PHPackages muffin/obfuscate - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. muffin/obfuscate ActiveCakephp-plugin muffin/obfuscate ================ CakePHP support for ID obfuscation 3.0.1(2y ago)363.6k12MITPHP Since Jan 22Pushed 2y ago6 watchersCompare [ Source](https://github.com/UseMuffin/Obfuscate)[ Packagist](https://packagist.org/packages/muffin/obfuscate)[ Docs](https://github.com/usemuffin/obfuscate)[ RSS](/packages/muffin-obfuscate/feed)WikiDiscussions master Synced 2mo ago READMEChangelog (6)Dependencies (7)Versions (9)Used By (0) Obfuscate ========= [](#obfuscate) [![Build Status](https://camo.githubusercontent.com/e8a1ccd3e9a0ad6a7a0d977ad21893f2f86a01536595fa84dcea1efede57c484/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f5573654d756666696e2f4f62667573636174652f63692e796d6c3f7374796c653d666c61742d737175617265266272616e63683d6d6173746572)](https://github.com/UseMuffin/Obfuscate/actions?query=workflow%3ACI+branch%3Amaster)[![Coverage Status](https://camo.githubusercontent.com/9215441481c53c0421fd12a243748f44f379dce378ca14bdc018fdbea2ecfbad/68747470733a2f2f696d672e736869656c64732e696f2f636f6465636f762f632f6769746875622f5573654d756666696e2f4f62667573636174652e7376673f7374796c653d666c61742d737175617265)](https://codecov.io/github/UseMuffin/Obfuscate)[![Total Downloads](https://camo.githubusercontent.com/7975f8fda529d9cd69f5fac6225b0a950042cde53191a4b4166a76ca5deb45cf/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6d756666696e2f6f62667573636174652e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/muffin/obfuscate)[![License](https://camo.githubusercontent.com/942e017bf0672002dd32a857c95d66f28c5900ab541838c6c664442516309c8a/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d626c75652e7376673f7374796c653d666c61742d737175617265)](LICENSE) Primary key obfuscation for CakePHP using HashIds, Optimus, Base62 and/or custom obfuscation strategies. Installation ------------ [](#installation) Install the plugin using [Composer](https://getcomposer.org): ``` composer require muffin/obfuscate ``` Load the plugin by either running this console command: ``` bin/cake plugin load Muffin/Obfuscate ``` or by manually adding the following line to `src/Application.php`: ``` $this->addPlugin('Muffin/Obfuscate'); ``` Lastly, install the required obfuscation library depending on the strategy class you want to use and stated below. Built-in obfuscation strategies ------------------------------- [](#built-in-obfuscation-strategies) Use the [HashIdStrategy](http://hashids.org/) if you want to: - obfuscate your primary keys with short, unique, non-sequential ids - present record ids like 347 as strings like “yr8” ``` composer require hashids/hashids ``` Use the [OptimusStrategy](https://github.com/jenssegers/optimus) if you want to: - obfuscate your primary keys with integers based on Knuth's integer hash - present record ids like 347 as integers like 372555994 ``` composer require jenssegers/optimus ``` Use the [Base62Strategy](https://github.com/tuupola/base62) if you want to: - obfuscate your primary keys with base62 strings and integers - present record ids like 347 as strings like "vk" ``` composer require tuupola/base62 ``` You can also create your own strategy classes by implementing the `StrategyInterface`. Usage ----- [](#usage) ### 1. Attaching the behavior [](#1-attaching-the-behavior) Prepare for obfuscation by attaching the Obfuscate behavior to your table(s) and specifying which strategy you want to use as shown in the following examples. ``` use Muffin\Obfuscate\Model\Behavior\Strategy\HashIdStrategy; $this->addBehavior('Muffin/Obfuscate.Obfuscate', [ // Strategy constructor parameter: // $salt - Random alpha numeric string. You can also set "Obfuscate.salt" // $minLength (optional) - The minimum hash length. Default: 0 // $alphabet (optional) - Custom alphabet to generate hash from. Default: 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890' // config instead of passing salt to construction. // DO NOT USE same salt as set for "Security.salt" config. 'strategy' => new HashIdStrategy('5SX0TEjkR1mLOw8Gvq2VyJxIFhgCAYidrclDWaM3so9bfzZpuUenKtP74QNH6B', 10, 'abcdefghijklmnopqrstuvwxyz') ]); ``` ``` use Muffin\Obfuscate\Model\Behavior\Strategy\OptimusStrategy; $this->addBehavior('Muffin/Obfuscate.Obfuscate', [ // Strategy constructor parameters: // $prime - Large prime number lower than 2147483647 // $inverse - The inverse prime so that (PRIME * INVERSE) & MAXID == 1 // $random - A large random integer lower than 2147483647 // You can use vendor/bin/optimus spark to generate these set of numbers. 