usman-ahmed/laravel-response-encryption
Composer 安装命令:
composer require usman-ahmed/laravel-response-encryption
包简介
Encrypt Laravel API JSON responses automatically using Laravel's Crypt system.
README 文档
README
LaravelResponseEncryption is a Laravel package that automatically encrypts all API responses using Laravel's built-in encryption system. It's perfect when you want to ensure sensitive data is securely transferred between your backend and frontend — with optional client-side decryption.
Features
- 🔒 Encrypts all JSON API responses automatically
- 🛠 Easily exclude specific routes from encryption
- ⚡ Lightweight and fast (middleware-based)
- 🔄 Optional frontend decryption helper
- ⚙️ Fully configurable (enabled, content types, exceptions)
- 🛡️ Built on Laravel’s native
Cryptsystem (AES-256-CBC)
Installation
Install the package via Composer:
composer require usman-ahmed/laravel-response-encryption
Then publish the config file:
php artisan vendor:publish --provider="UsmanAhmed\LaravelResponseEncryption\ResponseEncryptionServiceProvider" --tag=response-encryption-config --force
Service Provider (Optional Manual Registration)
register the service provider manually in your:
'providers' => [ // Other Service Providers \UsmanAhmed\LaravelResponseEncryption\ResponseEncryptionServiceProvider::class, ],
How It Works
Once the package is installed and enabled, it will automatically encrypt all responses (e.g., from APIs) that have application/json as their content type.
The encryption uses Laravel's Crypt::encrypt() behind the scenes.
Excluding Routes from Encryption
You can exclude specific routes from being encrypted using one of the following methods:
1. Use withoutMiddleware in Route Definition
use \UsmanAhmed\LaravelResponseEncryption\Http\Middleware\EncryptResponses; Route::get('/api/unencrypted', function () { return response()->json(['status' => 'ok']); })->withoutMiddleware([EncryptResponses::class]);
2. Define Exclusions in Config File
Open config/response-encryption.php and add the paths you want to exclude:
'except' => [ 'api/v1/public/*', 'health', 'ping', 'countries/list', ...(env('APP_ENV') === 'local' ? ['_debugbar/*'] : []), ],
3. Exclude Routes Programmatically in AppServiceProvider
use UsmanAhmed\LaravelResponseEncryption\Facades\ResponseEncryption; public function boot() { ResponseEncryption::excludeRoutes([ 'api/legacy/v' . config('app.api_version'), ]); }
Optional: Client-Side Decryption
The encrypted response is a base64-encoded encrypted string. You can decrypt it on the frontend using the same key and cipher as Laravel (AES-256-CBC).
⚠️ Note: You are responsible for managing and protecting the encryption key on the client side.
Config Options (config/response-encryption.php)
return [ 'enabled' => env('RESPONSE_ENCRYPTION_ENABLED', true), 'content_types' => [ 'application/json', ], 'except' => [ 'api/v1/public/*', 'health', 'ping', 'countries/list', ], ];
You can also disable the whole package by setting in .env:
RESPONSE_ENCRYPTION_ENABLED=false
License
MIT License
Author
UsmanAhmed
GitHub: https://github.com/USmanFathy
Contributing
Pull requests are welcome. Please follow Laravel’s coding standards.
usman-ahmed/laravel-response-encryption 适用场景与选型建议
usman-ahmed/laravel-response-encryption 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 1 次下载、GitHub Stars 达 1, 最近一次更新时间为 2025 年 05 月 10 日, 在 PHP 生态内属于活跃度较高的组件。
我们在过去多个企业项目中使用过 usman-ahmed/laravel-response-encryption 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 usman-ahmed/laravel-response-encryption 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
统计信息
- 总下载量: 1
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 1
- 点击次数: 20
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2025-05-10