Contact Us

Search Results for:

Our Blog

Laravel Security : 5 Major Features You Must Know

2,398
Tarun Bansal
July 31, 2017
5-Major-Laravel-Security-Features

Laravel development provide advance security for you by many ways. Using laravel security we can make our project very secure.laravel provide many security constraint like csrf tokens,auth,hash algorithm etc.

Here we discuss about some points that laravel provide for security.

1)Eloquent ORM

  • It is also known as object relational mapping.
  • Every Table in database has its own model.
  • We have to follow its syntax for query to database.
  • It also provides reusability of code.
  • Using Eloquent ORM we can prevent SQL Injection.

 

2)Storing Passwords

  • Laravel does not store password in database as plain text.
  • It’s HASH class provides algorithm for storing password.
  • It secures password using Bcrypt hashing.
  • If someone tries to decrypt the password then it is not possible.
  • It has simple syntax.

Eg:

For hashing password using Bcrypt

$pass = Hash:make('your_password');

For verifying

If 

(Hash:('your_password',$encrpted_password))

{

//Password matched

}

else

{

//not matched

}

 
For Checking If A Password Needs To Be Rehashed

if (Hash::needsRehash($encrpted_password))

{

$encrpted_password = Hash::make('your_password');

}

3)CSRF Token

  • It stands for cross-site request forgeries.
  • It always generate new and unique token on every page load, page refresh, multi tabbing, back button.
  • Using a unique CSRF token per request adds a security to the application.

For example if a cookie hijacking happens, a unique token prevent the application from a complete hijacking.

Syntax

Eg.

For add CSRF Token in to form.

{{ csrf_token()}}
 

For verifying token when submit

Route::post('register', array('before' => 'csrf', function()

{

return 'CSRF token Valid!';

}));

Related : Learn The Implementation of Invite Code in Laravel

4)Encryption

  • It has facilities for strong AES encryption via the mcrypt PHP extension.

Syntax
Eg.

Encrypting A Value
	$encrypted = Crypt::encrypt('YOUR_VALUE');
	
	Decrypting A Value
	$decrypted = Crypt::decrypt($encrypted);

5)Routes Protecting

  • It is used for filter routes for authenticated users to get access to particular route.
  • It provides default auth filter.
  • Default auth filter is defined in app/filters.php.

Syntax

Eg.

	Protecting A Route
	Route::get('profile', array('before' => 'auth', function()
	{
	 // Only authenticated users may enter...
	}));

Realted : How to Implement CDN in Laravel?

Tarun Bansal
July 31, 2017

You may also like

Create A Custom Dynamic Web-App with CRUD Generator and API Builder in Codeigniter
Shopify Vs Magento Vs WooCommerce Vs BigCommerce Vs OpenCart
Shopify Vs Magento Vs WooCommerce Vs BigCommerce Vs OpenCart
Why PHP is Good Choice for Web Development
PHP Released its Much Anticipated Latest Version 7.4

Our Acknowledgements

We take pride in receiving recognition and accolades by offering unmatched IT and digital marketing solutions

Digital Transformation begins here!

Let us write your business’s growth story by offering innovative, scalable and result-driven IT solutions. Do you have an idea that has a potential to bring a change in the world? Don’t hesitate, share with our experts and we will help you to achieve it.

LET'S DISCUSS
Get a Free Quote