I am developing an application that contains sensitive data, and I want this data to be encrypted while still being searchable through the application code.
I found a solution using the CipherSweet library. The encryption and data display are working correctly, but the search is not. The whereBlind or orWhereBlind chained queries are not working.
the code in the model :
class User extends Authenticatable implements CipherSweetEncrypted
{
use HasFactory, Notifiable , UsesCipherSweet;
protected $fillable = [
'name',
'email',
'password',
];
public static function configureCipherSweet(EncryptedRow $encryptedRow): void
{
$encryptedRow
// Encrypt the email field
->addField('email')
->addBlindIndex(
'email',
new BlindIndex('email_index')
)
// Encrypt the name field
->addField('name')
->addBlindIndex(
'name',
new BlindIndex('name_index')
);
}
protected function casts(): array
{
return [
'email_verified_at' => 'datetime',
'password' => 'hashed',
];
}
}
the code in controller:
public function search(Request $request){
$request->validate(["search" => "required"]);
$search = $request->input('search');
$users = User::whereBlind('email', 'email_index',"%".$search ."%")->paginate(10);
return view('welcome', compact("users", "search"));
}
