LARAVEL Payload is invalid error but decrypted data is correct

180doman picture 180doman · Jan 31, 2018 · Viewed 16.4k times · Source

Recently i made new project with composer and added very basic authentication with make:auth - nothing fancy.

Next i wanted to encrypt name and email columns on my database so i changed their types from VARCHAR(191) to LONGTEXT and added some very basic mutators to Users model

public function setNameAttribute($value) {
    $this->attributes['name'] = Crypt::encryptString($value);
}

public function getNameAttribute($value) {
    return Crypt::decryptString($value);
}

public function setEmailAttribute($value) {
    $this->attributes['email'] = Crypt::encryptString($value);
}

public function getEmailAttribute($value) {
    return Crypt::decryptString($value);
}

But when im testing with my very simple route i get Payload is invalid error even though i see in error contents that fields has been decrypted properly.

Route::get('user',function(){
$user= \App\User::find(3);
//dd($user->name);
dd(Crypt::decryptString($user->name));
dd(Crypt::decryptString($user->email));

});

Screenshot link https://ibb.co/deBPpR

Answer

Sapnesh Naik picture Sapnesh Naik · Jan 31, 2018

The error is because you are calling Crypt::decryptString on an already mutated (and decrypted) name property. i.e your getNameAttribute decrypts the encrypted string and when you call

Crypt::decryptString($user->name); // this is causing the error

You basically pass a decrypted string for decryption again.

Just do:

echo $user->name;

and you will get the decrypted name.

If you really want to see the raw value then use:

echo $user->getOriginal('name'); //get original value from DB bypassing the accessor