Laravel Credentials Package for Encrypted Application Secrets

综合编程 2018-05-16 阅读原文

Trust me, erasing secret data
from version control is open-heart surgery for your VCS you never want to perform. On the other hand, having secrets in version control is helpful to keep track of changes made, given that you do so carefully. Enter Laravel Credentials.

Laravel Credentials is a new package by Marcel Pociot (ofBotman fame) to help you manage sensitive data securely in your Laravel project.

A couple of benefits include:

  • Credentials are encrypted, so nobody can read them without the key (which you should not store in version control)
  • Encrypted credentials are in version control, so you have a history of change
  • You can deploy credential changes along with code changes
  • Your secrets exist in one location

Since credentials are encrypted and require a key, how do you edit them with this package?

Editing Laravel Credentials

To edit your credentials, you use an artisan command provided by the Laravel Credentials package:

php artisan credentials:edit

Once you update the credentials, the new encrypted version gets stored in the credentials file (by default the file lives at config/credentials.php.enc
. The credentials file is accessible via helpers.

Using Credentials

To access encrypted credentials, you use the provided credentials()
helper function:

$credential = credentials('api-password');


To install this package and start using it, install it via composer with:

composer require beyondcode/laravel-credentials

You can optionally publish the config file with the following:

php artisan vendor:publish --provider="BeyondCodeCredentialsCredentialsServiceProvider" --tag="config"

Learn More

Learn more about the Laravel Credentials package and access the source code from beyondcode/laravel-credentials
on GitHub.

You might already be familiar with the encrypted file approach for sensitive data if you’ve used Ansible Vault

Laravel News

责编内容by:Laravel News阅读原文】。感谢您的支持!


Laravel 4. Pass the parameter to partia... I am making a sales support system with Laravel 4. I have a form for recordin...
The state of Laravel-based APIs – a personal... Friendly disclaimer:this is a quick and dirty post that I'm putting toget...
简述 Laravel Model Events 的使用 最近一直在思考如何利用 Laravel,更进一步做出一套较为不一样的开发框架出来。反复看了很多有关 Laravel 框架的资料和文档,最后还是落在 Larave...
Laravel ORM merges two json arrays Excuse me, I use laravel ORM have two json arrays , like this: php $personne...
在 Laravel 中使用 DataTables 插件 DataTables 是一个 jQuery 的表格插件,记录一下在 Laravel 中使用的常用功能和用法,比如 ajax 获取数据,自定义搜索,效果展现...