Data encryption and decryption in Laravel
Dec 12, 2024 am 11:50 AM
This guide explains how to implement encryption and decryption of sensitive data in Laravel models. By performing the following steps, you can protect the data before storing it in the database and decrypt it when retrieving the data.
Prerequisites
- Laravel: Make sure you are using a Laravel project.
- Encryption key: Laravel automatically generates APP_KEY in the .env file. This key is used by Laravel's encryption service.
Step 1: Set up encryption in the model
In the model, we will use Laravel's encrypt() and decrypt() functions to automatically handle the encryption and decryption of the specified fields.
Doctor Model
Create or update a Doctor model using encryption and decryption methods. We will encrypt fields such as first name, last name, email, and mobile phone before saving them to the database.
<?phpnamespace AppModels;use IlluminateDatabaseEloquentModel;use IlluminateSupportFacadesCrypt;class Doctor extends Model{
protected $fillable = [
'first_name', 'last_name', 'email', 'mobile', 'hashed_email', 'password'
];
// Automatically encrypt attributes when setting them
public function setFirstNameAttribute($value)
{
$this->attributes['first_name']?=?encrypt($value);
????}
????public?function?setLastNameAttribute($value)
????{
????????$this->attributes['last_name']?=?encrypt($value);
????}
????public?function?setEmailAttribute($value)
????{
????????$this->attributes['email']?=?encrypt($value);
????}
????public?function?setMobileAttribute($value)
????{
????????$this->attributes['mobile']?=?encrypt($value);
????}
????//?Automatically?decrypt?attributes?when?getting?them
????public?function?getFirstNameAttribute($value)
????{
????????return?decrypt($value);
????}
????public?function?getLastNameAttribute($value)
????{
????????return?decrypt($value);
????}
????public?function?getEmailAttribute($value)
????{
????????return?decrypt($value);
????}
????public?function?getMobileAttribute($value)
????{
????????return?decrypt($value);
????}}
Description
- Setter method: Use set{AttributeName }Attribute() to encrypt the data before storing it in the database.
- Getter method: Use get{AttributeName}Attribute() to decrypt when retrieving data from the database.
Step 2: Controller for data storage and retrieval
In the controller you can handle validation and call the model's Directly encrypt attributes without additional encryption/decryption step.
DoctorController
DoctorController handles registration through validation
Enter the data, encrypt it through the model, and save it in the database.
When doctor data is obtained, it will be automatically decrypted
Sensitive fields.
<?phpnamespace AppHttpControllers;use IlluminateHttpRequest;use AppModelsDoctor;use IlluminateSupportFacadesHash;class DoctorController extends Controller{
public function register(Request $request)
{
// Validate the incoming request
$validatedData = $request->validate([
????????????'first_name'?=>?'required|string|max:255',
????????????'last_name'?=>?'required|string|max:255',
????????????'email'?=>?'required|string|email|max:255|unique:doctors,email',
????????????'mobile'?=>?'required|string|size:10|unique:doctors,mobile',
????????????'password'?=>?'required|string|min:8|confirmed',
????????]);
????????//?Hash?the?email?to?ensure?uniqueness
????????$hashedEmail?=?hash('sha256',?$validatedData['email']);
????????//?Create?a?new?doctor?record?(model?will?handle?encryption)
????????$doctor?=?Doctor::create([
????????????'first_name'?=>?$validatedData['first_name'],
????????????'last_name'?=>?$validatedData['last_name'],
????????????'email'?=>?$validatedData['email'],
????????????'hashed_email'?=>?$hashedEmail,
????????????'mobile'?=>?$validatedData['mobile'],
????????????'password'?=>?Hash::make($validatedData['password']),
????????]);
????????return?response()->json([
????????????'message'?=>?'Doctor?registered?successfully',
????????????'doctor'?=>?$doctor
????????],?201);
????}
????public?function?show($id)
????{
????????//?Fetch?the?doctor?record?(model?will?decrypt?the?data?automatically)
????????$doctor?=?Doctor::findOrFail($id);
????????return?response()->json($doctor);
????}}
Description
- register method: Verify the incoming request, create a new doctor record, and automatically encrypt fields such as first name, last name, email, and mobile phone based on the model's encryption method.
- show method: Retrieve physician records by ID. this Sensitive fields will be automatically decrypted before the model's getter method Return data.
Step 3: Database configuration
Ensure that the doctor table columns for sensitive data are long enough to handle encrypted data (usually TEXT or LONGTEXT).
Example of migration settings:
Schema::create('doctors',?function?(Blueprint?$table)?{
????$table->id();
????$table->text('first_name');
????$table->text('last_name');
????$table->text('email');
????$table->string('hashed_email')->unique();?//?SHA-256?hashed?email
????$table->text('mobile');
????$table->string('password');
????$table->timestamps();});
Note: Since encrypted values ??may be much longer than plain text, text is preferred for encrypted fields.
Step 4: Handle decryption exceptions
To enhance error handling, wrap the decryption logic in a try-catch block in the model getter:
<?phpnamespace AppModels;use IlluminateDatabaseEloquentModel;use IlluminateSupportFacadesCrypt;class Doctor extends Model{
protected $fillable = [
'first_name', 'last_name', 'email', 'mobile', 'hashed_email', 'password'
];
// Automatically encrypt attributes when setting them
public function setFirstNameAttribute($value)
{
$this->attributes['first_name']?=?encrypt($value);
????}
????public?function?setLastNameAttribute($value)
????{
????????$this->attributes['last_name']?=?encrypt($value);
????}
????public?function?setEmailAttribute($value)
????{
????????$this->attributes['email']?=?encrypt($value);
????}
????public?function?setMobileAttribute($value)
????{
????????$this->attributes['mobile']?=?encrypt($value);
????}
????//?Automatically?decrypt?attributes?when?getting?them
????public?function?getFirstNameAttribute($value)
????{
????????return?decrypt($value);
????}
????public?function?getLastNameAttribute($value)
????{
????????return?decrypt($value);
????}
????public?function?getEmailAttribute($value)
????{
????????return?decrypt($value);
????}
????public?function?getMobileAttribute($value)
????{
????????return?decrypt($value);
????}}
Additional Notes
- Environmental Security: Make sure APP_KEY is stored securely in the .env file. This key is essential for encryption/decryption.
