Laravel - Encryption

Laravel Encryption

Laravel provides a simple and secure way to encrypt and decrypt data using AES-256 and AES-128 encryption algorithms. This guide will walk you through how to use Laravel's built-in encryption system effectively.

1. Why Use Encryption in Laravel?

Encryption ensures that sensitive data is stored and transmitted securely. Laravel’s Crypt facade allows you to encrypt data before storing it in a database and decrypt it when needed.

Use Cases of Encryption

✅ Storing sensitive user information
✅ Encrypting API keys and access tokens
✅ Protecting confidential application data
✅ Encrypting payment-related data

2. Configuring Encryption in Laravel

Laravel automatically sets up encryption using the APP_KEY from the .env file. You can check your encryption key with:

php artisan env

If your application key is missing, generate a new one using:

php artisan key:generate

This key is crucial for encryption and decryption. Do not share this key, as it is unique to your application.

3. Encrypting Data in Laravel

Laravel provides the encrypt() helper function and the Crypt facade to encrypt data.

Using the encrypt() Helper

$encryptedData = encrypt('This is a secret message');
echo $encryptedData;

Using the Crypt Facade

use Illuminate\Support\Facades\Crypt;

$encryptedData = Crypt::encrypt('This is a secret message');
echo $encryptedData;

The output will be an encrypted string that is unreadable and safe for storage.

4. Decrypting Data in Laravel

To retrieve the original data, use the decrypt() function.

Using the decrypt() Helper

$decryptedData = decrypt($encryptedData);
echo $decryptedData;

Using the Crypt Facade

$decryptedData = Crypt::decrypt($encryptedData);
echo $decryptedData;

If the decryption fails (e.g., if the data was tampered with), Laravel will throw a DecryptException.

5. Encrypting and Decrypting Arrays & JSON Data

You can also encrypt entire arrays or JSON data:

$data = ['name' => 'John Doe', 'email' => 'john@example.com'];

$encrypted = encrypt($data);
$decrypted = decrypt($encrypted);

print_r($decrypted);

This works well for storing structured data securely.

6. Storing Encrypted Data in a Database

If you want to store encrypted data in a database, simply encrypt it before saving it:

$user = new User();
$user->name = 'John Doe';
$user->secret_info = encrypt('Sensitive Data');
$user->save();

When retrieving:

$decryptedSecret = decrypt($user->secret_info);

7. Handling Encryption Errors

If an incorrect decryption key is used or the encrypted data is modified, Laravel will throw a DecryptException.

Example Handling DecryptException

use Illuminate\Contracts\Encryption\DecryptException;

try {
    $decrypted = decrypt($invalidData);
} catch (DecryptException $e) {
    echo "Decryption failed: " . $e->getMessage();
}

8. Encrypting Cookies in Laravel

Laravel automatically encrypts cookies for security. You can specify which cookies should not be encrypted by modifying the App\Http\Middleware\EncryptCookies middleware.

To exclude a cookie from encryption:

class EncryptCookies extends Middleware
{
    protected $except = [
        'example_cookie'
    ];
}

9. Encrypting API Tokens & Secure Communications

When handling API authentication, you can encrypt tokens before storing them:

$user->api_token = encrypt('API_SECRET_TOKEN');

When retrieving:

$token = decrypt($user->api_token);

For added security, consider using Laravel Passport or Sanctum for API authentication instead.

10. Alternative Encryption Methods: Hashing vs Encryption

• Encryption: Two-way process (can be decrypted). Example: Crypt::encrypt().
• Hashing: One-way process (cannot be decrypted). Example: Hash::make().

Use hashing for passwords and encryption for sensitive but reversible data.

Example of hashing:

use Illuminate\Support\Facades\Hash;

$hashedPassword = Hash::make('my-password');

if (Hash::check('my-password', $hashedPassword)) {
    echo "Password is valid!";
}

Conclusion

🎉 Congratulations! You now understand how to use Laravel Encryption to secure your application’s data.

✅ Encrypt and decrypt sensitive data easily
✅ Store encrypted information in databases securely
✅ Handle encryption errors properly
✅ Secure API tokens and user information

💬 Got questions? Let us know in the comments!