sschlein/obscure

Obscure IDs in requests and URLs of you Laravel 5 app

Maintainers

Details

github.com/sschlein/obscure

Homepage

Source

Issues

Installs: 27

Dependents: 0

Suggesters: 0

Security: 0

Stars: 8

Watchers: 3

Forks: 1

Open Issues: 0

0.1.0 2016-02-11 19:06 UTC

Requires

Requires (Dev)

MIT f37344d31cb782179b460c107f4f5cab45bfbe51

  • Sebastian Schlein <sebastian.schlein.woop@gmail.com>

This package is not auto-updated.

Last update: 2024-04-27 17:31:39 UTC

README

Hide IDs from URLs and forms

Software License Build Status Scrutinizer Code Quality codecov.io StyleCI

Obscure your Laravel 5 applications IDs from URLs and requests. It's based on the popuplar Hashids package

// http://exampleapplication.com/user/ALnLzW

Route::get('/user/{id}', function ($id) {
    return "ID: " . $id; //returns a number
})->middleware('obscure');

Contents

## Installation

In order to add obscure to your project, just add

"sschlein/obscure": "dev-develop"

to your composer.json. Then run composer install or composer update.

Or run composer require sschlein/obscure if you prefer that.

Add the service provider to your app

In your config\app.php file, add the obscure service provider to providers array.

    // ...
    Sschlein\Obscure\ObscureServiceProvider::class,
    // ...

Set a salt hash in your .env file to generate unique hashs.

OBSCURE_SALT=your-unique-phrase

Add the middleware to your Kernel

In your app\Http\Kernel.php file, add the obscure middleware to the $routeMiddleware array.

protected $routeMiddleware = [
    // ...
    'obscure'         => \Sschlein\Obscure\Middleware\Obscure::class,
    // ...
];
## Usage

By default, Obscure looks for routes or request parameters with a parameter named id. To modify this parameter, add it as a middleware parameter like this:

Route::get('/obscure/{user_id}', function ($user_id) {
    return "ID: " . $id; // returns a number
})->middleware('obscure:user_id');

If this parameter is present, it gets decoded to the id and can be used without applications changes.

// http://exampleapplication.com/obscure/ALnLzW
// hashed with salt "salt"

Route::get('/obscure/{id}', function ($id) {
    return "ID: " . $id; // returns a number
})->middleware('obscure');

To generate routes or request parameters, you can use the blade extension. In a blade template, just use

<a href="/users/@obscure(1245)">View User</a>
<input type="hidden" name="id" value="@obscure(1234)">

If you need to obscure the id within a controller, use the facade

public function store(...)
{
	return redirect('users/' . Obscure::encode(1234));
}

That's it.

## Optional Configuration

Obscure uses some defaults that can be configured. To change the default configuration, publish the config.

php artisan vendor:publish

You can now configure the salt hash, the length of the hash and the used alphabet of the hash in the config/obscure.php.

## License

Obscure is free software distributed under the terms of the MIT license.