在拉拉韦尔.如何加密用户表中的电子邮件地址 [英] in Laravel. How to encrypt email adress in user table
问题描述
我想对用户表中的电子邮件地址进行加密,因为可以保护个人信息. 我这样尝试 app¥Encryptable.php
I want to encrypt email adress in user table because protect personal information. I try this way app¥Encryptable.php
<?php
namespace App;
use Crypt;
trait Encryptable{
public function getAttribute($key){
$value = parent::getAttribute($key);
if (in_array($key, $this->encryptable)) {$value = Crypt::decrypt($value);return $value;}
return $value;
}
public function setAttribute($key, $value){
if (in_array($key, $this->encryptable)) {$value = Crypt::encrypt($value);}
return parent::setAttribute($key, $value);
}
}
app \ User.php
app\User.php
<?php
namespace App;
use Illuminate\Contracts\Auth\MustVerifyEmail as MustVerifyEmailContract;
use Illuminate\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use App\Encryptable;
class User extends Authenticatable implements MustVerifyEmailContract{
use MustVerifyEmail, Notifiable;
use Encryptable;
protected $fillable = ['name', 'email', 'password',];
protected $hidden = ['password', 'remember_token',];
protected $casts = [email_verified_at' => 'datetime',];
public $encryptable = [email',];
}
我可以加密电子邮件地址. 但是我无法登录并重置密码. 用户可以在同一电子邮件地址中创建多个帐户. 这是一个非常糟糕的袋子.
I can encrypt email adress. But I can't login and reset password. User can make many acounts in same email adress. It is very bad bag.
救救我!
推荐答案
我假设您使用的是php artisan make:auth和默认控制器.因此,您需要重写某些默认方法,以确保在Laravel尝试将其用于身份验证,注册或密码重置之前,已对电子邮件地址进行加密.
I assume you are using php artisan make:auth and the default controllers. So you will need to override some of the default methods to ensure that the email address is encrypted before Laravel attempts to use it for authentication, registration, or password resets.
对于Login(带有加密的电子邮件),将以下内容添加到您的app\Http\Controllers\Auth\LoginController.php
To Login with an encrypted email add the following to your app\Http\Controllers\Auth\LoginController.php
/**
* Validate the user login request.
*
* @param \Illuminate\Http\Request $request
* @return void
*
* @throws \Illuminate\Validation\ValidationException
*/
protected function validateLogin(Request $request)
{
$request->validate([
$this->username() => 'required|string',
'password' => 'required|string',
]);
$request->input('email, Crypt::encrypt($request->email);
}
发送给Register的电子邮件,将以下内容加密为您的app\Http\Controllers\Auth\RegisterController.php
To Register with an email that will be encrypted the following to your app\Http\Controllers\Auth\RegisterController.php
/**
* Handle a registration request for the application.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function register(Request $request)
{
$request->merge([
'email' => Crypt::encrypt($request->email),
'raw_email' => $request->email,
]);
parent::register($request);
}
// And change the validator method to this
protected function validator(array $data)
{
return Validator::make($data, [
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'max:255', 'unique:users'], // remove the email validation as this field be encrypted before validation
'raw_email' => ['required', 'string', 'email'], // the email still needs to be a valid email
'password' => ['required', 'string', 'min:8', 'confirmed'],
],
[
'raw_email.required' => 'We need to know your e-mail address!',
'raw_email.string' => 'We need to know your e-mail address!',
'raw_email.email' => 'Please enter a valid e-mail address!',
]);
}
最后,要处理Reset Passwords,您将需要在app\Http\Controllers\Auth\ForgotPasswordController.php
Finally, to handle Reset Passwords you will want to add the following to your app\Http\Controllers\Auth\ForgotPasswordController.php
/**
* Validate the email for the given request.
*
* @param \Illuminate\Http\Request $request
* @return void
*/
protected function validateEmail(Request $request)
{
$request->validate(['email' => 'required|email']);
$request->input('email', Crypt::encrypt($request->email));
}
我没有测试任何代码,但这应该可以使您处于领先地位.
I have not tested any of this code, but this should put you well ahead.
这篇关于在拉拉韦尔.如何加密用户表中的电子邮件地址的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
