Securing response with laravel | Laravel | Page 1

dusty crystal Sep 21, 2022, 2:56 AM

#

Hi. I wonder what is the best practice for securing response data in laravel.
When the app become larger some model have so many column, and in the api response, no need to get all of the column.

what is better in your opinion:

Declare hidden almost to all column in that model, and then in every service/repository use makeVisible when need accessing that hidden column.
Hidden some crucial/sensitive data only in the model. then makeHidden or only select some needed in the model/service
any other ideas?
Thanks

blissful hinge Sep 21, 2022, 7:20 AM

#

Aren't API resources intended for the purpose you're describing? https://laravel.com/docs/9.x/eloquent-resources

blissful hinge Sep 22, 2022, 7:35 AM

#

Great talk 👍

#Securing response with laravel