2

In my User class I have the password which is SecureString. To save the password, I have added the UserPassword property.

Sample code:

internal partial class User
{
    public string ID { get; set; }

    private string _password;
    public SecureString Password 
    {
        set { _password = SomePasswordHashing(value.ToString); }
    }

    public string UserPassword 
    {
        get { return _password; }
        set { _password = value; }
    }
}

For the saving/retrieving of the UserPassword, does this property need to be public?

Is there a way not to load a UserPassword property (for instance when searching for the users, I would want to exclude loading all users' passwords)?

Improve this question

1 Answer 1

Reset to default
2

For the saving/retrieving of the UserPassword, does this property need to be public?

Yes. EF-Code first needs properties to be public.

Is there a way not to load a UserPassword property (for instance when searching for the users, I would want to exclude loading all users' passwords)?

You can transform the results when searching to exclude passwords

var users = db.Users.Where(/* */).Select(u => new User{Name = u.Name});

Or use a DTO class which does not have a password property and return the DTO classes instead of the model object.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thank you for the answer, I was hoping that you might give me different answer to the first question (public properties), although I have tried making properties private (and it did not work). Suggestion to use DTO class is really interesting, I'll try it that way.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.