Solved thread

This post is marked as solved. If you think the information contained on this thread must be part of the official documentation, please contribute submitting a pull request to its repository.

How can I create the Auth in Phalcon better? Give me some advice, please.

Hello all! There are a lot of authentication (auth) realizations for Phalcon in the official (for example, Vocuro and INVO) and the non-official repositories on Github. And all of them made different. For example, some use the ACL component, ohtes don't use it and may be use the Dispatcher. The implementation of Auth in the Vokuro (Auth Component) is very different of INVO's variant (Security Plugin). I would like to hear your advice! Which option is the best for you? What variant(s) do you use in your projects? Can you show me the code?:)


Defintely ACL using phalcon 2.1.x with some new things in it.

Well, if you're creating API, you can do it in before events handler. For instance, if your API require HMAC based auth which should be present in every HTTP request (header).

edited May '16

Thanks a lot! You have very helped me. Good luck!