Encrypting user input in ASP.NET MVC2
I'm building a form that will allow my site's users to set a secret question and answer. I'm using NHibernate to persist my model to our database.
public class User {
public string Question { get; set; }
public string Answer { get; set; }
}
I want to encrypt the input from the user before storing it in the database. My first thought was to use a backing field for both properties and perform the encryption or decryption in the getter and setters, but this开发者_如何学C felt like I was violating SoC.
Is there a better place to transform the data?
You could write a custom model binder for the User
class which will encrypt the input values and directly provide an instance of the User class with encrypted values to the controller action.
This encryption could also be performed inside the controller action which is handling the submission of the form.
You can use this to have NHibernate do it transparently when persisting.
精彩评论