Easily anonymize sensitive data through eloquent queries

Related tags

Security api php laravel eloquent encryption encryptable
Overview

Social Card of Laravel Encryptable

Laravel Encryptable

Latest Version on Packagist GitHub Tests Action Status GitHub Code Style Action Status Total Downloads

This package allows you to anonymize sensitive data (like the name, surname and email address of a user) similarly to Laravel's Encryption feature, but still have the ability to make direct queries to the database. An example use case could be the need to make search queries through anonymized attributes.

This package currently supports MySQL and PostgreSQL databases.

Installation

You can install the package via composer:

composer require maize-tech/laravel-encryptable

You can publish the config file with:

php artisan vendor:publish --provider="Maize\Encryptable\EncryptableServiceProvider" --tag="encryptable-config"

This is the content of the published config file:

return [
    /*
    |--------------------------------------------------------------------------
    | Encryption key
    |--------------------------------------------------------------------------
    |
    | The key used to encrypt data.
    | Once defined, never change it or encrypted data cannot be correctly decrypted.
    |
    */

    'key' => env('ENCRYPTION_KEY'),

    /*
    |--------------------------------------------------------------------------
    | Encryption cipher
    |--------------------------------------------------------------------------
    |
    | The cipher used to encrypt data.
    | Once defined, never change it or encrypted data cannot be correctly decrypted.
    | Default value is the cipher algorithm used by default in MySQL.
    |
    */

    'cipher' => env('ENCRYPTION_CIPHER', 'aes-128-ecb'),
];

Usage

Basic

To use the package, just add the Encryptable cast to all model attributes you want to anonymize.

<?php

namespace App\Models;

use Maize\Encryptable\Encryptable;
use Illuminate\Database\Eloquent\Model;

class User extends Model
{
    protected $fillable = [
        'name',
        'email',
    ];

    protected $casts = [
        'name' => Encryptable::class,
        'email' => Encryptable::class,
    ];
}

Once done, all values will be encrypted before being stored in the database, and decrypted when querying them via Eloquent.

Manually encrypt via PHP

use Maize\Encryptable\Encryption;

$value = "your-decrypted-value";

$encrypted = Encryption::php()->encrypt($value); // returns the encrypted value

Manually decrypt via PHP

use Maize\Encryptable\Encryption;

$encrypted = "your-encrypted-value";

$value = Encryption::php()->decrypt($value); // returns the decrypted value

Manually decrypt via DB

use Maize\Encryptable\Encryption;

$encrypted = "your-encrypted-value";

$encryptedQuery = Encryption::db()->encrypt($value); // returns the query used to find the decrypted value

Custom validation rules

You can use one of the two custom rules to check the uniqueness or existence of a given encryptable value.

ExistsEncrypted is an extension of Laravel's Exists rule, whereas UniqueEncrypted is an extension of Laravel's Unique rule. You can use them in the same way as Laravel's base rules:

use Maize\Encryptable\Rules\ExistsEncrypted;
use Illuminate\Support\Facades\Validator;

$data = [
    'email' => '[email protected]',
];

Validator::make($data, [
    'email' => [
        'required',
        'string',
        'email',
        new ExistsEncrypted('users'), // checks whether the given email exists in the database
    ],
]);
use Maize\Encryptable\Rules\UniqueEncrypted;
use Illuminate\Support\Facades\Validator;

$data = [
    'email' => '[email protected]',
];

Validator::make($data, [
    'email' => [
        'required',
        'string',
        'email',
        new UniqueEncrypted('users'), // checks whether the given email does not already exist in the database
    ],
]);

Testing

composer test

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

License

The MIT License (MIT). Please see License File for more information.

Comments
Releases(3.1.0)
Owner
H-FARM Innovation
H-FARM Innovation
GitHub
A simple php (lumen) app for sharing sensitive text (basically like onetimesecret), but with full end-to-end AES-256-GCM encryption so even the server has no access to the data, and developed with very simple deployment in mind.

A simple php (lumen) app for sharing sensitive text (basically like onetimesecret), but with full end-to-end AES-256-GCM encryption so even the server has no access to the data, and developed with very simple deployment in mind.

Alan Woo 51 Nov 21, 2022
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

Cossack Labs 1.6k Jan 6, 2023
A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES.

