PHPackages nawasara/vault - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. nawasara/vault ActiveLibrary[Security](/categories/security) nawasara/vault ============== Encrypted credential management for the Nawasara superapp framework — service groups, multi-instance support, access log, and one-click test connection. v0.1.2(4w ago)0459MITPHPPHP ^8.1 Since May 8Pushed 4w agoCompare [ Source](https://github.com/nawasara/vault)[ Packagist](https://packagist.org/packages/nawasara/vault)[ RSS](/packages/nawasara-vault/feed)WikiDiscussions main Synced 1w ago READMEChangelogDependencies (5)Versions (4)Used By (9) Nawasara Vault ============== [](#nawasara-vault) Encrypted credential management for the Nawasara superapp framework. Every service package (Cloudflare, WHM, Keycloak, SMTP, etc.) reads its credentials from this single place at runtime, rotates without redeploy, and gets a complete access log for audit. Features -------- [](#features) - **Service groups** — declarative group-of-fields registration via `config/nawasara-vault.php`. Each service contributes its own group with the fields it needs (host, token, password, etc.) - **Multi-instance** — flag `multi_instance => true` on a group to manage many credential sets per service (e.g. multiple WHM servers, multiple Cloudflare accounts) - **Optional fields** — `optional => true` on a field exempts it from the "complete" check so the group can still be marked configured without it - **Field types** — `text`, `password`, `select`, `textarea` (multi-line for PEM keys, etc.) - **Encryption at rest** — values stored encrypted via Laravel's built-in encrypter, decrypted on read - **Access log** — every read / write / delete of a credential is recorded with user, action, and timestamp - **One-click test connection** — declare `'test' => Service@method` on a group; the credential dropdown shows a Test Connection button that calls your handler and surfaces the result as a toast Installation ------------ [](#installation) ``` composer require nawasara/vault php artisan migrate php artisan db:seed --class="Nawasara\Vault\Database\Seeders\PermissionSeeder" --force ``` Auto-discovered. The `Vault` facade is registered as an alias. Declaring a service group ------------------------- [](#declaring-a-service-group) ``` // config/nawasara-vault.php 'groups' => [ 'cloudflare' => [ 'label' => 'Cloudflare', 'icon' => 'lucide-cloud', 'test' => \Nawasara\Cloudflare\Services\CloudflareClient::class.'@testConnection', 'fields' => [ 'api_token' => ['label' => 'API Token', 'type' => 'password'], 'account_id' => ['label' => 'Account ID', 'type' => 'text'], ], ], 'whm' => [ 'label' => 'WHM / cPanel', 'icon' => 'lucide-hard-drive', 'multi_instance' => true, 'test' => \Nawasara\Whm\Services\WhmClient::class.'@testConnection', 'fields' => [ 'host' => ['label' => 'Host', 'type' => 'text'], 'username' => ['label' => 'Username', 'type' => 'text'], 'api_token' => ['label' => 'API Token', 'type' => 'password'], 'role' => ['label' => 'Role', 'type' => 'select', 'options' => [ 'hosting' => 'Hosting', 'mail' => 'Mail', 'both' => 'Both', ]], 'ssh_key' => ['label' => 'SSH Key (PEM)', 'type' => 'textarea', 'optional' => true], ], ], ], ``` Reading credentials at runtime ------------------------------ [](#reading-credentials-at-runtime) ``` use Nawasara\Vault\Facades\Vault; // Single instance $token = Vault::get('cloudflare', 'api_token'); // Multi-instance $host = Vault::get('whm', 'host', 'WHM-Ryder'); // Boolean checks Vault::has('cloudflare', 'api_token'); Vault::isConfigured('cloudflare'); // every required field has a value Vault::isConfigured('whm', 'WHM-Ryder'); // List instances of a multi-instance group Vault::instances('whm'); // ['WHM-Ryder', 'WHM-30', …] // Programmatic write (rare — usually done through the UI) Vault::set('cloudflare', 'api_token', $secret); Vault::delete('cloudflare', 'api_token'); ``` Test connection contract ------------------------ [](#test-connection-contract) A group's `test` handler receives `?string $instance = null` and should return: ``` public function testConnection(?string $instance = null): array { return [ 'success' => true, 'message' => 'Connected. Listed 12 items.', ]; } ``` The credential UI calls the handler and shows the message as a green/red toast. Pages ----- [](#pages) RoutePermission`/nawasara-vault/credentials``vault.credential.view``/nawasara-vault/access-logs``vault.access-log.view`Permissions ----------- [](#permissions) PermissionDescription`vault.credential.view`View credential list and individual fields`vault.credential.manage`Create / edit / delete credentials and instances`vault.credential.reveal`Reveal a masked credential value`vault.access-log.view`View the access logAuthor ------ [](#author) **Pringgo J. Saputro** <> License ------- [](#license) MIT ### Health Score 39 — LowBetter than 84% of packages Maintenance94 Actively maintained with recent releases Popularity11 Limited adoption so far Community15 Small or concentrated contributor base Maturity34 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~1 days Total 3 Last Release 29d ago ### Community Maintainers ![](https://avatars.githubusercontent.com/u/16914951?v=4)[Pringgo J. Saputro](/maintainers/pringgojs)[@pringgojs](https://github.com/pringgojs) ![](https://www.gravatar.com/avatar/edcf770bde3babcc9fa554e305e361b8614c1e505470e75842de75ea3e502548?d=identicon)[nawasara](/maintainers/nawasara) --- Top Contributors [![pringgojs](https://avatars.githubusercontent.com/u/16914951?v=4)](https://github.com/pringgojs "pringgojs (32 commits)") --- Tags laravelencryptionAuditvaultsecretscredentialsNawasara ### Embed Badge ![Health badge](/badges/nawasara-vault/health.svg) ``` [![Health](https://phpackages.com/badges/nawasara-vault/health.svg)](https://phpackages.com/packages/nawasara-vault) ``` ### Alternatives [nasirkhan/laravel-starter A CMS like modular Laravel starter project. 1.4k2.7k](/packages/nasirkhan-laravel-starter)[venturedrake/laravel-crm A free open source CRM built as a package for laravel projects 39910.0k](/packages/venturedrake-laravel-crm)[fleetbase/core-api Core Framework and Resources for Fleetbase API 1232.2k16](/packages/fleetbase-core-api)[tomshaw/electricgrid A feature-rich Livewire package designed for projects that require dynamic, interactive data tables. 119.2k](/packages/tomshaw-electricgrid) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)