Add Encryption for Model attributes

[alexanderkraemer]

Extending the Models to allow single properties to be stored encrypted in the database would be a huge plus.
Maybe I've overseen it, and it's already there, but it should not be a big change.
What do you think?

[karandatwani92]

Hey @alexanderkraemer
can you demonstrate a practical use case example to understand your idea better?

For now, I think:

• Encrypted data cannot be easily queried using SQL.
• It would impact performance, especially with a large dataset.

Thanks

[alexanderkraemer]

I was thinking of implementing a basic key-vault, where the value is encrypted at rest.
The value would never be queried for. just the key.

[alexanderkraemer]

Other use-cases like storing api-keys or other credentials for the users in the database.

[tabacitu]

Hi @alexanderkraemer ,

Bad news: Backpack doesn't concern itself with how you store things in the database and encrypting. It's out of scope for us to do that.

Good news: Laravel DOES concern itself with that. And makes it dead-simple for you to have an attribute encrypted in the database. It's as easy as casting it to encrypted in your Model. Here's an example in a personal project, where the credentials array is stored encrypted in the DB:

    protected $casts = [
        'type' => ChannelType::class,
        'color' => Color::class,
        'credentials' => 'encrypted:array',
    ];

That's everything that's needed 😉 Dead-simple. Laravel spoils us, really 😅 Take a look at the Laravel encrypted docs for more info.

Hope it helps.
Cheers!