Data encryption and decryption in Laravel
Dec 12, 2024 am 11:50 AM
This guide explains how to implement encryption and decryption of sensitive data in Laravel models. By performing the following steps, you can protect the data before storing it in the database and decrypt it when retrieving the data.
Prerequisites
- Laravel: Make sure you are using a Laravel project.
- Encryption key: Laravel automatically generates APP_KEY in the .env file. This key is used by Laravel's encryption service.
Step 1: Set up encryption in the model
In the model, we will use Laravel's encrypt() and decrypt() functions to automatically handle the encryption and decryption of the specified fields.
Doctor Model
Create or update a Doctor model using encryption and decryption methods. We will encrypt fields such as first name, last name, email, and mobile phone before saving them to the database.
<?phpnamespace AppModels;use IlluminateDatabaseEloquentModel;use IlluminateSupportFacadesCrypt;class Doctor extends Model{
protected $fillable = [
'first_name', 'last_name', 'email', 'mobile', 'hashed_email', 'password'
];
// Automatically encrypt attributes when setting them
public function setFirstNameAttribute($value)
{
$this->attributes['first_name']?=?encrypt($value);
????}
????public?function?setLastNameAttribute($value)
????{
????????$this->attributes['last_name']?=?encrypt($value);
????}
????public?function?setEmailAttribute($value)
????{
????????$this->attributes['email']?=?encrypt($value);
????}
????public?function?setMobileAttribute($value)
????{
????????$this->attributes['mobile']?=?encrypt($value);
????}
????//?Automatically?decrypt?attributes?when?getting?them
????public?function?getFirstNameAttribute($value)
????{
????????return?decrypt($value);
????}
????public?function?getLastNameAttribute($value)
????{
????????return?decrypt($value);
????}
????public?function?getEmailAttribute($value)
????{
????????return?decrypt($value);
????}
????public?function?getMobileAttribute($value)
????{
????????return?decrypt($value);
????}}
Description
- Setter method: Use set{AttributeName }Attribute() to encrypt the data before storing it in the database.
- Getter method: Use get{AttributeName}Attribute() to decrypt when retrieving data from the database.
Step 2: Controller for data storage and retrieval
In the controller you can handle validation and call the model's Directly encrypt attributes without additional encryption/decryption step.
DoctorController
DoctorController handles registration through validation
Enter the data, encrypt it through the model, and save it in the database.
When doctor data is obtained, it will be automatically decrypted
Sensitive fields.
<?phpnamespace AppHttpControllers;use IlluminateHttpRequest;use AppModelsDoctor;use IlluminateSupportFacadesHash;class DoctorController extends Controller{
public function register(Request $request)
{
// Validate the incoming request
$validatedData = $request->validate([
????????????'first_name'?=>?'required|string|max:255',
????????????'last_name'?=>?'required|string|max:255',
????????????'email'?=>?'required|string|email|max:255|unique:doctors,email',
????????????'mobile'?=>?'required|string|size:10|unique:doctors,mobile',
????????????'password'?=>?'required|string|min:8|confirmed',
????????]);
????????//?Hash?the?email?to?ensure?uniqueness
????????$hashedEmail?=?hash('sha256',?$validatedData['email']);
????????//?Create?a?new?doctor?record?(model?will?handle?encryption)
????????$doctor?=?Doctor::create([
????????????'first_name'?=>?$validatedData['first_name'],
????????????'last_name'?=>?$validatedData['last_name'],
????????????'email'?=>?$validatedData['email'],
????????????'hashed_email'?=>?$hashedEmail,
????????????'mobile'?=>?$validatedData['mobile'],
????????????'password'?=>?Hash::make($validatedData['password']),
????????]);
????????return?response()->json([
????????????'message'?=>?'Doctor?registered?successfully',
????????????'doctor'?=>?$doctor
????????],?201);
????}
????public?function?show($id)
????{
????????//?Fetch?the?doctor?record?(model?will?decrypt?the?data?automatically)
????????$doctor?=?Doctor::findOrFail($id);
????????return?response()->json($doctor);
????}}
Description
- register method: Verify the incoming request, create a new doctor record, and automatically encrypt fields such as first name, last name, email, and mobile phone based on the model's encryption method.
