ZF2: correct implementation of Zend\Authentication

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

ZF2: correct implementation of Zend\Authentication

Nathan Garlington
I am trying to incorporate an authentication system into my ZF2
application. The entire application, except for the LoginController
obviously, would require an authenticated user to view. I am trying to
figure out the most central location to place
$authenticationService->hasIdentity() in order to check for a valid
identity in storage. I would rather not have to do this explicitly in
each controller. I was thinking of placing this in the initPost()
method within Module.php, but am not sure how to modify the response
from within Module.php so that the user is directed to the login
controller, or whether in fact that is the "correct" way to do it in
the ZF2 paradigm.

Any advice would be appreciated!

--regards,
nathan

--
List: [hidden email]
Info: http://framework.zend.com/archives
Unsubscribe: [hidden email]


--regards, Nathan Garlington Zend Framework + Dojo http://www.tandrtrailer.com
Reply | Threaded
Open this post in threaded view
|

Re: ZF2: correct implementation of Zend\Authentication

weierophinney
Administrator
-- Nathan Garlington <[hidden email]> wrote
(on Friday, 18 November 2011, 11:39 AM -0700):

> I am trying to incorporate an authentication system into my ZF2
> application. The entire application, except for the LoginController
> obviously, would require an authenticated user to view. I am trying to
> figure out the most central location to place
> $authenticationService->hasIdentity() in order to check for a valid
> identity in storage. I would rather not have to do this explicitly in
> each controller. I was thinking of placing this in the initPost()
> method within Module.php, but am not sure how to modify the response
> from within Module.php so that the user is directed to the login
> controller, or whether in fact that is the "correct" way to do it in
> the ZF2 paradigm.
>
> Any advice would be appreciated!

Create a listener, and attach it to the dispatch event with a high
priority. If authentication fails, create a redirect response to your
login page, and return that response object from the listener.

I've done similarly:

  * http://git.mwop.net/?a=viewblob&p=zf2sandbox&h=7d68d976a1b9c02beee29436df92b51acb08a8f6&hb=b4e5b66f477b1129657851b99de890d3e2a7ddfa&f=modules/Authentication/src/Authentication/AuthenticationListener.php

--
Matthew Weier O'Phinney
Project Lead            | [hidden email]
Zend Framework          | http://framework.zend.com/
PGP key: http://framework.zend.com/zf-matthew-pgp-key.asc

--
List: [hidden email]
Info: http://framework.zend.com/archives
Unsubscribe: [hidden email]


Reply | Threaded
Open this post in threaded view
|

Re: ZF2: correct implementation of Zend\Authentication

Nathan Garlington
Awesome Matthew, thank you! I was thinking of using a listener, but
was unsure how to implement it. Thanks for the advice.

--regards,
nathan



On Fri, Nov 18, 2011 at 11:50 AM, Matthew Weier O'Phinney
<[hidden email]> wrote:

> -- Nathan Garlington <[hidden email]> wrote
> (on Friday, 18 November 2011, 11:39 AM -0700):
>> I am trying to incorporate an authentication system into my ZF2
>> application. The entire application, except for the LoginController
>> obviously, would require an authenticated user to view. I am trying to
>> figure out the most central location to place
>> $authenticationService->hasIdentity() in order to check for a valid
>> identity in storage. I would rather not have to do this explicitly in
>> each controller. I was thinking of placing this in the initPost()
>> method within Module.php, but am not sure how to modify the response
>> from within Module.php so that the user is directed to the login
>> controller, or whether in fact that is the "correct" way to do it in
>> the ZF2 paradigm.
>>
>> Any advice would be appreciated!
>
> Create a listener, and attach it to the dispatch event with a high
> priority. If authentication fails, create a redirect response to your
> login page, and return that response object from the listener.
>
> I've done similarly:
>
>  * http://git.mwop.net/?a=viewblob&p=zf2sandbox&h=7d68d976a1b9c02beee29436df92b51acb08a8f6&hb=b4e5b66f477b1129657851b99de890d3e2a7ddfa&f=modules/Authentication/src/Authentication/AuthenticationListener.php
>
> --
> Matthew Weier O'Phinney
> Project Lead            | [hidden email]
> Zend Framework          | http://framework.zend.com/
> PGP key: http://framework.zend.com/zf-matthew-pgp-key.asc
>
> --
> List: [hidden email]
> Info: http://framework.zend.com/archives
> Unsubscribe: [hidden email]
>
>
>

--
List: [hidden email]
Info: http://framework.zend.com/archives
Unsubscribe: [hidden email]


--regards, Nathan Garlington Zend Framework + Dojo http://www.tandrtrailer.com
MGP
Reply | Threaded
Open this post in threaded view
|

Re: ZF2: correct implementation of Zend\Authentication

MGP
This post has NOT been accepted by the mailing list yet.
In reply to this post by weierophinney
Is there a new way, or simple way, to achieve this in recent RC?
I'm having trouble replicating this concept to create a very basic auth.