Implementing Zend Auth, Acl and Caching

I managed to work a bit on the blog, enabling me to have new instance in the series, How to refactor and extend your own blog software using Zend Framework. This time: Implementing meaningful Auth and ACL mechanisms and fixing view caching, which did not work in its original implementation due to different users groups sharing the same cached views.

In the last days I came across two in depth tutorials on Zend_Acl and Zend_Auth integration to MVC. Most people probably saw the DevZone article “Zend_Acl and MVC Integration (part 1)” by Aldemar Bernal on the Frameworks Frontpage. Another good article was written by Frank Ruske in the latest german PHP Magazin (Zipped Source Code of the Example). I took the best ideas of both articles and merged them into the existing components of my blog.

This now enables me to cache the site depending on the Auth status of the page user agent. The blog is now caching all views that are generated for guest users. Since there is no “registered” or “member” account yet, this means the blogs content is cached and served from cache for everyone except me when I am logged in. To get this work I added some simple additional check in Matthews Cache View Controller Plugin:

public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request)
{
    $auth = Zend_Auth::getInstance();
    if($auth->hasIdentity()) {
        self::$doNotCache = true;
        return;
    }
    [..]
}

This prevents caching for registered identities.

More about: ZendFramework