Draft Disclaimer: Please note that this article is currently in draft form and may undergo revisions before final publication. The content, including information, opinions, and recommendations, is subject to change and may not represent the final version. We appreciate your understanding and patience as we work to refine and improve the quality of this article. Your feedback is valuable in shaping the final release.
Language Mismatch Disclaimer: Please be aware that the language of this article may not match the language settings of your browser or device.
Do you want to read articles in English instead ?
Encrypt database field
Password fields are not the only one you need to encrypt in your database.
Builtin feature on laravel
class User extends Model {
protected $casts = [
'passport_number' => 'encrypted'
];
protected $fillables = [
'passport_number'
];
protected $hidden = [
'passport_number'
];
}
And that's it your database won't show clear record of passport numbers.
Wrap up
Gotcha:
- once set, you will need the
APP_KEYto decrypt any value stored. So do not lose track ofAPP_KEYno matter what - not easy to query, sort NB: This is another layer of security, but you should have others in place. Therefore, don't rely on this. Encrypt only what is absolutely necessary.
- Would be irrelevant if you
APP_KEYleaks