I want to avoid this problem as so:
1. When the user logs in we only store his user ID in a Zend_Auth session
2. On each request we fetch the user's details from the database in a preDispatch() hook, using the user ID which was stored upon login in the Zend_Auth session:
- Code: Select all
class Plugin_Auth extends Zend_Controller_Plugin_Abstract
{
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
if ($auth->hasIdentity())
{
$id = $auth->getIdentity()->id;
$userModel = new Model_User();
$user = $userModel->fetchOne($id);
// Where do I store this user object ???
}
}
}
Now where do i store this User object? I think we shouldn't use sessions for this, since the goal of sessions is to persist data. There's no need for persistence though, since we re-fetch the data from the database on each request. Only the user ID must be persistent. Would storing the User object in Zend_Registry be an option here?