'strategy' => new OptimusStrategy(2123809381, 1885413229, 146808189) ]); ``` ``` use Muffin\Obfuscate\Model\Behavior\Strategy\Base62Strategy; $this->addBehavior('Muffin/Obfuscate.Obfuscate', [ // Strategy constructor parameters: // $set - Random alpha-numeric set where each character must only be used exactly once 'strategy' => new Base62Strategy('5SX0TEjkR1mLOw8Gvq2VyJxIFhgCAYidrclDWaM3so9bfzZpuUenKtP74QNH6B') ]); ``` > Please note that attaching the behavior is totally unobtrusive and will do absolutely nothing until you use one of the custom finders. ### 2. Using the custom finders [](#2-using-the-custom-finders) This plugin comes with the following two custom finders that are responsible for the actual obfuscation (cloaking) and elucidation (uncloaking) process: - `findObfuscated`: used to find records using an obfuscated (cloaked) primary key - `findObfuscate`: used to obfuscate (cloak) all primary keys in a find result set ### findObfuscated [](#findobfuscated) Use this finder if you want to look up a record using an obfuscated id. The plugin will elucidate (uncloak) the obfuscated id and will execute the find using the "normal" primary key as it is used inside your database. CakePHP example: ``` public function view($id) { $article = $this->Articles->find('obfuscated') ->where(['id' => $id]) // For e.g. if value for $id is 'S' it will search for actual id 1 ->first(); } ``` Crud plugin example: ``` public function view($id) { $this->Crud->on('beforeFind', function (EventInterface $event) { $event->subject()->query->find('obfuscated'); }); } ``` #### findObfuscate [](#findobfuscate) Use this finder if you want the plugin to obfuscate all "normal" primary keys found in a find result set. CakePHP example: ``` public function index() { $articles = $this->Articles->find('obfuscate'); } ``` Crud plugin example: ``` public function index() { $this->Crud->on('beforePaginate', function (EventInterface $event) { $event->subject()->query->find('obfuscate'); }); } ``` ### Methods [](#methods) Attaching the behavior also makes the following two methods available on the table: - `obfuscate(string $str)` - `elucidate(string $str)` Pro tips -------- [](#pro-tips) ### Authentication [](#authentication) A fairly common use case is applying obfuscation to user ids. To ensure the Authentication plugin properly handles obfuscated ids, specify the `obfuscated` finder using the `finder` key in your [identifier's resolver](https://book.cakephp.org/authentication/3/en/identifiers.html) config. Patches & Features ---------------------- [](#patches--features) - Fork - Mod, fix - Test - this is important, so it's not unintentionally broken - Commit - do not mess with license, todo, version, etc. (if you do change any, bump them into commits of their own that I can ignore when I pull) - Pull request - bonus point for topic branches To ensure your PRs are considered for upstream, you MUST follow the [CakePHP coding standards](http://book.cakephp.org/5.0/en/contributing/cakephp-coding-conventions.html). Bugs & Feedback ------------------- [](#bugs--feedback) License ------- [](#license) Copyright (c) 2015-Present, [Use Muffin](http://usemuffin.com) and licensed under [The MIT License](http://www.opensource.org/licenses/mit-license.php). ### Health Score 36 — LowBetter than 82% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity30 Limited adoption so far Community21 Small or concentrated contributor base Maturity62 Established project with proven stability Bus Factor1 Top contributor holds 55.3% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~192 days Recently: every ~321 days Total 8 Last Release 961d ago Major Versions 1.x-dev → 2.0.0-beta2020-03-19 2.x-dev → 3.0.02023-09-27 ### Community Maintainers ![](https://www.gravatar.com/avatar/ccb57ae849b67ade8d9c1e266bc2868183bbcf07fb6c66c2d45254a452272d54?d=identicon)[jadb](/maintainers/jadb) ![](https://www.gravatar.com/avatar/e31753bdd616948c7c8978ea9b5805378f75bfa62564e69c0aa2fd67aaf418c5?d=identicon)[ADmad](/maintainers/ADmad) --- Top Contributors [![ADmad](https://avatars.githubusercontent.com/u/142658?v=4)](https://github.com/ADmad "ADmad (42 commits)")[![josegonzalez](https://avatars.githubusercontent.com/u/65675?v=4)](https://github.com/josegonzalez "josegonzalez (16 commits)")[![jadb](https://avatars.githubusercontent.com/u/33527?v=4)](https://github.com/jadb "jadb (13 commits)")[![bravo-kernel](https://avatars.githubusercontent.com/u/230500?v=4)](https://github.com/bravo-kernel "bravo-kernel (3 commits)")[![AdrienLZ](https://avatars.githubusercontent.com/u/12743770?v=4)](https://github.com/AdrienLZ "AdrienLZ (1 commits)")[![arusinowski](https://avatars.githubusercontent.com/u/1587389?v=4)](https://github.com/arusinowski "arusinowski (1 commits)") --- Tags cakephphashobfuscatemuffin ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/muffin-obfuscate/health.svg) ``` [![Health](https://phpackages.com/badges/muffin-obfuscate/health.svg)](https://phpackages.com/packages/muffin-obfuscate) ``` ### Alternatives [hashids/hashids Generate short, unique, non-sequential ids (like YouTube and Bitly) from numbers 5.5k48.6M278](/packages/hashids-hashids)[muffin/trash Adds soft delete support to CakePHP ORM tables. 851.3M11](/packages/muffin-trash)[cakephp/utility CakePHP Utility classes such as Inflector, String, Hash, and Security 12027.1M63](/packages/cakephp-utility)[cakephp/migrations Database Migration plugin for CakePHP 13912.0M222](/packages/cakephp-migrations)[muffin/webservice Simplistic webservices for CakePHP 88191.0k13](/packages/muffin-webservice)[muffin/footprint CakePHP plugin to allow passing currently logged in user to model layer 95627.2k3](/packages/muffin-footprint) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)