The Array Redactor package is a PHP library by Mark Townsend to redact array values by their keys. I think the easiest way to understand how this package works is with a code example from the readme:
use Mtownsend\ArrayRedactor\ArrayRedactor;
// An example array, maybe a request being made to/from an API application you wish to log in your database
$login = [
'email' => 'john_doe@domain.com',
'password' => 'secret123',
'data' => [
'session_id' => 'z481jf0an4kasnc8a84aj831'
],
];
$redactor = (new ArrayRedactor($login, ['password', 'session_id']))->redact();
// $redactor will return:
[
'email' => 'john_doe@domain.com',
'password' => '[REDACTED]',
'data' => [
'session_id' => '[REDACTED]'
],
];
The package also allows you to pass a valid JSON string instead of an array of content:
$json = json_encode([
'email' => 'john_doe@domain.com',
'password' => 'secret123',
'data' => [
'session_id' => 'z481jf0an4kasnc8a84aj831'
],
]);
$redactor = (new ArrayRedactor($json, ['password', 'session_id']))->redact();
The redactor call returns an array version of the JSON string just like the previous example.
This package is useful for any PHP project, and additionally provides a service provider you may use with Lumen and Laravel. Further, if you want to use the project’s Laravel Facade, you need to register the alias in your config/app.php file:
<?php
return [
// ...
'aliases' => [
// ...
'ArrayRedactor' => Mtownsend\ArrayRedactor\Facades\ArrayRedactor::class,
],
];
When then enables the following within a Laravel project:
use ArrayRedactor;
// Laravel prefills our keys() and ink() methods for us from the config file
ArrayRedactor::content($array)->redact();
When using this project with the Laravel Facade, you need to configure the keys to redact, which can be found in the config/arrayredactor.php file after you publish the vendor config.
Why might you want to use this package? The author provides an explanation in the package’s readme:
Have you ever built or interacted with an api and needed to log all outgoing and incoming calls? Chances are that somewhere in that process is an authentication, either by an app or on behalf of a user. Logs are useful for debugging, but storing sensitive information such as passwords or api keys is not something you want to have in your logs for anyone to see. The usage goes beyond just this example, but that is what prompted me to create the ArrayRedactor package.
You can learn more about this package, get full installation instructions, and view the source code on GitHub at mtownsend5512/array-redactor.
0 comments:
Post a Comment
Thanks