Skip to content - what a user model should have

Even while i was working on my auth plugin for the zend framework, i tought it is right that the user db table needs to store the password.

Well, bad luck, i was wrong. I wrestled with the fact that the password is stored in my user domain model. This leads to the fact that everywhere where use the user domain model the code can have access to the password - that sucks in the matter of security.

After a few minutes with a colleague we figured out that a password and even the loginname should be stored and managed by an auth class. Even cooler, when you store this information in a central authentification you can use it everywhere (i mean other projects or modules as well).

Translate to de es fr it pt ja


No Trackbacks


Display comments as Linear | Threaded

No comments

Add Comment

Standard emoticons like :-) and ;-) are converted to images.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications.
To leave a comment you must approve it via e-mail, which will be sent to your address after submission.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.

Markdown format allowed
Form options