开发者

Encrypting user input in ASP.NET MVC2

开发者 https://www.devze.com 2023-01-20 14:57 出处：网络

I\'m building a form that will allow my site\'s users to set a secret question and answer. I\'m using NHibernate to persist my model to our database.

相关专题：asp.net asp.net-mvc nhibernate

I'm building a form that will allow my site's users to set a secret question and answer. I'm using NHibernate to persist my model to our database.

public class User {
    public string Question { get; set; }
    public string Answer { get; set; }
}

I want to encrypt the input from the user before storing it in the database. My first thought was to use a backing field for both properties and perform the encryption or decryption in the getter and setters, but this开发者_如何学C felt like I was violating SoC.

Is there a better place to transform the data?

You could write a custom model binder for the User class which will encrypt the input values and directly provide an instance of the User class with encrypted values to the controller action.

This encryption could also be performed inside the controller action which is handling the submission of the form.

You can use this to have NHibernate do it transparently when persisting.