New in Laravel 11 - Encryption Key Rotation

Показать описание

If you change your application's encryption key, all authenticated user sessions will be logged out of your application. This is because every cookie, including session cookies, are encrypted by Laravel. In addition, it will no longer be possible to decrypt any data that was encrypted with your previous encryption key.

To mitigate this issue, Laravel allows you to list your previous encryption keys in your application's APP_PREVIOUS_KEYS environment variable. This variable may contain a comma-delimited list of all of your previous encryption keys.

When you set this environment variable, Laravel will always use the "current" encryption key when encrypting values. However, when decrypting values, Laravel will first try the current key, and if decryption fails using the current key, Laravel will try all previous keys until one of the keys is able to decrypt the value.

This approach to graceful decryption allows users to keep using your application uninterrupted even if your encryption key is rotated.

=== Important Links ===

Fonts, extensions I use, and Support Laratips links:

=== Offer ===

GET ONE MONTH OF FREE CLOUDWAYS HOSTING

=== Video Related Links ===

=== Other Videos ===

What's New In Laravel 11 Playlist

What's New In Laravel 10 Playlist

What's New In Laravel 9 Playlist

What's New In Laravel 8 Playlist

Laravel Package Development Playlist

Password Validation In Laravel with at least one Letters, Numbers, Upper and Lowercase or Symbols:

Multiple Apis With ForwardsCalls Trait And Code Refactoring Tip - Laravel Hidden Feature:

Laravel Chunking - You Might Be Doing This Wrong - Problem and Solution:

Laravel Tip - Properly Get Data Between Two Dates

Get Data From Multiple Databases In One Project | Laravel Tip

#laravel #php #laraveltip #laratips

Рекомендации по теме

Комментарии

Glad they finally added native support for this!
Now we just need the encrypted cast to gracefully handle plaintext column values when unencrypted records already exist

sleeplessdev

so just one time to be able changing key right? next time it can't be ?

BrangSeng-zn

so now you can have two keys, if the new one can't be verified, Laravel will use the old one, amarite?

ricko

What about the leaked data according to the previous key?
Can we protect it too, or the new key will be bounded to the new data only?

ShadiMuhammad

Sir please my laravel project have an error please will you help me?

geetarani

New in Laravel 11 - Encryption Key Rotation

Laravel 11 new features!

NEW Laravel 11: Review of 11 Features/Changes

Laravel 11 Tutorial for Beginners - Laravel Crash Course (2024)

Welcome Laravel 11

New in Laravel 11: Concurrency

Laravel 11 New Features | What's new in Laravel 11 | Install Laravel 11 | Multi User Authentica...

Laravel 11 in 11 hours - Laravel for Beginners Full Course

The New App Structure in Laravel 11 #shorts #laravel #php

Change Password (School, Teacher, Student) Laravel 11 | Multi School Management System in Laravel 11

Laravel 11 Crash Course with the new features!

Laravel 11: Four New Artisan make:xxxxx Commands

I'm new to testing in Laravel (Watch me learn)

31 Task Scheduling - Laravel 11 tutorial for beginners.

Laravel 11: Middleware and Exceptions in boostrap/app.php

Laravel 11 New Features in 2024, Best PHP Framework for Modern Web

Laravel 11 + React Full Stack App with Inertia - Project Management App

Upcoming Laravel 11: SQLite as Default Database

Laravel 11 Routing: API, Versioning and Custom Routes

11 Laravel/PHP Tips in 8 Minutes: July 2024

New in Laravel 11.8: Multiple Route Files as Array

Starting with Laravel just got easier

NEW in Laravel 11.9: No More migrate:fresh on Production

New in Laravel 11: The defer() function

LARAVEL 11 Crash Course for Beginners 2024 | #13 Resource Controller & Routes (Web Developer Pat...