Current version: 1.3.5 PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted a

null 4.6k Jan 7, 2023
Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the actual authorization logic from so called user providers that hold the users credentials. It is inspired by the Java Spring framework.

Security Component - Core Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the

Symfony 1.6k Jan 1, 2023
Quickly and easily secure HTML text.

Larasane Quickly sanitize text into safe-HTML using fluid methods. Requirements PHP 7.4, 8.0 or later. Laravel 7.x, 8.x or later. Installation Just fi

Italo 40 Jul 20, 2021
Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the actual authorization logic from so called user providers that hold the users credentials.

Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the actual authorization logic from so called user providers that hold the users credentials. It is inspired by the Java Spring framework.

Symfony 1.5k Dec 28, 2022
php-chmod is a PHP library for easily changing permissions recursively.

PHP chmod php-chmod is a PHP library for easily changing the permissions recursively. Versions & Dependencies Version PHP Documentation ^1.1 ^7.4 curr

Mathias Reker ⚡️ 5 Oct 7, 2022
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication.

Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann developed PGP in 1991.

[sCRiPTz-TEAM] 3 Dec 31, 2021
HTML/PHP/CSS website that tracks two API data

Detailed instructions on how to build and run Step 1: download XAMPP for a live web server XAMPP download 1 XAMP download 2 Step 2: Download all files

Winsor Tse 0 Jun 2, 2022
Obfuscate your data by generating reversible, non-sequential, URL-safe identifiers.

Laravel Hashid Laravel Hashid provides a unified API across various drivers such as Base62, Base64, Hashids and Optimus, with support for multiple con

Elf Sundae 390 Nov 16, 2022
Automatic Encrypt and Decrypt your database data. Tested and used on Laravel 8

Laravel Encrypt Database Automatic Encrypt and Decrypt your database data. Tested and used on Laravel 8. I'm yet building the tests. Important Note th

Wellington Barbosa 2 Dec 15, 2021
Run locally to export crypto tx data from crypto exchanges using their api connections, and process into a normalised format.

CryptoCredible The missing crypto-exchange data exporter tldr: run locally to export your crypto tx data from popular exchanges via api connections. E

Lee Overy 6 Apr 6, 2022
SЁCU is a public API to store self-destructing data payloads with url shortener and handle anonymous chat-rooms.

SЁCU Introduction SЁCU is a public API to store self-destructing data payloads. This repository includes only backend part using Laravel framework. Fr

SЁCU 27 Nov 21, 2022
🔒 Password Exposed Helper Function - Check if a password has been exposed in a data breach.

?? Password Exposed Helper Function This PHP package provides a password_exposed helper function, that uses the haveibeenpwned.com API to check if a p

Jordan Hall 212 Oct 24, 2022
Laravel package to search through multiple Eloquent models. Supports sorting, pagination, scoped queries, eager load relationships and searching through single or multiple columns.

Laravel Cross Eloquent Search This Laravel package allows you to search through multiple Eloquent models. It supports sorting, pagination, scoped quer

Protone Media 844 Dec 25, 2022
Easily exclude model entities from eloquent queries

Laravel Excludable Easily exclude model entities from eloquent queries. This package allows you to define a subset of model entities who should be exc

H-FARM 49 Jan 4, 2023
Easily build Eloquent queries from API requests

Build Eloquent queries from API requests This package allows you to filter, sort and include eloquent relations based on a request. The QueryBuilder u

Spatie 3.5k Jan 7, 2023
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

About SecLists SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected i

Daniel Miessler 44.1k Jan 7, 2023
A simple php (lumen) app for sharing sensitive text (basically like onetimesecret), but with full end-to-end AES-256-GCM encryption so even the server has no access to the data, and developed with very simple deployment in mind.

A simple php (lumen) app for sharing sensitive text (basically like onetimesecret), but with full end-to-end AES-256-GCM encryption so even the server has no access to the data, and developed with very simple deployment in mind.

Alan Woo 51 Nov 21, 2022
Easily validate data attributes through a remote request

Laravel Remote Rule Easily validate data attributes through a remote request. This package allows you to define a subset of custom rules to validate a

H-FARM Innovation 27 Nov 20, 2022