Eloquent Encrypter

Eloquent Encrypter

https://ift.tt/35JZsWR


Eloquent Encryption

This package enables an additional layer of security when handling sensitive data. Allowing key fields of your eloquent models in the database to be encrypted at rest.

Latest Version on Packagist
Build Status
Quality Score
Total Downloads

Introduction

This open source package fulfils the need of encrypting selected model data in your database whilst allowing your app:key to be rotated. When needing to store private details this package allows for greater security than the default Laravel encrypter.
It uses default 4096-bit RSA keys to encrypt your data securely and Laravel model casting to dynamically encrypt and decrypt key fields.

Usually, you would use Laravel’s Encrypter to encrypt the data, but this has the limitation of using the app:key as the private secret. As the app key also secures session/cookie data, it is advised that you rotate this every so often – if you’re storing encrypted data using this method you have to decrypt it all first and re-encrypt whenever this is done. Therefore this package improves on this by creating a separate and stronger encryption process allowing you to rotate the app:key. This allows for a greater level of security of sensitive model data within your Laravel application and your database.

Installation

This package requires Laravel 8.x or higher.

You can install the package via composer:

composer require richardstyles/eloquentencryption

You do not need to register the ServiceProvider as this package uses Laravel Package auto discovery.
The Migration blueprint helpers are added using macros, so do not affect the schema files.

The configuration can be published using this command, if you need to change the RSA key size, storage path and key file names.

php artisan vendor:publish --provider="RichardStyles\EloquentEncryption\EloquentEncryptionServiceProvider" --tag="config"

In order to encrypt and decrypt data you need to generate RSA keys for this package. By default, this will create 4096-bit RSA keys to your storage/ directory. Do not add these to version control and backup accordingly.

php artisan encrypt:generate

⚠️ If you re-run this command, you will lose access to any encrypted data ⚠️

There is also a helper function to define your encrypted fields in your migrations.
There is nothing special needed for this to function, simply declare a encrypted column type in your migration files. This just creates a binary/blob column to hold the encrypted data. Using this helper indicates that the field is encrypted when looking through your migrations.

Schema::create('sales_notes', function (Blueprint $table) {
    $table->increments('id');
    $table->encrypted('private_data');
    $table->timestamps();
});

Usage

This package leverages Laravel’s own custom casting to encode/decode values.

<?php

namespace App\Models;

use Illuminate\Database\Eloquent\Model;
use RichardStyles\EloquentEncryption\Casts\Encrypted;
use RichardStyles\EloquentEncryption\Casts\EncryptedInteger;
use RichardStyles\EloquentEncryption\Casts\EncryptedFloat;
use RichardStyles\EloquentEncryption\Casts\EncryptedCollection;

class SalesData extends Model
{
    /**
     * The attributes that should be cast.
     *
     * @var array
     */
    protected $casts = [
        'private_data' => Encrypted::class,
        'private_int' => EncryptedInteger::class,
        'private_float' => EncryptedFloat::class,
        'private_collection' => EncryptedCollection::class,
    ];
}

There are additional casts which will cast the decrypted value into a specific data type. If there is not one that you need, simply make a PR including sufficient testing.

Testing

Changelog

Please see CHANGELOG for more information what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Support

If you are having general issues with this package, feel free to contact me on Twitter.

If you believe you have found an issue, please report it using the GitHub issue tracker, or better yet, fork the repository and submit a pull request with a failing test.

If you’re using this package, I’d love to hear your thoughts. Thanks!

Security

If you discover any security related issues, please email richard@udeploy.dev instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see License File for more information.

Laravel Package Boilerplate

This package was generated using the Laravel Package Boilerplate.

programming

via Laravel News Links https://ift.tt/2dvygAJ

October 29, 2020 at 08:24PM

Save hundreds on these Python, AI and data science courses

Save hundreds on these Python, AI and data science courses

https://ift.tt/3ea4MqA

In this age of big data, companies worldwide need to sift through the avalanche of information at their disposal to enhance their products, services and overall profitability. As such, there’s a growing demand in today’s job market for specialists who have the technical skills and knowledge to help businesses make sense of big data and turn it into actionable insights. Many companies rely on programming languages like Python and the advancements made in artificial intelligence (AI) and data science to get that job done.

Right now, you can save hundreds on The Ultimate Python & Artificial Intelligence Certification Bundle, featuring nine in-depth courses and 38 hours of video content that catches you up to speed on everything Python, AI and data science.

