GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → sander3 → Laravel Gdpr

sander3 / Laravel Gdpr

Licence: mit
GDPR compliance with ease.

Labels

laravelencryptiongdpr

Projects that are alternatives of or similar to Laravel Gdpr

virgil-sdk-net
Virgil Core SDK allows developers to get up and running with Virgil Cards Service API quickly and add end-to-end security to their new or existing digital solutions to become HIPAA and GDPR compliant and more.
Stars: ✭ 16 (-91.53%)
Mutual labels:  encryption, gdpr
virgil-sdk-cpp
Virgil Core SDK allows developers to get up and running with Virgil Cards Service API quickly and add end-to-end security to their new or existing digital solutions to become HIPAA and GDPR compliant and more.
Stars: ✭ 18 (-90.48%)
Mutual labels:  encryption, gdpr
Laravel Database Encryption
A package for automatically encrypting and decrypting Eloquent attributes in Laravel 5.5+, based on configuration settings.
Stars: ✭ 238 (+25.93%)
Mutual labels:  laravel, encryption
Laravel Hashid
Obfuscate your data by generating reversible, non-sequential, URL-safe identifiers.
Stars: ✭ 354 (+87.3%)
Mutual labels:  laravel, encryption
Virgil Crypto Php
Virgil PHP Crypto Library is a high-level cryptographic library that allows you to perform all necessary operations for secure storing and transferring data and everything required to become HIPAA and GDPR compliant.
Stars: ✭ 22 (-88.36%)
Mutual labels:  gdpr, encryption
Databunker
Secure storage for personal records built to comply with GDPR
Stars: ✭ 122 (-35.45%)
Mutual labels:  gdpr, encryption
kodex
A privacy and security engineering toolkit: Discover, understand, pseudonymize, anonymize, encrypt and securely share sensitive and personal data: Privacy and security as code.
Stars: ✭ 70 (-62.96%)
Mutual labels:  encryption, gdpr
Itext7 Dotnet
iText 7 for .NET is the .NET version of the iText 7 library, formerly known as iTextSharp, which it replaces. iText 7 represents the next level of SDKs for developers that want to take advantage of the benefits PDF can bring. Equipped with a better document engine, high and low-level programming capabilities and the ability to create, edit and enhance PDF documents, iText 7 can be a boon to nearly every workflow.
Stars: ✭ 698 (+269.31%)
Mutual labels:  gdpr, encryption
Itext7
iText 7 for Java represents the next level of SDKs for developers that want to take advantage of the benefits PDF can bring. Equipped with a better document engine, high and low-level programming capabilities and the ability to create, edit and enhance PDF documents, iText 7 can be a boon to nearly every workflow.
Stars: ✭ 913 (+383.07%)
Mutual labels:  gdpr, encryption
Laravel Mailguneu
Allow customising the Mailgun server URL to use EU servers.
Stars: ✭ 13 (-93.12%)
Mutual labels:  laravel, gdpr
Laravel Source Encrypter
Laravel and Lumen Source Code Encrypter
Stars: ✭ 175 (-7.41%)
Mutual labels:  laravel, encryption
Goaccess
GoAccess is a real-time web log analyzer and interactive viewer that runs in a terminal in *nix systems or through your browser.
Stars: ✭ 14,096 (+7358.2%)
Mutual labels:  gdpr
Laravel Intl
🚫 [ABANDONED] Easy to use internationalization/localization functions for Laravel 5
Stars: ✭ 185 (-2.12%)
Mutual labels:  laravel
Vue Gates
🔒 A Vue.js & Nuxt.js plugin that allows you to use roles and permissions in your components or DOM elements, also compatible as middleware and methods.
Stars: ✭ 184 (-2.65%)
Mutual labels:  laravel
Hive
Lightweight and blazing fast key-value database written in pure Dart.
Stars: ✭ 2,681 (+1318.52%)
Mutual labels:  encryption
Linguist
Easy multilingual urls and redirection support for the Laravel framework
Stars: ✭ 188 (-0.53%)
Mutual labels:  laravel
Gun
An open source cybersecurity protocol for syncing decentralized graph data.
Stars: ✭ 15,172 (+7927.51%)
Mutual labels:  encryption
Openssl For Iphone
A script for compiling OpenSSL for iOS Devices (iPhone, iPad, iPod Touch, AppleTV, MacCatalyst)
Stars: ✭ 2,190 (+1058.73%)
Mutual labels:  encryption
Ansipress
AnsiPress - Simple L(Linux) E(NGINX) M(MariaDB) P(PHP7) Shared Hosting Setup
Stars: ✭ 184 (-2.65%)
Mutual labels:  laravel
Laravel Feature
A package to manage feature flagging in a Laravel project.
Stars: ✭ 184 (-2.65%)
Mutual labels:  laravel
View All Similar Projects ➔

GDPR compliance with ease

Scrutinizer Code Quality Latest Stable Version Monthly Downloads License

This package exposes an endpoint where authenticated users can download their data as required by GDPR article 20. This package also provides you with a trait to easily encrypt personal data and a strategy to clean up inactive users as required by GDPR article 5e.

