Download the PHP package davide7h/encoded-ids without Composer
On this page you can find all versions of the php package davide7h/encoded-ids. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download davide7h/encoded-ids
More information about davide7h/encoded-ids
Files in davide7h/encoded-ids
Package encoded-ids
Short Description An easy way to mask your IDs when exposing them in routes, APIs or other scenarios when you don't want the user to see the actual ID of your database records
License MIT
Informations about the package encoded-ids
ID Masking for your Eloquent Models
Documentation, Installation, and Usage Instructions
What It Does
This package allows you to use a convenient Trait to instantly enable all your Eloquent Models with encoded ids for you to use in routes and api endpoints without exposing to your users the real IDs for your database records.
Requirements
This package is under active development, therefore its requirements may be subject to change. At the moment it's been successfully tested on:
- Laravel ^8.x | ^9.x | ^10.x
- PHP >= 8.1
Important Security Notes
This package requires Sqids package for hashing the numeric IDs. It will be automatically installed.
It's important to reiterate what the authors of the Sqids package clearly state on their website: this is not an encryption library, and the generated IDs can still be deciphered if an attacker were to find out what alphabet was used to generate it. It only serves a cosmetic purpose, rendering IDs less obvious and more hard to guess, but not cryptographically encrypted.
Do not use it to hide sensitive information!
Installation
Just run
This will download and extract the package and its dependencies (Sqids). The auto-discovery feature will automatically register the package ServiceProvider.
Generating Alphabet and publishing configurations
.
This command will generate a randomly shuffled alphabet that will be used to encode and decode your IDs.
It will also publish the config file . Here you will find:
- the newly generated alphabet (in case you need to alter it or replace it with an entirely new one)
- the padding key, used to specify a minimum length for the encoded id (default: 8char)
That's it, you're good to go!
Usage
Encoding Model IDs
Providing your Models with the ability to display a masked version of their actual IDs is as simple as using the Trait:
Now your model will feature the attribute, which you can use to access a masked version of your model's ID:
Retrieving Models
The package provides a convenient way to query the Database for records using the attribute, without any need for decoding it. Just call the or methods on your model's class, like you would normally do using the acutal (numeric) IDs for your records as parameters, but with the option to also use their masked version (as a string):
Decoding IDs
As discussed before, there is no need for explicitly decoding your IDs before queueing the Database. Should the need for manual decoding ever arise, though, the package provides an class that can be used anywhere in your code to encode or decode integer numbers for any reason you might think of.
Please note that the method of the class expects an as a parameter and returns a , while the method expects a and returns the decoded if the given string is a valid encoding, otherwise.
Parametric routes
Using to fetch the actual model from a parametric route is pretty handy, but unfortunately it only works when the parameter used to populate the route exists as a column in your model's database table. When using computed attributes (like )the workaround used to be giving up on the dependency injection and just query the database for the desired model after decoding it inside the controller:
But fear not! This package extends Laravel's native route binding functionalities enabling you to use encoded ids in your parametric routes and still being able to inject your models in your Controller methods without having to manually querying the database inside of it, leaving room for the actual controller logic without cluttering it with unnecessary operations:
License
The MIT License (MIT). Please see License File for more information.