Download the PHP package ivinteractive/laravel-rotation without Composer
On this page you can find all versions of the php package ivinteractive/laravel-rotation. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download ivinteractive/laravel-rotation
More information about ivinteractive/laravel-rotation
Files in ivinteractive/laravel-rotation
Package laravel-rotation
Short Description A package to simplify data decryption and re-encryption when the APP_KEY needs rotation.
License MIT
Homepage https://github.com/ivinteractive/laravel-rotation
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package laravel-rotation
Rotater for Laravel
Rotater for Laravel is a package for reencrypting your data in case your application's encryption key becomes compromised. By running php artisan rotation:run, the package will generate a new application key and reencrypt all configured database columns using the the new key.
Why choose this package?
While there are other key rotation packages available and you can also implement key rotation functionality manually, there are a number of features that will help key rotation run smoothly:
- Rotater pushes reencryption to the queue. With Laravel Horizon or multiple queue workers, this allows the reencryption processing to complete much more quickly than running everything synchronously. Since jobs are batched, you will still know when reencryption is done.
- Support for changing the cipher. Some older applications may still be using a shorter application key, but Rotater allows you to specify old and new ciphers so that the key can be updated.
- Rotater runs directly on the database columns specified in the config file. It does not interact with models, which improves performance, and makes for a more drop-in solution. While you can write your own command or implementation of the
RotatesApplicationKeyinterface, there's no requirement to do so and there's no need to make your models implement an interface or use a trait. If you'd like, you could even create a separate application for handling the reencryption process so it doesn't need to touch your existing codebase at all. - Quality of life improvements: support for sending a notification when reencryption finishes, and automatically turning maintenance mode on and off.
Installation
You can install the package via composer:
Publish the configuration file:
The configuration file will contain the following:
Usage
The key rotation command will generate a new application key, set the existing application key as the old key in the configuration, and push the batched reencryption jobs to the queue:
The --horizon option will make the call to horizon:terminate instead of queue:restart to make sure that the queued jobs use the recached config.
The --force option will skip a confirmation step that comes before making any changes to the config or pushing any jobs to the queue.
The default behavior of the key rotation command is to put the application in maintenance mode while the reencryption is processing. If the application is down, the queue:work command or the Horizon queue configuration must set the force option to true in order for the reencryption jobs to process.
It is highly recommended to use Horizon, since the reencryption queue configuration should be easier to manage. If using Horizon and remove_old_key is set to true, you should run php artisan horizon:terminate once the reencryption is finished to refresh the config in your queue workers (the horizon:terminate command is only available on the console and cannot be executed programmatically).
By default, the key rotater will use the value of config('app.cipher') for decryption and reencryption. If the cipher is being changed, you can specify that in the config by setting config('rotation.cipher') as an array with old and new keys. This is useful for upgrading the cipher used for encryption in older applications.
Events
The IvInteractive\Rotation\Events\ReencryptionFinished event is fired upon the completion of the batched jobs.
The IvInteractive\Rotation\Listeners\SendFinishedNotification event listener is provided for writing a message to the logs and sending a notification to the configured recipient.
Testing
Changelog
Please see CHANGELOG for more information what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security
If you discover any security related issues, please email [email protected] instead of using the issue tracker.
Credits
- Craig Spivack
- All Contributors
License
The MIT License (MIT). Please see License File for more information.
