I am working on a web application which requires the user to login before they see or do anything. No part of this app should be accessible without being logged in. (Except of course, the login controller)
Currently I am using sessions to handle the authentication and I have put code in each controller in the init() function to check if their session is valid.
This was a temporary workaround, but it is redundant and inefficient.
I would like my init() function to be similar to the following, but I am not sure how to achieve it:
public function init()
{
// If user not logged in redirect to login controller
$myLibrary = Zend_Library_MyLibrary();
$myLibrary->CheckAuth();
}
So my question really has two parts:
- Where is the best place to store code that will be used in multiple controllers?
- How do I then call that function from a controller?
Thanks.
Code that is reused across multiple controllers is best placed into an ActionHelper. However, for your case, I suggest to write a Controller plugin. Those hook into the Dispatch process at various stages:
The above assumes you are using
Zend_Authto authenticate and manage your user identities.You want a plugin over a helper, because checking if the user is logged in should happen automatically, without you having to call a
checkAuth()method somewhere. Of course, nothing stops you to add an ActionHelper too, e.g.Once you registered your helper in the bootstrap, you could use it in every controller to check if the user is already authenticated:
Also see these tutorials: