authentication and the EventManager: best place to test if user is logged in

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

authentication and the EventManager: best place to test if user is logged in

David Mintz-3
I am just getting started with ZF2 (now that people are talking about ZF3
(-: ) and wondering what the recommended practice is in the following case.
I have a module where I want to require the user be logged in to access any
controller/action under this module, otherwise redirect to a login page (in
another module).

I have experimented with attaching a listener to the 'dispatch' event in my
Module.php's onBootstrap method. Something like :

public function onBootstrap(MvcEvent $e)
    {
       /* .......*/

       $eventManager->attach('dispatch', function() use ($e,
$authenticated) {

            if (! $authenticated) {
                $target = $e->getTarget();
                if ($target instanceof
\Zend\Mvc\Controller\AbstractActionController) {
                    if ( 0 === strpos(get_class($target),'MyModule')) {
                        $target->redirect()->toRoute('login');
                    }
            }
    }

Is this basically the right approach? Or is there a better way to go at
this?

Thanks.

--
David Mintz
http://davidmintz.org/
Human needs before private profit:
http://socialequality.com/
Reply | Threaded
Open this post in threaded view
|

RE: authentication and the EventManager: best place to testif user is logged in

latterd
From my perspective this is the most common approach we take to handle this scenario. I would say you should prob define your callback method as a class method defined on the Module class, but that's purely subjective otherwise I see nothing wrong with this approach.

 Another main point is you should always try to write loosely coupled and dependant free code, this way it doesn't matter which framework you use.

A framework is just a framework - tools to help you. Its much more important to understand software engineering as a whole, rather than learn a framework.

Best,
Daniel

-----Original Message-----
From: "David Mintz" <[hidden email]>
Sent: ‎16/‎07/‎2015 23:06
To: "lists lists" <[hidden email]>
Subject: [fw-general] authentication and the EventManager: best place to testif user is logged in

I am just getting started with ZF2 (now that people are talking about ZF3
(-: ) and wondering what the recommended practice is in the following case.
I have a module where I want to require the user be logged in to access any
controller/action under this module, otherwise redirect to a login page (in
another module).

I have experimented with attaching a listener to the 'dispatch' event in my
Module.php's onBootstrap method. Something like :

public function onBootstrap(MvcEvent $e)
    {
       /* .......*/

       $eventManager->attach('dispatch', function() use ($e,
$authenticated) {

            if (! $authenticated) {
                $target = $e->getTarget();
                if ($target instanceof
\Zend\Mvc\Controller\AbstractActionController) {
                    if ( 0 === strpos(get_class($target),'MyModule')) {
                        $target->redirect()->toRoute('login');
                    }
            }
    }

Is this basically the right approach? Or is there a better way to go at
this?

Thanks.

--
David Mintz
http://davidmintz.org/
Human needs before private profit:
http://socialequality.com/
Reply | Threaded
Open this post in threaded view
|

Re: authentication and the EventManager: best place to test if user is logged in

jeremiah
In reply to this post by David Mintz-3
Maybe you want to roll your own as a practice exercise, but if not, I suggest you take a good look at BjyAuthorize. It's basically a module implementation of Acl.

Jeremiah

> On Jul 16, 2015, at 3:06 PM, David Mintz <[hidden email]> wrote:
>
> I am just getting started with ZF2 (now that people are talking about ZF3
> (-: ) and wondering what the recommended practice is in the following case.
> I have a module where I want to require the user be logged in to access any
> controller/action under this module, otherwise redirect to a login page (in
> another module).
>
> I have experimented with attaching a listener to the 'dispatch' event in my
> Module.php's onBootstrap method. Something like :
>
> public function onBootstrap(MvcEvent $e)
>    {
>       /* .......*/
>
>       $eventManager->attach('dispatch', function() use ($e,
> $authenticated) {
>
>            if (! $authenticated) {
>                $target = $e->getTarget();
>                if ($target instanceof
> \Zend\Mvc\Controller\AbstractActionController) {
>                    if ( 0 === strpos(get_class($target),'MyModule')) {
>                        $target->redirect()->toRoute('login');
>                    }
>            }
>    }
>
> Is this basically the right approach? Or is there a better way to go at
> this?
>
> Thanks.
>
> --
> David Mintz
> http://davidmintz.org/
> Human needs before private profit:
> http://socialequality.com/

--
List: [hidden email]
Info: http://framework.zend.com/archives
Unsubscribe: [hidden email]


Reply | Threaded
Open this post in threaded view
|

Re: authentication and the EventManager: best place to test if user is logged in

David Mintz-3
Right now I am still considering all that -- what if any 3rd party modules
to use -- and just scribbling and learning my way around. Experience has
taught me that it's good to say "first I am just gonna play with this, then
try to do productive work" rather than "I am gonna learn x and y and z at
the same time I build this project."  It's tempting to roll my own for the
exercise (meaning, use ZF components directly), but BjyAuthorize also looks
really tempting.

On Fri, Jul 17, 2015 at 2:08 AM, Jeremiah Small <[hidden email]> wrote:

> Maybe you want to roll your own as a practice exercise, but if not, I
> suggest you take a good look at BjyAuthorize. It's basically a module
> implementation of Acl.
> [...]
>



--
David Mintz
http://davidmintz.org/
Human needs before private profit:
http://socialequality.com/