Rotate app keys around while re-encrypting data.
MIT License
Changing your APP_KEY
can be as simple as running php artisan key:generate
, but what about your encrypted model data? This is where Laravel App Key Rotator comes in. This package can help with generating a new app key for you, as well as decrypting and re-encrypting your model automatically for you through an artisan command.
It's also generally a good practice to rotate your app keys periodically (e.g. every 6 months) or when certain events happen, such as an employee leaving the company. See more information here: https://tighten.co/blog/app-key-and-you/
Rotating your app keys is as simple as running this artisan command:
php artisan app-key-rotator:rotate
You can install the package via composer:
composer require rawilk/laravel-app-key-rotator
You can publish the config file with:
php artisan vendor:publish --tag="app-key-rotator-config"
You can view the default configuration file here: https://github.com/rawilk/laravel-app-key-rotator/blob/main/config/app-key-rotator.php
For documentation, please visit: https://randallwilk.dev/docs/laravel-app-key-rotator
composer test
Please see CHANGELOG for more information on what has changed recently.
Please see CONTRIBUTING for details.
If you discover any security related issues, please email [email protected] instead of using the issue tracker.
This package is not affiliated with, maintained, authorized, endorsed or sponsored by Laravel or any of its affiliates.
The MIT License (MIT). Please see License File for more information.