Get expert guidance in a few days with a Laravel code review

Laravel News Laravel News

Encrypt and Decrypt Eloquent Model Fields in Laravel Apps

Published on by

Encrypt and Decrypt Eloquent Model Fields in Laravel Apps image

Laravel Ciphersweet is a package by Spatie to integrate searchable field-level encryption in Laravel applications. The package's readme explains the problem Ciphersweet can help solve as follows:

In your project, you might store sensitive personal data in your database. Should an unauthorised person get access to your DB, all sensitive can be read which is obviously not good.

To solve this problem, you can encrypt the personal data. This way, unauthorized persons cannot read it, but your application can still decrypt it when you need to display or work with the data.

This package is a wrapper for Ciphersweet to integrate its features into Laravel models easily. Here's an example of a model from the readme's setup instructions that illustrates what a model looks like using Ciphersweet:

use Spatie\LaravelCipherSweet\Contracts\CipherSweetEncrypted;
use Spatie\LaravelCipherSweet\Concerns\UsesCipherSweet;
use ParagonIE\CipherSweet\EncryptedRow;
use Illuminate\Database\Eloquent\Model;
 
class User extends Model implements CipherSweetEncrypted
{
    use UsesCipherSweet;
 
    public static function configureCipherSweet(EncryptedRow $encryptedRow): void
    {
        $encryptedRow
            ->addField('email')
            ->addBlindIndex('email', new BlindIndex('email_index'));
    }
}

This allows you the encrypt a user's email to keep it safe from unauthorized people reading the data, but give you the ability to decrypt the data to display it or work with it.

Once you have configured this package and set up a model, you can search encrypted data in the database using blind indexes:

$user = User::whereBlind('email', 'email_index', 'rias@spatie.be');

This package also aids in generating encrypting keys and encrypting model attributes to speed up integration with Ciphersweet.

I want to point out that you should not use this package blindly without understanding the ins and outs of the use case you are trying to solve. You can learn more about CipherSweet on this page, which has many linked resources.

CipherSweet also has PHP-specific documentation to help get you up to speed with the underlying PHP package.

I would also recommend reading Rias' post, Encrypting Laravel Eloquent models with CipherSweet.

To get started with this package, check it out on GitHub at spatie/laravel-ciphersweet.

Paul Redmond photo

Staff writer at Laravel News. Full stack web developer and author.

X X Github Github
Filed in:
Laravel Packages
Cube

Laravel Newsletter

Join 40k+ other developers and never miss out on new tips, tutorials, and more.

Cube

Laravel Jobs

Explore hundreds of open positions today.

View all jobs
image
Laravel Code Review

Get expert guidance in a few days with a Laravel code review

Visit Laravel Code Review

Partners

View all →
Lucky Media logo

Lucky Media

Get Lucky Now - the ideal choice for Laravel Development, with over a decade of experience!

Lucky Media
Shift logo

Shift

Running an old Laravel version? Instant, automated Laravel upgrades and code modernization to keep your applications fresh.

Shift
PhpStorm logo

PhpStorm

The go-to PHP IDE with extensive out-of-the-box support for Laravel and its ecosystem.

PhpStorm
Harpoon: Next generation time tracking and invoicing logo

Harpoon: Next generation time tracking and invoicing

The next generation time-tracking and billing software that helps your agency plan and forecast a profitable future.

Harpoon: Next generation time tracking and invoicing
Get expert guidance in a few days with a Laravel code review logo

Get expert guidance in a few days with a Laravel code review

Expert code review! Get clear, practical feedback from two Laravel devs with 10+ years of experience helping teams build better apps.

Get expert guidance in a few days with a Laravel code review
Tinkerwell logo

Tinkerwell

The must-have code runner for Laravel developers. Tinker with AI, autocompletion and instant feedback on local and production environments.

Tinkerwell
Laravel Cloud logo

Laravel Cloud

Easily create and manage your servers and deploy your Laravel applications in seconds.

Laravel Cloud
Acquaint Softtech logo

Acquaint Softtech

Acquaint Softtech offers AI-ready Laravel developers who onboard in 48 hours at $3000/Month with no lengthy sales process and a 100 percent money-back guarantee.

Acquaint Softtech
Kirschbaum logo

Kirschbaum

Providing innovation and stability to ensure your web application succeeds.

Kirschbaum
SerpApi logo

SerpApi

Access real-time search engine results through a simple API—no more scraping headaches! Use it for AI applications, SEO tools, product research, travel information, and more

SerpApi
SaaSykit: Laravel SaaS Starter Kit logo

SaaSykit: Laravel SaaS Starter Kit

SaaSykit is a Multi-tenant Laravel SaaS Starter Kit that comes with all features required to run a modern SaaS. Payments, Beautiful Checkout, Admin Panel, User dashboard, Auth, Ready Components, Stats, Blog, Docs and more.

SaaSykit: Laravel SaaS Starter Kit

The latest

View all →
Larapanda: A Type-Safe Lightpanda Browser SDK for Laravel image

Larapanda: A Type-Safe Lightpanda Browser SDK for Laravel

Read article
Generate HTML Password Rules Attribute in Laravel 13.9.0 image

Generate HTML Password Rules Attribute in Laravel 13.9.0

Read article
DHH Joins Laravel Live Denmark 2026 for Fireside Chat with Taylor Otwell image

DHH Joins Laravel Live Denmark 2026 for Fireside Chat with Taylor Otwell

Read article
Model-Based Scheduling for Laravel with Cadence image

Model-Based Scheduling for Laravel with Cadence

Read article
Laravel's AI SDK adds sub-agents image

Laravel's AI SDK adds sub-agents

Read article
Laravel Introduces First-Party Passkey Authentication Support image

Laravel Introduces First-Party Passkey Authentication Support

Read article