Performing user authentication in a CodeIgniter controller constructor?
Posted
by
msanford
on Programmers
See other posts from Programmers
or by msanford
Published on 2012-08-29T16:29:16Z
Indexed on
2012/08/29
21:51 UTC
Read the original article
Hit count: 360
In "The Clean Code Talks -- Unit Testing" (http://youtu.be/wEhu57pih5w), Miško Hevery mentions that "as little work as possible should be done in constructors [to make classes more easily testable]'. It got me thinking about the way I have implemented my user authentication mechanism.
Having delved into MVC development through CodeIgniter, I designed my first web application to perform user authentication for protected resources in controllers' constructors in cases where every public function in that controller requires the user to be authenticated.
For controllers with public methods having mixed authentication requirements, I would naturally move the authentication from the constructor to each method requiring authentication (though I don't currently have a need for this).
I made this choice primarily
- to keep the controller tight, and
- to ensure that all resources in the controller are always covered.
As for code longevity and maintainability: given the application structure, I can't foresee a situation in which one of the affected controllers would need a public method that didn't require user authentication, but I can see this as a potential drawback in general with this implementation (i.e., requiring future refactoring).
Is this a good idea?
© Programmers or respective owner