evo-mark/laravel-id-obfuscator

Obfuscate your IDs when sending them to the frontend

Maintainers

Details

github.com/evo-mark/laravel-id-obfuscator

Homepage

Source

Issues

Installs: 500

Dependents: 0

Suggesters: 0

Security: 0

Stars: 2

Watchers: 2

Forks: 0

Open Issues: 0

1.2.0 2024-03-21 00:07 UTC

Requires

Requires (Dev)

MIT dd41b07fb7ac873c72b9b4b93bc8e3ff319b9b97

  • Craig Riley <c.riley.woop@evomark.co.uk>

This package is auto-updated.

Last update: 2024-04-21 00:17:52 UTC

README

evoMark company logo

Build status Total Downloads Licence


Laravel ID Obfuscator

Laravel 10 Compatible

Warning: This package only obfuscates IDs and should not be used if secure encryption of identifiers is required

Installation

composer require evo-mark/laravel-id-obfuscator

Models

Usage

use EvoMark\LaravelIdObfuscator\Traits\Obfuscatable;

class User extends Authenticatable
{
    use Obfuscatable;
}

Using the Obfuscatable trait provides automatic route model binding with decoding and then automatic encoding when the primary key is sent to the frontend

Route::get('/users/{user}', [SomeController::class, 'index']);

// SomeController

public function index(User $user)
{
    // $user will now have the decoded ID ready for internal use

    // If you need to access the obfuscated ID internally, you can use
    $obfuscatedId = $user->obfuscatedId;
}

Obfuscatable models will also feature automatic decoding when using the model's find-style functions: e.g. find, findOrFail, findMany, findOrNew, findOr

// SomeController

/**
 * @param string $id The obfuscated order ID
 */
public function index($id)
{
    $order = Order::find($id);
}

Validation

Laravel ID Obfuscator comes with a built-in rule extension for validating incoming obfuscated ids, simply:

public function store($request)
{
    $validated = $request->validate([
        'id' => ['required','id_exists:users']
    ]);
}

Facade

You can access the encoding and decoding features anytime via the provided facade.

use EvoMark\LaravelIdObfuscator\Facades\Obfuscate;

$encoded = Obfuscate::encode(5);
$decoded = Obfuscate::decode($encoded);

Config

You can publish the package config by running the following Artisan command:

php artisan v:p --provider="EvoMark\LaravelIdObfuscator\Provider"
Setting Type Default Description
seed string laravel-id-obfuscator A seed string for the encoder
length int 8 The amount of chars to pad the output to
alphabet string [a-zA-Z0-9] (as string) The alphabet to use when encoding IDs

Limitations

  • Laravel ID Obfuscator can only be used on incrementing primary keys