- show method: Retrieve physician records by ID. this Sensitive fields will be automatically decrypted before the model's getter method Return data.
Step 3: Database configuration
Ensure that the doctor table columns for sensitive data are long enough to handle encrypted data (usually TEXT or LONGTEXT).
Example of migration settings:
Schema::create('doctors',?function?(Blueprint?$table)?{
????$table->id();
????$table->text('first_name');
????$table->text('last_name');
????$table->text('email');
????$table->string('hashed_email')->unique();?//?SHA-256?hashed?email
????$table->text('mobile');
????$table->string('password');
????$table->timestamps();});
Note: Since encrypted values ??may be much longer than plain text, text is preferred for encrypted fields.
Step 4: Handle decryption exceptions
To enhance error handling, wrap the decryption logic in a try-catch block in the model getter:
<?phpnamespace AppModels;use IlluminateDatabaseEloquentModel;use IlluminateSupportFacadesCrypt;class Doctor extends Model{
protected $fillable = [
'first_name', 'last_name', 'email', 'mobile', 'hashed_email', 'password'
];
// Automatically encrypt attributes when setting them
public function setFirstNameAttribute($value)
{
$this->attributes['first_name']?=?encrypt($value);
????}
????public?function?setLastNameAttribute($value)
????{
????????$this->attributes['last_name']?=?encrypt($value);
????}
????public?function?setEmailAttribute($value)
????{
????????$this->attributes['email']?=?encrypt($value);
????}
????public?function?setMobileAttribute($value)
????{
????????$this->attributes['mobile']?=?encrypt($value);
????}
????//?Automatically?decrypt?attributes?when?getting?them
????public?function?getFirstNameAttribute($value)
????{
????????return?decrypt($value);
????}
????public?function?getLastNameAttribute($value)
????{
????????return?decrypt($value);
????}
????public?function?getEmailAttribute($value)
????{
????????return?decrypt($value);
????}
????public?function?getMobileAttribute($value)
????{
????????return?decrypt($value);
????}}
Additional Notes
- Environmental Security: Make sure APP_KEY is stored securely in the .env file. This key is essential for encryption/decryption.
- Data Backup: If data integrity is critical, make sure you have a backup mechanism in place, as encrypted data will be unrecoverable without the correct APP_KEY.
Summary
- Model encryption: Use the setter method to encrypt data before storage, and use the getter method to decrypt it during retrieval.
- Controller logic: The controller can handle encrypted fields directly without additional encryption code.
- Database configuration: Use TEXT or LONGTEXT columns as encrypted fields.
- Security Note: Secure your APP_KEY and use exception handling in the getter to handle decryption errors.
The above is the detailed content of Data encryption and decryption in Laravel. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undress AI Tool
Undress images for free
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
High return expectations for cryptocurrency tokens in July 2025: hype or reality?
Jul 04, 2025 pm 08:42 PM
As July 2025 approaches, the crypto market is hotly discussing which tokens may bring high returns. Are names like Pi, PEPE and FloppyPepe really worth the risky investment? Potential cryptocurrencies worth paying attention to in July 2025: virtual fire or real gold? As mid-2025, the heat of discussions on high-yield crypto assets continues to heat up. Bitcoin trends and "altcoin season" expectations have attracted investors' attention. Do tokens like PiNetwork, PEPE and FloppyPepe have the potential to bring considerable investment returns? Let's analyze its prospects one by one. Altcoin Market: Can July get what it wants? Against the backdrop of Bitcoin’s expected record of historical highs, the “altcoin season” seems to be brewing. Back
Binance's 25th issue of HODLer airdrop is coming, 125 million SAHARA is waiting for you to divide it up
Jul 04, 2025 pm 06:06 PM
In today's era of rapid development of technology, the integration of artificial intelligence and blockchain is gradually becoming a new trend. The Sahara AI (SAHARA) project came into being, and it is committed to creating the first full-stack AI native blockchain platform, making the future of artificial intelligence more accessible, fair and just, and open to everyone.