You learn the fundamentals of programming with Python and discover its practical applications throughout this comprehensive bundle. It kickstarts your training with step-by-step guidance on the basics of writing code with this valuable programming language. With a firm grasp of the essentials, you then get introduced to applying Python to AI and data science. That means learning new concepts, such as machine learning, deep learning and computer vision, as well as mastering the frameworks and underlying techniques that bring these advanced applications to life.  

Included courses:

  • Python for Beginners: Learn All the Basics of Python ($199 value)

  • Python: Introduction to Data Science and Machine Learning A-Z ($199 value)

  • Artificial Intelligence (AI) in Python: A H2O Approach ($199 value)

  • Master PyTorch for Artificial Intelligence Networks & Deep Learning ($199 value)

  • Image Processing & Analysis Bootcamp with OpenCV and Deep Learning in Python ($199 value)

  • Keras Bootcamp for Deep Learning & AI in Python ($199 value)

  • Practical Data Pre-Processing & Visualization Training with R ($199 value)

  • Pre-Process & Visualize Data with Tidy Techniques in R ($199 value)

Python, AI and data science are in-demand skills companies need to make the most of big data in their daily operations and, ultimately, bottom line. Usually $1,791, The Ultimate Python & Artificial Intelligence Certification Bundle is on sale for $40, 97% off its original cost. 

Prices are subject to change.

Engadget is teaming up with StackSocial to bring you deals on the latest headphones, gadgets, tech toys, and tutorials. This post does not constitute editorial endorsement, and we earn a portion of all sales. If you have any questions about the products you see here or previous purchases, please contact StackSocial support here.

geeky,Tech,Database

via Engadget http://www.engadget.com

October 29, 2020 at 02:06PM

Complete Beginners Guide on Laravel Livewire Events

Complete Beginners Guide on Laravel Livewire Events

https://ift.tt/3jEGK8b


Complete Beginners Guide on Laravel Livewire Events

Posted By

Mahedi Hasan

Category

Framework

Sub-category

Laravel 8.x

October 24, 2020

Hello devs in this tutorial i am going to discuss about Laravel livewire events. You already know that Livewire components can communicate with each other through a global event system. As long as two Livewire components are living on the same page, they can communicate using events and listeners.

If you already worked with vue events then livewire events is going to be almost same thing i think. If you use larave livewire already then you know about that Laravel Livewire simplifies so many aspects of building out your Laravel application.

Livewire makes it easy to send data from the client to the server and from the server back to the client.In this quick example tutorial, I’ll show you how easy it is to send data back and forth from the client and the server.

Client To The Server with Livewire

In laravel livewire sending events from the client to the server can easily be accomplished with a wire:click event like

 

This is covered in the Livewire Actions Documentation, but what if we wanted to call a PHP function from vanilla javascript? Simple enough, we can utilize Livewire Events to do that like so:

 

After doing that steps, inside of our PHP code, you’ll need to register an event listener that maps to a function:

protected $listeners = ['say-hello' => 'sayHello'];

public function sayHello()
{
    // your code here
}

 

Recommended : Laravel 7.x Livewire Form Submit Example Tutorial

 

That’s the simplest and very easy way for your front-end to talk to your back-end. Next, we’ll see how we can send an event from the back-end to the front-end in this tutorial with laravel livewire events.

Server to the Client with Livewire

Sending events from the server to the client can be done by utilizing the dispatchBrowserEvent function in laravel livewire. See the example like so:

public function sayGoodbye()
{
    $this->dispatchBrowserEvent('say-goodbye', []);
}

 

Then, we can register an even listener in javascript to catch this event like below

 

And that’s it 🙌 Finally, you may like to know how to send data between the sever to clinet and client to server.

Sending Data to the Server

In our previous code example, we can easily pass data to the server with the following javascript code:

 

Read also : Laravel Livewire Dynamically Add More Input Fields Example

 

And we can access that data from the first argument in our function:

protected $listeners = ['say-hello' => 'sayHello'];

public function sayHello($payload)
{
    $name = $payload['name'];
    // your code here
}

 

That’s great, right? Next step, we’ll also need a way to pass data from our server to our client.

Sending Data to the Client

We already seen before that we can easily send data from our PHP code to our front-end by sending it in the array of our dispatchBrowserEvent function:

public function sayGoodbye()
{
    $this->dispatchBrowserEvent('say-goodbye', ['name' => 'John']);
}

 

And we can capture that data in javascript by fetching the event.detail variable.

 

Read also : Laravel 8.x Livewire CRUD Tutorial Step by Step

 

Hope it can help you to pass data from client to server and server to client. Now you know how to pass data client to server and server to clinet using Laravel livewire.

