Basic Understanding of Laravel Encryption
In this article, we will discuss Laravel Encryption in brief. Laravel provides an easy and simple way to work with Encryption. Laravel built-in encrypters use OpenSSL to provide two type of encryptions AES-256 and AES-128.
I’m recommending you to use Laravel built-in encryption. You don’t need to invest time to make your own encryption algorithms.
Table of Contents
Prerequisites
We have to set a key option in our config/app.php file. But it’s not a good idea to set this key manually. You can use the artisan command to generate this key.
php artisan key:generate
Above mention, artisan command uses the PHP secure random bytes generator to create a key. After executing the command, this will update our “.env” file. If the key value is not properly set, then encrypted values by Laravel will be insecure.
Using the Encryption
I’m creating an example to show you, how to encrypt an integer value. After that, how to decrypt the encrypted value.
Encryption
Let’s start with creating a controller using the following artisan command.
php artisan make:controller EncryptController
In the newly created controller, we make a function to show you how to encrypt function work.
<?php namespace App\Http\Controllers; use Illuminate\Http\Request; class EncryptController extends Controller { public function showSecret(Request $request) { $random = encrypt(50); return view('test',compact('random')); } }
Now time to make a view, where we print this encrypted value.
@extends('layouts.app') @section('content') <div class="container"> <div class="row justify-content-center"> <div class="col-md-8"> <div class="card"> <div class="card-header">Dashboard</div> <div class="card-body"> <p><b>Encrypted String:</b> {{ $random }}</p> </div> </div> </div> </div> </div> @endsection
Here’s the working result.
Decryption
You can use decrypt() function to decrypting an encrypted value. If MAC is invalid then the value cannot be decrypted properly. It will be thrown an “Illuminate\Contracts\Encryption\DecryptException” exception.
use Illuminate\Contracts\Encryption\DecryptException; try { $encryptedValue = "eyJpdiI6IjU1WDUrZkNEU2xqNWJsUXg2NE5oclE9PSIsInZhbHVlIjoiY3VQWFBudjVBYUg3ekZYZVhLUVl4Zz09IiwibWFjIjoiNTQ5NGM5YzE0NzkwNGRiMzA4NjZiNmU5MDdkZGQ1NGFjNGRlODkyNWYzOTE2YjA1MjY1N2JhMWUxODZiZDk2MSJ9"; $decrypted = decrypt($encryptedValue); } catch (DecryptException $e) { // }
Encrypting Without Serialization
All the encrypted values are passed through serializing during encryption, which allows for encryption of objects and arrays. Non PHP clients will need to unserialize the date when receiving encrypted values.
If we need to encrypt and decrypt values without serialization then we use the “encryptString” and “decryptString” methods of the “Crypt” facade.
use Illuminate\Support\Facades\Crypt; // Encryptions $encrypted = Crypt::encryptString('Hello world.'); // Decryption $decrypted = Crypt::decryptString($encrypted);
Conclusion
In this article, we will discuss Laravel Encryption. I’m trying to explain you, how you can use Laravel Encryption in your Laravel application. You can also check the official documentation of Laravel Encryption. Please feel free to add the comment if any query.
If you like our content, please consider buying us a coffee.
Thank you for your support!
Buy Me a Coffee
good post.