In MVC architecture, where should password encryption take place

The only time you need to perform this function is when adding a new user or updating the password for an existing user. Both of these functions should be performed by the User model. For example, something like:

$user = new User();$user->setName('...');$user->setPassword('...');$user->save();

or:

$user = User::find('...');$user->setPassword('...');$user->save();

In this example, the setPassword() method would do the actual encryption.

Also, think of it this way -- it shouldn't be possible to get an unencrypted password into the system. So, you make the User model the only way to interact with users, and have it transparently encrypt all passwords given to it.

It all depends on how you store your passwords.

I usually do:

1. Create a user with the password field set to nothing (not null).
2. Insert the user into the database, thus generating the new UserID.
3. Use the newly inserted UserID, plus some extra salt to generate the Password and store.

If you didn't used the UserID or a runtime generated (i.e. on insert) salt, then you can insert and encrypt the password at the same time.

Edit...

Sorry, I've inherited your use of Encrypt, however for a password, you "should" only ever HASH a password.

A simple example is:

md5(md5(UserID).md5('Password'))

Then, when the user types in their email/username and password, you simply need to so:

select * from User where Username = 'myusername' and Password = md5(concat(md5(UserID), md5('Password')))

instead of decrypting the password.