baglerit / envariable
Adds an Artisan command, envariable:encrypt, which adds an encrypted variable to the .env file.
Requires
- laravel/framework: ~5.0
This package is not auto-updated.
Last update: 2019-02-20 18:35:51 UTC
README
Add an Artisan command, envariable:encrypt, which adds an encrypted environement variable to the .env file.
Laravel version
This tool was developed and tested using Laravel 5.0.
Installation
- Require this package in your Laravel project:
composer require baglerit/envariable
- Add a line in
app/Console/Kernel.phpto register this command:
protected $commands = [ ... \BaglerIT\EnVariableCommand\EnVariableCommand::class, ];
Decryption Examples
Here are two examples of ways you may want to access environment variables.
With Crypt Facade
Here's how you can decrypt the variables if you are loading the environment variable where you are able to use the
Crypt facade.
use Illuminate\Support\Facades\Crypt; ... try { $value = Crypt::decrypt(env('VAR_NAME')); } catch(DecryptException $e) { ... }
Without Crypt Facade
(Thanks to @bobbybouwmann, for helping with this.)
My environment variables are often used by files within my Laravel project's config folder such as
config/auth.php and config/database.php. Unfortunately the Crypt facade is not available
within config files so you will need to create a new Encrypter object.
$crypt = new Illuminate\Encryption\Encrypter(env('APP_KEY')); ... 'mysql' => [ 'driver' => 'mysql', 'host' => $crypt->decrypt(env('DB_HOST')), 'database' => $crypt->decrypt(env('DB_DATABASE')), 'username' => $crypt->decrypt(env('DB_USERNAME')), 'password' => $crypt->decrypt(env('DB_PASSWORD')), 'port' => $crypt->decrypt(env('DB_PORT')), ...
Warnings
- Make sure you decrypt your encrypted environment variables before using them in your application.
- This command does not check if the environment variable already exists so please check your
.envfile to ensure you have not created duplicate variables. - This command encrypts data but stores it in the same file as the encryption key so it isn't a substitute for existing security best practises. I wrote this command because I needed to encrypt an app token in order to meet a third-party security requirement. Please don't assume that this command makes your data any more secure.