Zend authentication examples

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Zend authentication examples

Postby alex.barylski » Fri Jul 04, 2008 3:09 am

I've looked at Magento but I don't have the time or patience to make sense out of it's use of Zend. Seems they have their own framework wrapped around Zend called Mage which is just creating additional indirection for me to struggle with.

Anyways, I'm curious to see how others implement authentication (maybe authorization as well) while using Zend.

1. Submit login FORM to login controller -- which then redirects/forwards you to a dashboard

This much is pretty obvious but during this action I assume you also store a SESSION value indicating access levels (ACL) or userid indicating basic authorization?

The next page refresh, where do you check this SESSION value to determine whether you should redirect to login screen or not?

Obviously this should be centralized as it doesn't make sense to check for a basic SESSION in each controller invoked. Likewise, what about advanced authroization? Do you check permissions/roles/whatever inside each action for really fine grained access control?

I'd like to see a clean cut, simple example of a Zend controller action or two which demonstrates what a typical action might look like when generating a full fledged view for an application, like say phpBB.
alex.barylski
DevNet Evangelist
 
Posts: 6259
Joined: Tue Dec 21, 2004 6:00 pm
Location: Winnipeg

Re: Zend authentication examples

Postby John Cartwright » Fri Jul 04, 2008 3:25 am

Hockey wrote:I've looked at Magento but I don't have the time or patience to make sense out of it's use of Zend. Seems they have their own framework wrapped around Zend called Mage which is just creating additional indirection for me to struggle with.

Anyways, I'm curious to see how others implement authentication (maybe authorization as well) while using Zend.

1. Submit login FORM to login controller -- which then redirects/forwards you to a dashboard

This much is pretty obvious but during this action I assume you also store a SESSION value indicating access levels (ACL) or userid indicating basic authorization?

The next page refresh, where do you check this SESSION value to determine whether you should redirect to login screen or not?

Obviously this should be centralized as it doesn't make sense to check for a basic SESSION in each controller invoked. Likewise, what about advanced authroization? Do you check permissions/roles/whatever inside each action for really fine grained access control?

I'd like to see a clean cut, simple example of a Zend controller action or two which demonstrates what a typical action might look like when generating a full fledged view for an application, like say phpBB.


If your going the ACL route, I wrote plugin awhile back that I never really got around to finishing/implementing.

viewtopic.php?f=19&t=66427&p=374049#p374049
Code: Select all
if ($toBe || $notToBe) echo 'That is the question'; 

NEW HERE?: Please read the Forum Rules, and take the Forum Tour before posting!
User avatar
John Cartwright
Site Admin
 
Posts: 11470
Joined: Tue Dec 23, 2003 3:10 am
Location: Toronto

Re: Zend authentication examples

Postby Maugrim_The_Reaper » Fri Jul 04, 2008 6:21 am

My blog has a series of tutorial level posts on various ZF subjects - all were written within a real development process (me, writing a replacement blog I can hack on without dealing with the procedural crap plaguing the usual blogging platforms).

There's a really simple login/ACL example in there somewhere.
Pádraic Brady

http://blog.astrumfutura.com
http://www.survivethedeepend.com
Zend Framework Community Review Team
Zend Framework PHP-FIG Representative
User avatar
Maugrim_The_Reaper
DevNet Master
 
Posts: 2704
Joined: Tue Nov 02, 2004 6:43 am
Location: Ireland


Return to PHP - Theory and Design

Who is online

Users browsing this forum: No registered users and 1 guest