Is there any way to create a signed URL in Laravel(9.x) without appending the data as GET-parameter to the URL?
E.G.:
echo \URL::signedRoute('testpage', ['email' => 'test@test.com']);
results into:
http://localhost:8000/testpage?email=test%40test.com&signature=c845052c0301980b75ad02d6d151e3ea8275f1e1b977c148aa7f423505d99470
What I want to achieve (URL with only signature as parameter):
http://localhost:8000/testpage?signature=c845052c0301980b75ad02d6d151e3ea8275f1e1b977c148aa7f423505d99470
Some users might think it's weird to see their clear e-mail-address in a URL, and it could be a privacy issue.
Signature is a hash not an encryption, you can't extract data from it, just compare it to the content.
You can either use their ID, wouldn't make much sense to them
echo \URL::signedRoute('testpage', ['subject' => $user->id]);
or encode the data
echo \URL::signedRoute('testpage', ['email' => \Illuminate\Support\Facades\Crypt::encryptString('test@test.com')]);
and decrypt it when needed
$email = \Illuminate\Support\Facades\Crypt::decryptString($email);
But if you go with encryption, the signature is no longer needed.