What is Impossible Cloud Network (ICNT)? How? A comprehensive introduction to the ICN project that Binance will launch soon
Jul 07, 2025 pm 07:06 PM
Contents 1. What is ICN? 2. ICNT latest updates 3. Comparison and economic model between ICN and other DePIN projects and economic models 4. Conclusion of the next stage of the DePIN track At the end of May, ICN (ImpossibleCloudNetwork) @ICN_Protocol announced that it had received strategic investment in NGPCapital with a valuation of US$470 million. Many people's first reaction was: "Has Xiaomi invested in Web3?" Although this was not Lei Jun's direct move, the one who had bet on Xiaomi, Helium, and WorkFusion
Elon Musk, Sam Altman and Robinhood: A tug-of-war of tokenization?
Jul 04, 2025 pm 08:30 PM
Robinhood launched OpenAI and SpaceX tokenized stocks caused controversy, with Elon Musk and Sam Altman fighting each other over the nature of the so-called "fake equity". Recently, the intersection of Elon Musk, Sam Altman and Robinhood has become the focus of public attention, all of which stems from tokenized equity. Robinhood's launch of tokenized stocks in private companies such as OpenAI and SpaceX to European users has sparked heated debate and accompanied by clarification and criticism from all parties. Robinhood's tokenized equity: A bold attempt? Robin, led by CEO Vlad Tenev
Remittix, Monero and Cryptocurrency - The Evolution of Fiatcoin: Why has it caused heated discussion?
Jul 04, 2025 pm 09:33 PM
Explore Remittix (RTX), Monero (XMR) and Crypto-Fiat Trends: How these projects shape the future of cryptocurrencies through practicality and community orientation. Remittix, Monero and Cryptocurrency Evolution: What is the hottest speculation? The crypto market is always in a dynamic change, and new and old projects are competing for investors' attention. Currently, Remittix (RTX), Monero (XMR) and crypto-fiat currency directions are becoming the focus of discussion. Let’s find out what driving forces are behind this wave of popularity? Remittix: The emerging token with emerging potential is gradually gaining market attention, and its development trajectory has been compared to the early stages of Bitcoin and Ethereum by some people. "CryptoR
Bitcoin, Cryptocurrency, Buy Now: Decode the Latest Trends and Hidden Treasures
Jul 04, 2025 pm 09:42 PM
Is Bitcoin the best cryptocurrency investment option now? Explore Bitcoin’s soar, rising altcoins and top P2E games. Bitcoin, Cryptocurrency, Buy Now: Interpreting the latest trends and hidden opportunities Bitcoin has been active recently, and the entire cryptocurrency market is hotly discussed. Is this the best time to buy? Let's dive into the latest trends and reveal potential investment opportunities in this ever-changing market. Bitcoin is rising strongly: breaking through $109,000 – What is the future trend? Bitcoin has recently successfully broken through the $109,000 mark, a rally affected by positive news from BlackRock ETF, improved global situation and depreciation of the dollar. This breakthrough once again inspired people to set a new high for it
2025 Stablecoin Investment Tutorial How to Choose a Safe Stablecoin Platform
Jul 07, 2025 pm 09:09 PM
How do novice users choose a safe and reliable stablecoin platform? This article recommends the Top 10 stablecoin platforms in 2025, including Binance, OKX, Bybit, Gate.io, HTX, KuCoin, MEXC, Bitget, CoinEx and ProBit, and compares and analyzes them from dimensions such as security, stablecoin types, liquidity, user experience, fee structure and additional functions. The data comes from CoinGecko, DefiLlama and community evaluation. It is recommended that novices choose platforms that are highly compliant, easy to operate and support Chinese, such as KuCoin and CoinEx, and gradually build confidence through a small number of tests.
Sending different types of notifications with Laravel
Jul 06, 2025 am 12:52 AM
Laravelprovidesacleanandflexiblewaytosendnotificationsviamultiplechannelslikeemail,SMS,in-appalerts,andpushnotifications.Youdefinenotificationchannelsinthevia()methodofanotificationclass,andimplementspecificmethodsliketoMail(),toDatabase(),ortoVonage
