Encryptable Eloquent Model Properties

A Laravel 5 package that allows you to store Eloquent model properties encrypted in your database, and automatically decrypts them when you need to access them.

Install

composer require sagalbot/encryptable

Usage

This package is really just a simple trait and property that you can add to your Eloquent models. Usage is simple:

1. Before using Laravel's encrypter, you must set a key option in your config/app.php configuration file.

   artisan key:generate
   

   note: If you already have APP_KEY set in your .env, you should skip this step.

2. Use the Sagalbot\Encryptable\Encryptable trait:

   use \Sagalbot\Encryptable\Encryptable;
   

3. Set the $encryptable array on your Model.

   protected $encryptable = ['my_encrypted_property'];
   

4. That's it! Here's a complete example:

   <?php
   
   namespace App;
   
   use Illuminate\Database\Eloquent\Model;
   use Sagalbot\Encryptable\Encryptable;
   
   class MyEncryptedModel extends Model
   {
   
       use Encryptable;
   
       /**
        * The attributes that should be encrypted when stored.
        *
        * @var array
        */
       protected $encryptable = [ 'my_encrypted_property', 'another_secret' ];
   }
   

Encryption Options

By default, the package uses the global encrypt() and decrypt() Laravel functions, which are just aliases to resolve the Illuminate\Encryption\Encrypter::class out of the container. Laravel's encrypter uses OpenSSL to provide AES-256 and AES-128 encryption, which you can read more about at the Laravel Docs.

If you need to adjust how a specific model encrypts and decrypts its properties, you can override the decryptAttribute and encryptAttribute methods on your model:

/**
 * @param $value
 */
protected function encryptAttribute($value)
{
    //  encrypt the value
}


/**
 * @param $value
 */
protected function decryptAttribute($value)
{
    //  decrypt the value
}

Keep It Secret, Keep It Safe

Don't lose your encryption key - you can't decrypt your stored data without it.