in Laravel. How to encrypt email address in user table

Question

I want to encrypt email addresses in a user table to protect personal information. I try this way: app¥Encryptable.php

<?php
namespace App;
use Crypt;
trait Encryptable{
    public function getAttribute($key){
        $value = parent::getAttribute($key);
        if (in_array($key, $this->encryptable)) {$value = Crypt::decrypt($value);return $value;}
        return $value;
    }
    public function setAttribute($key, $value){
        if (in_array($key, $this->encryptable)) {$value = Crypt::encrypt($value);}
        return parent::setAttribute($key, $value);
    }
}

app\\User.php

<?php
namespace App;
use Illuminate\Contracts\Auth\MustVerifyEmail as MustVerifyEmailContract;
use Illuminate\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use App\Encryptable;
class User extends Authenticatable implements MustVerifyEmailContract{
    use MustVerifyEmail, Notifiable;
    use Encryptable;
    protected $fillable = ['name', 'email', 'password',];
    protected $hidden = ['password', 'remember_token',];
    protected $casts = [email_verified_at' => 'datetime',];
    public $encryptable = [email',];
}

I can encrypt the email address. But I can't log in and reset the password. User can make many accounts in the same email address. It is a very bad bag.

Help ME!!

Answer 1

I assume you are using php artisan make:auth and the default controllers. So you will need to override some of the default methods to ensure that the email address is encrypted before Laravel attempts to use it for authentication, registration, or password resets.

To Login with an encrypted email add the following to your app\\Http\\Controllers\\Auth\\LoginController.php

/**
 * Validate the user login request.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return void
 *
 * @throws \Illuminate\Validation\ValidationException
 */
protected function validateLogin(Request $request)
{
    $request->validate([
        $this->username() => 'required|string',
        'password' => 'required|string',
    ]);
    $request->input('email, Crypt::encrypt($request->email);
}

To Register with an email that will be encrypted the following to your app\\Http\\Controllers\\Auth\\RegisterController.php

/**
 * Handle a registration request for the application.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return \Illuminate\Http\Response
 */
public function register(Request $request)
{
    $request->merge([
        'email' => Crypt::encrypt($request->email),
        'raw_email' => $request->email,
    ]);

    parent::register($request);
}

// And change the validator method to this

protected function validator(array $data)
{
    return Validator::make($data, [
        'name' => ['required', 'string', 'max:255'],
        'email' => ['required', 'string', 'max:255', 'unique:users'], // remove the email validation as this field be encrypted before validation
        'raw_email' => ['required', 'string', 'email'], // the email still needs to be a valid email
        'password' => ['required', 'string', 'min:8', 'confirmed'],
    ],
    [
        'raw_email.required' => 'We need to know your e-mail address!',
        'raw_email.string' => 'We need to know your e-mail address!',
        'raw_email.email' => 'Please enter a valid e-mail address!',
    ]);
}

Finally, to handle Reset Passwords you will want to add the following to your app\\Http\\Controllers\\Auth\\ForgotPasswordController.php

/**
 * Validate the email for the given request.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return void
 */
protected function validateEmail(Request $request)
{
    $request->validate(['email' => 'required|email']);
    $request->input('email', Crypt::encrypt($request->email));
}

I have not tested any of this code, but this should put you well ahead.