It's a good idea, but the hash doesn't need to be unique or secure.
The IPv4 space is 2^32. The trick is to keep e.g. 24 bits. 2^24 gives 16M possibilities -- unless your web site is _VERY_ big, that means it's a unique ID for most visitors. If you come across an IP (e.g. a scammer), you can also backtrack.
On the other hand, mapping back, you get 2^8 options, so you can't tie back to a unique user.
A nonce is a good idea, but it's not part of the security perimeter here.
The IPv4 space is 2^32. The trick is to keep e.g. 24 bits. 2^24 gives 16M possibilities -- unless your web site is _VERY_ big, that means it's a unique ID for most visitors. If you come across an IP (e.g. a scammer), you can also backtrack.
On the other hand, mapping back, you get 2^8 options, so you can't tie back to a unique user.
A nonce is a good idea, but it's not part of the security perimeter here.