sinemacula/laravel-cached-crypt
Composer 安装命令:
composer require sinemacula/laravel-cached-crypt
包简介
A Laravel package that adds transparent caching to decrypted values for improved performance across encrypted attributes.
README 文档
README
📦 This package is archived and no longer maintained. The problem it set out to solve - repeated in-request decryption overhead - turns out to be a very narrow one in practice. Modern AES decryption is extremely fast, and where repeated decryption is genuinely measurable it is better handled at the application layer (caching the resolved value on the model or behind a dedicated accessor) than by globally swapping the framework encrypter. The optional cross-request plaintext caching also carried security trade-offs that we no longer consider justified by the marginal gains.
Existing tagged releases (up to
v1.3.1) remain installable via Composer/Packagist, but the repository is read-only and will receive no further updates, including for new Laravel versions. We recommend relying on Laravel's built-in encryption directly.
Laravel Cached Crypt wraps Laravel's encrypter to reduce repeated decrypt overhead in hot paths. It is drop-in by default, memoizes decrypt results in-process, and can optionally persist plaintext with bounded TTL, epoch versioning, and size guardrails.
⚠️ Security Warning Persisted plaintext caching should only be enabled when operational controls are in place. Use secured Redis/Memcached with encryption in transit and at rest, private networking, and short TTLs. Prefer memo-only mode unless cross-request reuse is required.
Features
- Drop-in provider integration with no manual registration order requirements
- Enabled-by-default memo-only optimization path (
enabled=true,memo_only=true,cache_plaintext=false) - Optional cross-request plaintext persistence with TTL (no
rememberForever) - Epoch and optional key fingerprint namespacing for safe invalidation boundaries
- SHA-256 payload hashing for cache keys
- Optional dedicated cache store and optional cache tagging
- Size guardrails (
min_bytes_to_cache,max_memo_bytes,max_bytes_to_cache) - Optional eligibility resolver hook for app-specific persistence decisions
- Fail-open behavior for cache backend and resolver failures (decrypt path preserved)
- Optional sampled metric logging for cache/decrypt behavior
Installation
composer require sinemacula/laravel-cached-crypt
Laravel will automatically register the service provider via package discovery. No manual provider ordering is required.
Configuration
Publish the config file:
php artisan vendor:publish --tag=config
Default configuration in config/cached-crypt.php:
return [ 'enabled' => true, 'cache_plaintext' => false, 'memo_only' => true, 'ttl_seconds' => 120, 'epoch' => 'v1', 'key_fingerprint' => null, 'store' => null, 'min_bytes_to_cache' => 1024, 'max_memo_bytes' => 262144, 'max_bytes_to_cache' => 262144, 'use_tags' => false, 'eligibility_resolver' => null, 'metrics' => [ 'enabled' => false, 'sample_rate' => 0.10, ], ];
Safe defaults:
- Works out of the box with no additional env vars
- Package enabled in memo-only mode by default
- Cross-request plaintext persistence remains off unless explicitly enabled
How It Works
For each decrypt call:
- Build a namespaced key with epoch and SHA-256 payload hash.
- Read from in-process memoization cache first.
- Optionally read/write persistent plaintext cache when enabled and eligible.
- Decrypt via Laravel when needed, then memoize and optionally persist.
- Fail open on cache/resolver errors so decrypt behavior is preserved.
Persistent writes are bounded by:
ttl_secondsmin_bytes_to_cache(encrypted payload size)max_memo_bytes(in-process memo value size estimate)max_bytes_to_cache(decrypted value size estimate)- Optional resolver callback (
eligibility_resolver)
Operating Modes
memo_only = true: in-process reuse only, no cross-request plaintext persistence.cache_plaintext = trueandmemo_only = false: allows persistent plaintext caching with guardrails.
Key Rotation and Invalidation
When encryption settings change (for example APP_KEY, cipher, or previous_keys), bump epoch.
This immediately cold-starts cached plaintext keys without requiring global cache flushes.
If use_tags is enabled and the store supports tags, entries are grouped under:
cached-cryptcached-crypt:{epoch}
Metrics
When metrics.enabled is true, sampled events are logged with:
- cache hit/miss source (
memoorpersistent) - decrypt duration in milliseconds
- approximate bytes persisted for cache writes
- cache error events for persistent read/write failures
Testing
composer test
composer test-coverage
composer check
Contributing
Contributions are welcome via GitHub pull requests.
Security
If you discover a security issue, please contact Sine Macula directly rather than opening a public issue.
License
Licensed under the Apache License, Version 2.0.
sinemacula/laravel-cached-crypt 适用场景与选型建议
sinemacula/laravel-cached-crypt 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 15.28k 次下载、GitHub Stars 达 0, 最近一次更新时间为 2025 年 05 月 25 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「cache」 「encryption」 「laravel」 「sine macula」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 sinemacula/laravel-cached-crypt 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 sinemacula/laravel-cached-crypt 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 sinemacula/laravel-cached-crypt 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
repository php library
A simple PHP class to encrypt a string and decrypt an encrypted string
A package for automatically encrypting and decrypting Eloquent attributes in Laravel 5.5+, based on configuration settings.
Encryption with AES-256 and HMAC-SHA256
Allows installation of Laravel where the PHP Mcrypt extension is not available. Provides encryption using OpenSSL, or by disabling encryption entierly.
High-level cryptographic primitives and security utilities for Maatify systems including password hashing, reversible encryption, HKDF key derivation, and key rotation.
统计信息
- 总下载量: 15.28k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 36
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: Apache-2.0
- 更新时间: 2025-05-25