Recommended usage of Authentication in ZF2

Hey, just looking at auth in ZF2 and not entirely sure what the best way to do it is. I've had a little look through ZfcUser but it looks extremely over-complicated right now to me.

I'm more after the actual concept of how this should be implemented rather than code.

I've already stolen the ZfcUser Controller and View plugin and got them working for checking if a user is logged in, within the controller and view. At the moment I'm storing only the User_ID in the session for that user.

At the moment at the top of every action that requires a user to be logged in, I'm pretty much doing:

if (!$this->ApplicationAuthentication()->hasIdentity()) {
    # Take player back to settlement
      return $this->redirect()->toRoute('home')
}

// Get user
$user = $this->userMapper->find($this->ApplicationAuthentication()->getIdentity()->id, new User());

getIdentity from ZfcUser pretty much looks does this:

return $this->getAuthService()->getIdentity();

But I was thinking, this getIdentity() function should actually return the user object and not just the ID, even though the ID should only be stored inside the session or where-ever its stored, rather than having to create the user object at the top of every action in every controller.

I guess I also plan to implement ACL at some point as well.

I've been using DI but so far I've only really used it to setup ZF2 and it doesn't really do anything... is this where I would create a user object and then pass it around my other Mapper Models when needed, after it's been created and populated?

Yeah, looking at ZfcUser and ZfcAcl really shows that I know nothing about ZF2 :/ I can't help but wonder... these tasks like authenticating users and checking if they have permission to view a page I would have thought would be covered by the framework easily, but in each of these 'vendor module things' there are about 30 seperate php files all cross-referencing one another for something I was expecting to be basic.

Thanks

I wouldn't store the user in the DiC (soon instanceManager instead of it). Instead, try always using the auth service. That ensures that at any point in time during the execution of your code you are always aware if there is or isn't an authenticated user (and that can change at execution time!).

On the other side, I really think you should put more effort in trying to learn ZfcUser, as it is a nice component and does what you're trying to do now (getting an user "entity" instead of it's id only).

Marco Pivetta

http://twitter.com/Ocramius     

http://marco-pivetta.com    

I'm using ZfcUser to Authenticate. Currently trying to tell if a user is logged in the layout.phtml file using ...

<? if ($this->zfcUserAuthentication()->hasIdentity()): ?>

But ZF can't find zfcUserAuthentication.  I'm guessing I need to add a path to the application config file?

I've been having a similar problem.  I believe that I have the zfcUser module hooked up correctly, but when I try, in my layout, to access the zfcUserIdentity() helper, I get the following error:
Fatal error: Call to a member function hasIdentity() on a non-object.

It appears that something goofy is happening in the zfcUser Module.php file's getServiceConfiguration() method.  That is, the closures that are used to build the various components are not working correctly.  Whether this is because of my wiring or the code itself, I don't know.

It looks like it gets into the factory for zfcUserIdentity, but then it requests zfcuser_auth_service, at which point it jumps down to building zfcuser_auth_service.  It is failing in the $authService-setStorage() call, which may be in the $sm->get() call, which is passed in to the former.

Does anyone have any idea what I may be doing incorrectly?  Let me know if I can provide any details that might be helpful.

Thanks.

On Wed, May 30, 2012 at 1:12 PM, travis <[hidden email]> wrote:
Interesting -- I'll try to check into this later today.

--
Evan Coury

--
List: [hidden email]
Info: http://framework.zend.com/archives
Unsubscribe: [hidden email]

Thanks.  I BELIEVE I've got things set up correctly and, in fact, had been successfully using it up until about a month ago.  I wasn't able to do much for a few weeks, but with the latest zf2 beta release, I have been working with it again.

I forgot to mention that I used composer over the weekend to get zfcUser, so I believe I have code from this weekend, but I may be missing any changes from the last several days.

Evan,

I'm almost certain there was a wiring problem on my end.  Once I got a lot of the zf2 wiring issues ironed out, I brought back in the zfcUserIdentity usage and it works like a champ.

Thanks.