Reputation: 1050
Zend Framework 2 Authentication
I have a conceptual question. Working on a site for a client. Very simple site. Kind of a mini CMS, almost every section is database driven. My thought is rather than having the main site and then a separate section for editing, I would check for authentication and have the admin user edit the section directly.
My question is, where should that authentication happen? Is it possible/efficient to check from the controller? Or should I check it at the module?
I am using zfcUser (if that makes any difference)
Thanks
Upvotes: 0
Views: 798
Answers (1)
Reputation: 13558
You should have two routes. One to get the page and all the sections with content from the database. Another route should be created for updating the content.
When you have two routes, you have probably also two actions. And perhaps even two controllers. With Zend\Permission\Acl or Zend\Permission\Rbac you can "protect" the one route, or action, or controller where you update the content.
If you want an easier integration of ZfcUser and ACL, use BjyAuthorize. If you prefer to use RBAC, you are better off with ZfcRbac.
Upvotes: 1
Related Questions
- Authenticationservice in Zend framework 3
- Authentication in zend framework 2
- ZF2 Authentication
- user authentication with zend framework 2
- zend framework2 proper way to basic login authentication
- Authentication using Zend Auth whitout password
- Zend 2.2 trouble for HTTP Authentication
- zend framework 2 AuthenticationService
- ZEND Authentication FAILS
- Zend Framework User Authentication