Home/ Questions/Q 8927203
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-15T08:09:57+00:00

I use Zend_Auth to authenticate users and then store their details in the default

  • 0

I use Zend_Auth to authenticate users and then store their details in the default Zend_Auth session. This means that when a user edits his details, these changes won’t be reflected in the application until he re-authenticates.

I want to avoid this problem as so:

  1. When the user logs in we only store his user ID in a Zend_Auth session

  2. On each request we fetch the user’s details from the database in a preDispatch() hook, using the user ID which was stored upon login in the Zend_Auth session:

    class Plugin_Auth extends Zend_Controller_Plugin_Abstract
{

    public function preDispatch(Zend_Controller_Request_Abstract $request)
    {
        if ($auth->hasIdentity())
        {
            $id = $auth->getIdentity()->id;

            $userModel = new Model_User();

            $user = $userModel->fetchOne($id);

            // Where do I store this user object ???
        }

    }
}

  3. The problem is: where do i store this User object? I think we shouldn’t use sessions for this, since the goal of sessions is to persist data. There’s no need for persistence though, since we re-fetch the data from the database on each request. Only the user ID must be persistent. Would storing the User object in Zend_Registry be an option here?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Use Zend_Session_Namespace to store the object. It can be as temporary or permanent as you wish to make it.

    Zend_Auth already uses this in the background as it’s default storage mechanism using the namespace of Zend_Auth.

    class Plugin_Auth extends Zend_Controller_Plugin_Abstract
{
    public function preDispatch(Zend_Controller_Request_Abstract $request)
    {
        $session = new Zend_Session_Namespace('user');//instantiate session namespace
        if ($auth->hasIdentity())
        {
            $id = $auth->getIdentity()->id;

            $userModel = new Model_User();

            $user = $userModel->fetchOne($id);

            $session->user = $user;//store the object can be recalled anywhere
        }
    }
}

    Of course Zend_Registry will work as well and as always the choice is yours. You may even find it appropriate to build this functionality into your auth adapter.

    • 0