I want to encrypt email addresses in a user table to protect personal information. I try this way: app¥Encryptable.php
<?php
namespace App;
use Crypt;
trait Encryptable{
public function getAttribute($key){
$value = parent::getAttribute($key);
if (in_array($key, $this->encryptable)) {$value = Crypt::decrypt($value);return $value;}
return $value;
}
public function setAttribute($key, $value){
if (in_array($key, $this->encryptable)) {$value = Crypt::encrypt($value);}
return parent::setAttribute($key, $value);
}
}
app\\User.php
<?php
namespace App;
use Illuminate\Contracts\Auth\MustVerifyEmail as MustVerifyEmailContract;
use Illuminate\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use App\Encryptable;
class User extends Authenticatable implements MustVerifyEmailContract{
use MustVerifyEmail, Notifiable;
use Encryptable;
protected $fillable = ['name', 'email', 'password',];
protected $hidden = ['password', 'remember_token',];
protected $casts = [email_verified_at' => 'datetime',];
public $encryptable = [email',];
}
I can encrypt the email address. But I can't log in and reset the password. User can make many accounts in the same email address. It is a very bad bag.
Help ME!!
I assume you are using php artisan make:auth
and the default controllers. So you will need to override some of the default methods to ensure that the email address is encrypted before Laravel attempts to use it for authentication, registration, or password resets.
To Login
with an encrypted email add the following to your app\\Http\\Controllers\\Auth\\LoginController.php
/**
* Validate the user login request.
*
* @param \Illuminate\Http\Request $request
* @return void
*
* @throws \Illuminate\Validation\ValidationException
*/
protected function validateLogin(Request $request)
{
$request->validate([
$this->username() => 'required|string',
'password' => 'required|string',
]);
$request->input('email, Crypt::encrypt($request->email);
}
To Register
with an email that will be encrypted the following to your app\\Http\\Controllers\\Auth\\RegisterController.php
/**
* Handle a registration request for the application.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function register(Request $request)
{
$request->merge([
'email' => Crypt::encrypt($request->email),
'raw_email' => $request->email,
]);
parent::register($request);
}
// And change the validator method to this
protected function validator(array $data)
{
return Validator::make($data, [
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'max:255', 'unique:users'], // remove the email validation as this field be encrypted before validation
'raw_email' => ['required', 'string', 'email'], // the email still needs to be a valid email
'password' => ['required', 'string', 'min:8', 'confirmed'],
],
[
'raw_email.required' => 'We need to know your e-mail address!',
'raw_email.string' => 'We need to know your e-mail address!',
'raw_email.email' => 'Please enter a valid e-mail address!',
]);
}
Finally, to handle Reset Passwords
you will want to add the following to your app\\Http\\Controllers\\Auth\\ForgotPasswordController.php
/**
* Validate the email for the given request.
*
* @param \Illuminate\Http\Request $request
* @return void
*/
protected function validateEmail(Request $request)
{
$request->validate(['email' => 'required|email']);
$request->input('email', Crypt::encrypt($request->email));
}
I have not tested any of this code, but this should put you well ahead.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.