flexflux/encryptor
Composer 安装命令:
composer require flexflux/encryptor
包简介
Package to automatically encrypt and decrypt model attributes in your Laravel project.
README 文档
README
Encryptor is a simple package to automatically encrypt and decrypt attributes from your models. Encryptor creates an extra layer of security for your applications data. The encrypted data won't be readable on database level.
Requires
Laravel version 8.12 or higher.
Installation
- Step 1: Install package via composer.
composer require flexflux/encryptor
- Step 2: Add the EncryptorServiceProvider to your providers list in
config/app.php.
\FlexFlux\Encryptor\EncryptorServiceProvider::class,
- Step 3: Add the Encryptable trait to your models you want to encrypt.
use FlexFlux\Encryptor\Encryptable;
use Encryptable;
- Step 4: Define which attributes you want to encrypt by adding them to your encryptable array inside the model.
protected $encryptable = [
'name'
];
- Step 5: Make sure the attributes have the data type
textinside your database. The encrypted data stored in the attribute can be longer then 255 characters.
PLEASE DO NOT encrypt passwords or e-mailaddresses used for authentication. The authentication won't work if you do this.
Encrypt your production database
Requirements:
- All your models needs to be inside the
app\Modelsfolder of your Laravel project. - You did all the installation steps above.
- You changed the data type of your encryptable attributes to text without compromising data.
To use Encryptor on an application already deployed to production we need to do the following steps on your production application:
-
Step 0: Make sure you've made a backup of your database to restore in case anything goes wrong. Make sure you backup your APP_KEY in your
.envfile too. -
Step 1: First, make sure your application is not used by entering the following command inside your project folder:
php artisan down. This will put your application offline for your users. -
Step 2: Remove (or comment) the Encryptable trait
use Encryptable;in each model you added this to. Add theFlexFlux\Encryptor\EncryptThistrait from Encryptor instead by addinguse EncryptThis. Make sure you still have theprotected $encryptable = []array inside your model with the attributes you want to encrypt. We're going to use this variable. (You can also do this in a commit and push it to your production server or something like that) -
Step 3: Next, we run the following command:
php artisan encryptor:encryptinside your project folder. The command should now run through your Laravel models and encrypt each attribute on every row you wanted to encrypt. -
Step 4: Enable the
Encryptabletrait again on every model and remove theEncryptThistrait. (You can also do this in a commit and push it to your production server or something like that) -
Step 5: Put your application back online by entering the following command:
php artisan upand your good to go! Your old and new database records are now encrypted at rest.
Work in progress
- I'm planning to make it possible to search on encrypted attributes.
DISCLAIMER
Please backup your APP_KEY from your production environment file. This key is used to encrypt and decrypt your data. Once you lost it, the data can never be decrypted.
flexflux/encryptor 适用场景与选型建议
flexflux/encryptor 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 303 次下载、GitHub Stars 达 0, 最近一次更新时间为 2021 年 05 月 23 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「security」 「encryption」 「laravel」 「decryption」 「encrypter」 「encryptor」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 flexflux/encryptor 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 flexflux/encryptor 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 flexflux/encryptor 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
A simple PHP class to encrypt a string and decrypt an encrypted string
A package for automatically encrypting and decrypting Eloquent attributes in Laravel 5.5+, based on configuration settings.
Provide a way to secure accesses to all routes of an symfony application.
Encryption with AES-256 and HMAC-SHA256
Allows installation of Laravel where the PHP Mcrypt extension is not available. Provides encryption using OpenSSL, or by disabling encryption entierly.
High-level cryptographic primitives and security utilities for Maatify systems including password hashing, reversible encryption, HKDF key derivation, and key rotation.
统计信息
- 总下载量: 303
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 33
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2021-05-23