broadway / sensitive-data
helpers for handling sensitive data with Broadway
Installs: 16 466
Dependents: 0
Suggesters: 0
Security: 0
Stars: 6
Watchers: 4
Forks: 1
Open Issues: 2
Requires
- php: >=7.2
- broadway/broadway: ^2.3.1
Requires (Dev)
- broadway/coding-standard: ^1.0
- phpstan/phpstan: @stable
- phpunit/phpunit: ^8.0
This package is auto-updated.
Last update: 2024-10-31 00:21:39 UTC
README
Helpers for handling sensitive data with Broadway.
Installation
$ composer require broadway/sensitive-data
About
In an Event Sourced environment you may have to deal with sensitive (e.g. personal) data ending up in your event stream. You could encrypt your event stream or remove sensitive data from your event stream after a certain amount or time (upcasting). Or you could choose not to store sensitive data in you event stream altogether. That's where this project helps out.
Imagine the use case where a customer wants to pay an order with a credit card and you're not allowed to store the credit card number.
A PayWithCreditCardCommand (with credit card number) should lead to a
PaymentWithCreditCardRequestedEvent (without the credit card number) but the Processor that
handles the event does need to know the credit card number.
This project introduces a SensitiveDataManager which can be injected into a CommandHandler
to capture the sensitive data from the command and make it available to the SensitiveDataProcessor
hereby bypassing the event store.
Pros:
- sensitive data is not stored in your event stream
- no need for encryption or upcasting of your events
Cons:
- handling of sensitive data can only be done once per request
Example
A detailed example with a test case can be found in the examples/ directory.
License
This project is licensed under the MIT License - see the LICENSE file for details