Hiding Fields When Querying Laravel Eloquent Models

Chris Sevilleja
👁️ 15,811 views
💬 comments

When using Laravel's Eloquent to get data back from our database, sometimes we don't want to get certain information out of that call.

Why Would We Hide Attributes?

There are a few scenarios where this would be wanted. For instance, we don't want to get a password (hopefully hashed) out of our database and display that to users.

To Hide an Attribute

Hiding an attribute is a simple process. All the work is done when defining your Eloquent model.

Table of Contents

    <?php
    
    class User extends Eloquent {
    
         protected $hidden = array('password', 'token');
    
    }

    Just like that, you won't have those fields come through when accessing your Eloquent models.

    <?php
    
    Route::get('users', function() {
         return User::all()->toArray();
    });

    Now the above code won't show off our secret password or token information. You probably wouldn't do the above code anyway, but it is just a good precaution to make sure that passwords don't accidentally get spit out to users in any way.

    Further Reading: A Guide to Using Eloquent ORM in Laravel

    Chris Sevilleja

    173 posts

    Founder of Scotch.io. Google Developer Expert in Web Technologies. Slapping the keyboard until something good happens.