I'm trying to figure out the best place to hash my password for Authentication in my architecture. This is my request flow:
MVC3->MembershipProvider->AccountService->UserRepository->NHibernate->Database
I'm torn between hashing at the service level vs the repository level. I'm seeing advantages to both, but does anyone know the standard place to take care of this? I'm storing the hash password in the database.
If we are talking strictly DDD (Domain Driven Design), then the password hashing should be handled by the User (Domain Entity or Aggregate Root). Pass the user input (password) from controller down to AccountService, have AccountService load/create new user and call a method on user that will hash password. if you need an example, take a look at this url: Example of User in MVC3 app