Buy me a coffee ☕️

Requirements

  • PHP >= 7.0.0
  • Laravel 5.5+ (6.0, 7.0, 8.0)

Installation

First, install the package via the Composer package manager:

$ composer require soved/laravel-gdpr

After installing the package, you should publish the configuration file:

$ php artisan vendor:publish --tag=gdpr-config

Finally, add the Soved\Laravel\Gdpr\Portable trait to the App\User model and implement the Soved\Laravel\Gdpr\Contracts\Portable contract:

<?php

namespace App;

use Soved\Laravel\Gdpr\Portable;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Soved\Laravel\Gdpr\Contracts\Portable as PortableContract;

class User extends Authenticatable implements PortableContract
{
    use Portable, Notifiable;
}

Configuration

Configuring Portable Data

By default, the entire toArray form of the App\User model will be made available for download. If you would like to customize the downloadable data, you may override the toPortableArray() method on the model:

<?php

namespace App;

use Soved\Laravel\Gdpr\Portable;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use Portable, Notifiable;

    /**
     * Get the GDPR compliant data portability array for the model.
     *
     * @return array
     */
    public function toPortableArray()
    {
        $array = $this->toArray();

        // Customize array...

        return $array;
    }
}

Lazy Eager Loading Relationships

You may need to include a relationship in the data that will be made available for download. To do so, add a $gdprWith property to your App\User model:

<?php

namespace App;

use Soved\Laravel\Gdpr\Portable;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use Portable, Notifiable;

    /**
     * The relations to include in the downloadable data.
     *
     * @var array
     */
    protected $gdprWith = ['posts'];
}

Hiding Attributes

You may wish to limit the attributes, such as passwords, that are included in the downloadable data. To do so, add a $gdprHidden property to your App\User model:

<?php

namespace App;

use Soved\Laravel\Gdpr\Portable;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use Portable, Notifiable;

    /**
     * The attributes that should be hidden for the downloadable data.
     *
     * @var array
     */
    protected $gdprHidden = ['password'];
}

Alternatively, you may use the $gdprVisible property to define a white-list of attributes that should be included in the data that will be made available for download. All other attributes will be hidden when the model is converted:

<?php

namespace App;

use Soved\Laravel\Gdpr\Portable;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use Portable, Notifiable;

    /**
     * The attributes that should be visible in the downloadable data.
     *
     * @var array
     */
    protected $gdprVisible = ['name', 'email'];
}

Usage

This package exposes an endpoint at /gdpr/download. Only authenticated users should be able to access the routes. Your application should make a POST call, containing the currently authenticated user's password, to this endpoint. The re-authentication is needed to prevent information leakage.

You may listen for the Soved\Laravel\Gdpr\Events\GdprDownloaded event, which will be dispatched upon successful re-authentication and data conversion.

Encryption

Before using encryption, you must set a key option in your config/app.php configuration file. If this value is not properly set, all encrypted values will be insecure.

You may encrypt/decrypt attributes on the fly using the Soved\Laravel\Gdpr\EncryptsAttributes trait on any model. The trait expects the $encrypted property to be filled with attribute keys:

<?php

namespace App;

use Soved\Laravel\Gdpr\Portable;
use Illuminate\Notifications\Notifiable;
use Soved\Laravel\Gdpr\EncryptsAttributes;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use EncryptsAttributes, Portable, Notifiable;

    /**
     * The attributes that should be encrypted and decrypted on the fly.
     *
     * @var array
     */
    protected $encrypted = ['ssnumber'];
}

Data Retention

You may clean up inactive users using the gdpr:cleanup command. Schedule the command to run every day at midnight, or run it yourself. In order for this to work, add the Soved\Laravel\Gdpr\Retentionable trait to the App\User model:

<?php

namespace App;

use Soved\Laravel\Gdpr\Portable;
use Soved\Laravel\Gdpr\Retentionable;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use Retentionable, Portable, Notifiable;
}

You may listen for the Soved\Laravel\Gdpr\Events\GdprInactiveUser event to notify your users about their inactivity, which will be dispatched two weeks before deletion. The Soved\Laravel\Gdpr\Events\GdprInactiveUserDeleted event will be dispatched upon deletion.

Feel free to customize what happens to inactive users by creating your own cleanup strategy.

Roadmap

  • Tests

Security Vulnerabilities

If you discover a security vulnerability within this project, please send an e-mail to Sander de Vos via [email protected]. All security vulnerabilities will be promptly addressed.

License

This package is open-source software licensed under the MIT license.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].