ export async function POST(req: Request) {
         return Response.json({ success: true, logged: false })
     }
 
-    // Get user IP for tracking (hashed for privacy)
-    const forwardedFor = req.headers.get("x-forwarded-for")
-    const rawIp = forwardedFor?.split(",")[0]?.trim() || "anonymous"
-    const userId =
-        rawIp === "anonymous"
-            ? rawIp
-            : `user-${Buffer.from(rawIp).toString("base64url").slice(0, 8)}`
+    // Get user ID for tracking
+    const userId = getUserIdFromRequest(req)
 
     try {
         // Find the most recent chat trace for this session to attach the score to
diff --git a/lib/user-id.ts b/lib/user-id.ts
new file mode 100644
index 0000000..3d7d718
--- /dev/null
+++ b/lib/user-id.ts
@@ -0,0 +1,12 @@
+/**
+ * Generate a userId from request for tracking purposes.
+ * Uses base64url encoding of IP for URL-safe identifier.
+ * Note: base64 is reversible - this is NOT privacy protection.
+ */
+export function getUserIdFromRequest(req: Request): string {
+    const forwardedFor = req.headers.get("x-forwarded-for")
+    const rawIp = forwardedFor?.split(",")[0]?.trim() || "anonymous"
+    return rawIp === "anonymous"
+        ? rawIp
+        : `user-${Buffer.from(rawIp).toString("base64url")}`
+}