Database fields encryption in laravel and lumen for mysql databases with native search and anonymize data.

$ composer require ionghitun/laravel-lumen-mysql-encryption

• php >= 8.0

Service provider is automatically loaded for laravel, for lumen you need to add

$app->register(IonGhitun\MysqlEncryption\MysqlEncryptionServiceProvider::class);

to your bootstrap/app.php file.

You need to add ENCRYPTION_KEY to your .env file, has to be 16 chars long.

Each of your Models should extend IonGhitun\MysqlEncryption\Models\BaseModel and for the fields you want to be encrypted you have to do the following:

• in migrations set field to binary

• add $encrypted to your model:

    /** @var array */
    protected $encrypted = [
        'name',
        'email'
    ];
  

You can use Validator on these fields with:

• unique_encrypted

    unique_encrypted:<table>,<field(optional)>
  

• exists_encrypted

    exists_encrypted:<table>,<field(optional)>
  

You cannot use basic where, orWhere, orderBy on encrypted fields so there are 5 predefined scopes that you can use as a replacer:

  - whereEncrypted
  - whereNotEncrypted
  - orWhereEncrypted
  - orWhereNotEncrypted
  - orderByEncrypted

Possibility to anonymize data:

• set $anonymizable variable on your model, the data will be anonymized using https://github.com/fzaninotto/Faker, for all the types available check this package.

Example:

    //without extra parameters needed for randomDigit
    protected $anonymizable = [
        'age' => ['randomDigit']
    ];
    
    //with extra parameters needed for numberBetween
    protected $anonymizable = [
        'age' => ['numberBetween', '18','50']
    ];

• get your model instance and use anonymize method: $user->anonymize();

The method accepts a locale parameter, if you want to use faker with localization, the default locale can be set in .env file: FAKER_LOCALE = 'en_US'

If is not specified by any method above, the default Faker local will be used by default

Note: Model is not automatically saved!

Happy coding!

In order to revert data encrypted with this package you need to remove columns from the $encrypted array, do a foreach through your models and save the $this->aesDecrypt($value) for all the columns that were in $encrypted array, then change the column from binary to something more suitable.

After this you can remove the package and extend the basic laravel model, and so cleanup, remove anything related to this package!