Few months ago i got laravel project requirement that need me to encrypt all user information that stored at database and the encrypted information also must be searchable.
I try to google search and found some laravel package that enable eloquent to automatically encrypt data when do save and automatically decrypt data when load. Sadly most of the package not support search at the encrypted information.
Start from package that i found, i try to modify and create new package that suit my project requirement like below
Installation
Step 1: Composer
Via Composer command line:
$ composer require elgibor-solution/laravel-database-encryption
Step 2: Add ServiceProvider to your app/config.php file (Laravel 5.4 or below)
Add the service provider to the providers array in the config/app.php config file as follows:
'providers' => [
...
\ESolution\DBEncryption\Providers\DBEncryptionServiceProvider::class,
],
Usage
Use the EncryptedAttribute trait in any Eloquent model that you wish to apply encryption
to and define a protected $encrypted array containing a list of the attributes to encrypt.
For example:
use ESolution\DBEncryption\Traits\EncryptedAttribute;
class User extends Eloquent {
use EncryptedAttribute;
/**
* The attributes that should be encrypted on save.
*
* @var array
*/
protected $encryptable = [
'first_name', 'last_name'
];
}
By including the EncryptedAttribute trait, the setAttribute(), getAttribute() and getAttributeFromArray()
methods provided by Eloquent are overridden to include an additional step.
Searching Encrypted Fields Example:
Searching encrypted field can be done by calling the whereEncrypted and orWhereEncrypted functions
similar to laravel eloquent where and orWhere.
namespace App\Http\Controllers;
use App\User;
class UsersController extends Controller {
public function index(Request $request)
{
$user = User::whereEncrypted('first_name','john')
->orWhereEncrypted('last_name','!=','Doe')->firstOrFail();
return $user;
}
}
Encrypt your current data
If you have current data in your database you can encrypt it with the command below
php artisan encryptable:encryptModel 'App\User'
Additionally you can decrypt it using the command below
php artisan encryptable:decryptModel 'App\User'
Note: You must implement first the Encryptable trait and set $encryptable attributes
Exists and Unique Validation Rules
If you are using exists and unique rules with encrypted values replace it with exists_encrypted and unique_encrypted
$validator = validator(['email'=>'foo@bar.com'], ['email'=>'exists_encrypted:users,email']);
$validator = validator(['email'=>'foo@bar.com'], ['email'=>'unique_encrypted:users,email']);
Hope this package help other people that got same project requirement
Top comments (11)
What about existing plain text data in database which are there before installing and configuring this package?
You can encrypt the old data with command below
eg.
Thank you very much. :)
Nice of you to thank the author. Welcome to community! 🤓
@tommyhendrawan
How does it impact query performance when the encrypted field is an index?
Thanks for response.
Are this encryption process being done with Private key? or any one install this packages can decrypt data
The package use laravel key that generated when you first setup the project
How to use orderBy encrypted column?
the login auth controller is not working after i have add they packages any suggestions?
Is this working with auth??
How can i set encryption key other than .env file. I dont want to use .env file to keep encryption key