Skip to content

sschlein/obscure

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Obscure

Hide IDs from URLs and forms

Software License Build Status Scrutinizer Code Quality codecov.io StyleCI

Obscure your Laravel 5 applications IDs from URLs and requests. It's based on the popuplar Hashids package

// http://exampleapplication.com/user/ALnLzW

Route::get('/user/{id}', function ($id) {
    return "ID: " . $id; //returns a number
})->middleware('obscure');

Contents

## Installation

In order to add obscure to your project, just add

"sschlein/obscure": "dev-develop"

to your composer.json. Then run composer install or composer update.

Or run composer require sschlein/obscure if you prefer that.

In your config\app.php file, add the obscure service provider to providers array.

    // ...
    Sschlein\Obscure\ObscureServiceProvider::class,
    // ...

Set a salt hash in your .env file to generate unique hashs.

OBSCURE_SALT=your-unique-phrase

Add the middleware to your Kernel

In your app\Http\Kernel.php file, add the obscure middleware to the $routeMiddleware array.

protected $routeMiddleware = [
    // ...
    'obscure'         => \Sschlein\Obscure\Middleware\Obscure::class,
    // ...
];
## Usage

By default, Obscure looks for routes or request parameters with a parameter named id. To modify this parameter, add it as a middleware parameter like this:

Route::get('/obscure/{user_id}', function ($user_id) {
    return "ID: " . $id; // returns a number
})->middleware('obscure:user_id');

If this parameter is present, it gets decoded to the id and can be used without applications changes.

// http://exampleapplication.com/obscure/ALnLzW
// hashed with salt "salt"

Route::get('/obscure/{id}', function ($id) {
    return "ID: " . $id; // returns a number
})->middleware('obscure');

To generate routes or request parameters, you can use the blade extension. In a blade template, just use

<a href="/users/@obscure(1245)">View User</a>
<input type="hidden" name="id" value="@obscure(1234)">

If you need to obscure the id within a controller, use the facade

public function store(...)
{
	return redirect('users/' . Obscure::encode(1234));
}

That's it.

## Optional Configuration

Obscure uses some defaults that can be configured. To change the default configuration, publish the config.

php artisan vendor:publish

You can now configure the salt hash, the length of the hash and the used alphabet of the hash in the config/obscure.php.

## License

Obscure is free software distributed under the terms of the MIT license.

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages