Search by 
izica / laravel-env-secure
Secure Laravel .env variables
1.13
2024-04-08 10:48 UTC
Requires
- php: ^7.4|^8.0
README
PRs are welcome
Description
Simple Laravel package with zero dependencies for securing your env values, such as database passwords or API keys, to prevent exposure($_ENV or $_SERVER) due to mistakes
Prerequisites
This package using https://www.php.net/manual/en/ref.openssl.php
Installation
You can install the package via composer:
composer require izica/laravel-env-secure
Publish config(optional)
php artisan vendor:publish --provider="Izica\\EnvSecure\\EnvSecureServiceProvider"
Usage
1. Encrypt env value
php artisan env:secure {env key} {--cli} {--decrypt}
Options:
- --cli - only print result in console don't rewrite .env
- --decrypt - decrypt env value
Example:
php artisan env:secure DB_PASSWORD
Your env file will change from:
DB_PASSWORD=somepassword
to:
DB_PASSWORD=scr::zvzEOZDAE4k/7D/rx
2. Change config to
//config/database.php use \Izica\EnvSecure\EnvSecure; [ //... 'connections' => [ //... 'mysql' => [ //... 'password' => EnvSecure::env('DB_PASSWORD', ''), ] ] ]
Config
//config env-secure.php return [ "prefix" => env('ENV_SECURE_PREFIX', 'scr::'), "algorithm" => env('ENV_SECURE_ALGORITHM', 'AES-128-CTR'), // https://www.php.net/manual/en/function.openssl-get-cipher-methods.php "iv" => env('ENV_SECURE_IV', 1234567891011121), "key" => env('ENV_SECURE_KEY', null), //APP_KEY by default. If you change the key after the values have been secured, you will not be able to decrypt the values in the future. ];
Security recommendations
Set the key directly in the file, like:
//config env-secure.php return [ //... "key" => "kovdj43ksadjl32jlk" ];
Credits
License
The MIT License (MIT). Please see License File for more information.