 

programming

via Laravel News Links https://ift.tt/2dvygAJ

October 28, 2020 at 08:18PM

Real Python: Get Started With Django Part 3: Django View Authorization

Real Python: Get Started With Django Part 3: Django View Authorization

https://ift.tt/37PRVs7

In part 1 of this series, you learned the fundamentals of Django models and views. In part 2, you learned about user management. In this tutorial, you’ll see how to combine these concepts to do Django view authorization and restrict what users can see and do in your views based on their roles.

Allowing users to log in to your website solves two problems: authentication and authorization. Authentication is the act of verifying a user’s identity, confirming they are who they say they are. Authorization is deciding whether a user is allowed to perform an action. The two concepts go hand in hand: if a page on your website is restricted to logged-in users, then users have to authenticate before they can be authorized to view the page.

Django provides tools for both authentication and authorization. Django view authorization is typically done with decorators. This tutorial will show you how to use these view decorators to enforce authorized viewing of pages in your Django site.

By the end of this tutorial you’ll know how to:

  • Use HttpRequest and HttpRequest.user objects
  • Authenticate and authorize users
  • Differentiate between regular, staff, and admin users
  • Secure a view with the @login_required decorator
  • Restrict a view to different roles with the @user_passes_test decorator
  • Use the Django messages framework to notify your users

If you’d like to follow along with the examples you’ll see in this tutorial, then you can download the sample code at the link below:

Getting Started#

To better understand authorization, you’ll need a project to experiment with. The code in this tutorial is very similar to that shown in part 1 and part 2. You can follow along by downloading the sample code from the link below:

Get the Source Code: Click here to get the source code you’ll use to learn about Django view authorization in this tutorial.

All the demonstration code was tested with Python 3.8 and Django 3.0.7. It should work with other versions, but there may be subtle differences.

Creating a Project#

First, you’ll need to create a new Django project. Since Django isn’t part of the standard library, it’s considered best practice to use a virtual environment. Once you have the virtual environment, you’ll need to take the following steps:

  1. Install Django.
  2. Create a new project.
  3. Create an app inside the project.
  4. Add a templates directory to the project.
  5. Create a site superuser.

To accomplish all that, use the following commands:

$ python -m pip install django==3.0.7
$ django-admin startproject Blog
$ cd Blog
$ python manage.py startapp core
$ mkdir templates
$ python manage.py migrate
$ python manage.py createsuperuser
Username: superuser
Email address: superuser@example.com
Password:
Password (again):

You now have a Blog project, but you still need to tell Django about the app you created and the new directory you added for templates. You can do this by modifying the Blog/settings.py file, first by changing INSTALLED_APPS:

INSTALLED_APPS = [
    "django.contrib.admin",
    "django.contrib.auth",
    "django.contrib.contenttypes",
    "django.contrib.sessions",
    "django.contrib.messages",
    "django.contrib.staticfiles",
 "core",
]

The highlighted line indicates the addition of the core app to the list of installed apps. Once you’ve added the app, you need to modify the TEMPLATES declaration:

TEMPLATES = [
    {
        "BACKEND": "django.template.backends.django.DjangoTemplates",
 "DIRS": [os.path.join(BASE_DIR, "templates")],
        "APP_DIRS": True,
        "OPTIONS": {
            "context_processors": [
                "django.template.context_processors.debug",
                "django.template.context_processors.request",
                "django.contrib.auth.context_processors.auth",
                "django.contrib.messages.context_processors.messages",
            ],
        },
    },
]

The highlighted line indicates the change you need to make. It modifies the DIRS list to include your templates folder. This tells Django where to look for your templates.

Note: Django 3.1 has moved from using the os library to pathlib and no longer imports os by default. If you’re using Django 3.1, then you need to either add import os above the TEMPLATES declaration or convert the "DIRS" entry to use pathlib instead.

