Hiding Fields When Querying Laravel Eloquent Models

Introduction

When using Laravel’s Eloquent to get data back from our database, sometimes we don’t want to get certain information out of that call.

There are a few scenarios where this would be wanted. For instance, we don’t want to get a password (hopefully hashed) out of our database and display that to users.

To Hide an Attribute

Hiding an attribute is a simple process. All the work is done when defining your Eloquent model.

    <?php
    
    class User extends Eloquent {
    
         protected $hidden = array('password', 'token');
    
    }

Just like that, you won’t have those fields come through when accessing your Eloquent models.

    <?php
    
    Route::get('users', function() {
         return User::all()->toArray();
    });

Now the above code won’t show off our secret password or token information. You probably wouldn’t do the above code anyway, but it is just a good precaution to make sure that passwords don’t accidentally get spit out to users in any way.

Conclusion

Continue your learning with A Guide to Using Eloquent ORM in Laravel.