1

Looking at this particular question and answer on MVC, I got stuck on the part that says: "part of the authentication process, it should happen right after the $serviceFactory was created (the check-if-logged-in part)". Can someone explain how is that going to be implemented in the bootstrap file, how do I know what to do with the user in the bootstrap file?

Community
  • 1
  • 1
Darko
  • 355
  • 3
  • 17
  • 2
    [This](http://stackoverflow.com/a/9685039/727208) might explain it. Basically, you would authenticate before your code hits the "MVC code", **IF** you want to restrict access to parts of your application using decorator-based access control. – tereško Mar 12 '14 at 22:13
  • 1
    @tereško Thanks for pointing this answer, it is very helpful. What would be, in your opinion, the proper way for creating a user object (which will be sent to the acl), since you're saying to authenticate before the code hits the "mvc code"? – Darko Mar 13 '14 at 00:23
  • 3
    Well ... look at it this way: when could you be able to recognize a user, before calling controller? Only if you have already an authenticated session (either through tokens in cookies or value in `$_SESSION`). Since both cookies and session are form of storage, you can access them easily via model layer. *I hope that clears it up .. I am trying to avoid writing a "real answer" :)* – tereško Mar 13 '14 at 05:53
  • I absolutely understand that part, but by "the proper way" I meant whether it is correct to access services via bootstrap file. Thanks anyway. – Darko Mar 13 '14 at 13:19
  • @tereško should `isLoggedIn()` be in it's own class or in `User` class? – Jo Smo Aug 14 '14 at 09:15

0 Answers0