Where would you hash the passwords?
pedrambehroozi opened this issue · comments
Pedram commented
Hi,
I just started learning DDD and Hexagonal architecture. The code here is very interesting and I'm learning from it a lot, so thanks for that :)
I just have one question. Where would you hash passwords?
I noticed the code for comparing password is inside CodelyTv\Backoffice\Auth\Domain\AuthPassword
class. Is this the right place to hash the passwords before they would be persisted?
Rafa Gómez commented
Hey!
Nope. In "production" systems we could have something like:
final class UserRegistrator
{
private UserPasswordHasher $hasher;
private UserRepository $repository;
public function __construct(UserPasswordHasher $hasher, UserRepository $repository)
{
$this->hasher = $hasher;
$this->repository = $repository;
}
public function register(UserUsername $username, UserPassword $password): void
{
$this->ensureUserIsNotAlreadyRegistered($username);
$hashedPassword = $this->hasher->hash($password);
$user = User::create($username, $hashedPassword);
$this->repository->save($user);
// Publish registered event
}
// ...
Hope it helps! :)