- Data Backup: If data integrity is critical, make sure you have a backup mechanism in place, as encrypted data will be unrecoverable without the correct APP_KEY.
Summary
- Model encryption: Use the setter method to encrypt data before storage, and use the getter method to decrypt it during retrieval.
- Controller logic: The controller can handle encrypted fields directly without additional encryption code.
- Database configuration: Use TEXT or LONGTEXT columns as encrypted fields.
- Security Note: Secure your APP_KEY and use exception handling in the getter to handle decryption errors.
The above is the detailed content of Data encryption and decryption in Laravel. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undress AI Tool
Undress images for free
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
What is Impossible Cloud Network (ICNT)? How? A comprehensive introduction to the ICN project that Binance will launch soon
Jul 07, 2025 pm 07:06 PM
Contents 1. What is ICN? 2. ICNT latest updates 3. Comparison and economic model between ICN and other DePIN projects and economic models 4. Conclusion of the next stage of the DePIN track At the end of May, ICN (ImpossibleCloudNetwork) @ICN_Protocol announced that it had received strategic investment in NGPCapital with a valuation of US$470 million. Many people's first reaction was: "Has Xiaomi invested in Web3?" Although this was not Lei Jun's direct move, the one who had bet on Xiaomi, Helium, and WorkFusion
2025 Stablecoin Investment Tutorial How to Choose a Safe Stablecoin Platform
Jul 07, 2025 pm 09:09 PM
How do novice users choose a safe and reliable stablecoin platform? This article recommends the Top 10 stablecoin platforms in 2025, including Binance, OKX, Bybit, Gate.io, HTX, KuCoin, MEXC, Bitget, CoinEx and ProBit, and compares and analyzes them from dimensions such as security, stablecoin types, liquidity, user experience, fee structure and additional functions. The data comes from CoinGecko, DefiLlama and community evaluation. It is recommended that novices choose platforms that are highly compliant, easy to operate and support Chinese, such as KuCoin and CoinEx, and gradually build confidence through a small number of tests.
How to avoid risks in the turmoil in the currency circle? The TOP3 stablecoin list is revealed
Jul 08, 2025 pm 07:27 PM
Against the backdrop of violent fluctuations in the cryptocurrency market, investors' demand for asset preservation is becoming increasingly prominent. This article aims to answer how to effectively hedge risks in the turbulent currency circle. It will introduce in detail the concept of stablecoin, a core hedge tool, and provide a list of TOP3 stablecoins by analyzing the current highly recognized options in the market. The article will explain how to select and use these stablecoins according to their own needs, so as to better manage risks in an uncertain market environment.
Global stablecoin market value PK! Who is the gold substitute in the bear market
Jul 08, 2025 pm 07:24 PM
This article will discuss the world's mainstream stablecoins and analyze which stablecoins have the risk aversion attribute of "gold substitute" in the market downward cycle (bear market). We will explain how to judge and choose a relatively stable value storage tool in a bear market by comparing the market value, endorsement mechanism, transparency, and comprehensively combining common views on the Internet, and explain this analysis process.
The popularity of the currency circle has returned, why do smart people have begun to quietly increase their positions? Look at the trend from the on-chain data and grasp the next round of wealth password!
Jul 09, 2025 pm 08:30 PM
As the market conditions pick up, more and more smart investors have begun to quietly increase their positions in the currency circle. Many people are wondering what makes them take decisively when most people wait and see? This article will analyze current trends through on-chain data to help readers understand the logic of smart funds, so as to better grasp the next round of potential wealth growth opportunities.
Virtual Currency Stable Coins Ranking Which is the 'safe haven' in the currency circle
Jul 08, 2025 pm 07:30 PM
This article will introduce several mainstream stablecoins and explain in depth how to evaluate the security of a stablecoin from multiple dimensions such as transparency and compliance, so as to help you understand which stablecoins are generally considered relatively reliable choices in the market, and learn how to judge their "hazard-haven" attributes on your own.
Review of the most complete historical price of Ethereum ETH 2010-2025 (the latest version in 2025)
Jul 07, 2025 pm 09:00 PM
Ethereum price has gone through several critical stages, from $0.70 in 2015 to $3,050 in 2025. 1) From 2015 to 2016, ETH rose from $0.70 to $20.64 in mid-2016; 2) from 2017 to 2018, driven by the ICO boom, reached $1,417 in early 2018, and then fell to $80 due to regulatory concerns; 3) from 2019 to 2020, and rose to $737 under DeFi; 4) from 2021, hit a new high of $4,864, and then fell to $1,200-2,000 due to PoS transformation; 5) from 2023 to 2024 to about $3,000
Bitcoin breaks new highs, Dogecoin rebounds strongly, will Ethereum keep up with the pace
Jul 09, 2025 pm 08:24 PM
Recently, Bitcoin hit a new high, Dogecoin ushered in a strong rebound and the market was hot. Next, we will analyze the market drivers and technical aspects to determine whether Ethereum still has opportunities to follow the rise.