The sample site you’ll be working with is a basic blogging application. The core app needs a models.py file to contain the models that store the blog content in the database. Edit core/models.py and add the following:

from django.db import models

class Blog(models.Model):
    title = models.CharField(max_length=50)
    content = models.TextField()

Now for some web pages. Create two views, one for listing all the blogs and one for viewing a blog. The code for your views goes in core/views.py:

from django.http import HttpResponse
from django.shortcuts import render, get_object_or_404
from core.models import Blog

def listing(request):
    data = {
        "blogs": Blog.objects.all(),
    }

    return render(request, "listing.html", data)

def view_blog(request, blog_id):
    blog = get_object_or_404(Blog, id=blog_id)
    data = {
        "blog": blog,
    }

    return render(request, "view_blog.html", data)

Read the full article at https://realpython.com/django-view-authorization/ »


[ Improve Your Python With 🐍 Python Tricks 💌 – Get a short & sweet Python Trick delivered to your inbox every couple of days. >> Click here to learn more and see examples ]

Python

via Planet Python https://ift.tt/1dar6IN

October 28, 2020 at 03:50PM

A Bad-Ass Off-Road 4×4 School Bus

A Bad-Ass Off-Road 4×4 School Bus

https://ift.tt/2Gcx5Ik

As we learned last year, kids in Oulu, Finland ride their bicycles to school through snow, in negative-22 degrees Fahrenheit weather.

Around the world there are schoolchildren who live in remote areas and may not have the bicycles to get them there. Turns out there’s a vehicle for this application: The Praetorian off-road school bus, made by Czech-Republic-based Torsus.

The 4×4 Praetorian can carry 36 passengers, handle gnarly angles, clear obstacles 13.4 inches in height and wade through nearly three feet of water. With an off-road suspension and a diesel engine producing 290 horsepower and an absurd 848 lb-ft of torque, this thing will get the kids to school no matter how bad the roads are.

You might be wondering: What makes the Praetorian a school bus? The truth is, just the paint job, and the lack of the water cannon mounted to Torsus’ Anti-Riot Praetorian.

The off-road bus was actually designed for multiple applications, of which the school bus is just one. Check out the Praetorian’s range of liveries:

You can read more details about each version here.

fun

via Core77 https://ift.tt/1KCdCI5

October 28, 2020 at 11:29AM

I’m sorry, but I just can’t resist this!

I’m sorry, but I just can’t resist this!

https://ift.tt/31OnnU7

 

I may be in my sixties, but I still remember with joy the cartoons of my youth.  One of my favorites was Tom & Jerry, with the scheming cat regularly being handed his come-uppance at the hands of Jerry Mouse and his allies.  The series is criticized today for being too violent – but I don’t recall any blood ever being shown, despite Tom being sliced in half, Jerry folded, spindled and mutilated, and all parties being assaulted several times during the course of each cartoon.

I therefore giggled like a schoolboy yesterday when I came across this compilation of some of the best gags from early Tom & Jerry cartoons.  It’s 23 minutes of mayhem and laughter.  Enjoy!  (If the embedded cartoon won’t play, you’ll find it here on YouTube.)

Oh, the memories . . .

Peter

non critical

via Bayou Renaissance Man https://ift.tt/1ctARFa

October 28, 2020 at 06:56AM

Honest The Mandalorian Trailer

Honest The Mandalorian Trailer

https://ift.tt/3e1bn6m

Honest The Mandalorian Trailer

Link

The Mandalorian is returning to Disney+ on 10.30.2020, so it only makes sense that Screen Junkies would seize upon the chance to make an Honest Trailer for the hit series. Despite being such an excellent show, they still found plenty of reasons to poke fun at its characters and storylines.

fun

via The Awesomer https://theawesomer.com

October 27, 2020 at 07:15PM

Winners of the 2020 Epson International Pano Awards (23 photos)

Winners of the 2020 Epson International Pano Awards (23 photos)

https://ift.tt/3oyKDPp

The top-scoring panoramic photos entered in the eleventh Epson International Pano Awards have just been announced. The contest is meant to showcase the best work of panoramic photographers around the world. Organizers reported that they received 5,859 entries from 1,452 photographers in 96 countries this year, competing for the top spots in five categories, for several special awards, and for some of the cash prizes offered. Contest organizers were once again kind enough to share some of the winners and top scorers here.



Spring Hibernation, Overall Winner, and Winner, Open – Nature / Landscapes. Photographed near Squamish, BC, Canada.
(© Copyright Matt Jackisch / The 11th EPSON International Pano Awards)

via In Focus https://ift.tt/2hyaA18

October 27, 2020 at 02:05PM

Livewire File Uploads to Amazon S3

Livewire File Uploads to Amazon S3

https://ift.tt/2JfRldj


Many multi-tenant apps require image uploads, and may need to store those files in Amazon S3. Let’s create an Amazon S3 bucket from scratch and get it connected to our app. Then, we’ll leverage the powerful and simple file uploading functionality that Livewire provides.

programming

via Laracasts https://ift.tt/1eZ1zac

October 27, 2020 at 02:41PM