Hello all! There are a lot of authentication (auth) realizations for Phalcon in the official (for example, Vocuro and INVO) and the non-official repositories on Github. And all of them made different. For example, some use the ACL component, ohtes don't use it and may be use the Dispatcher. The implementation of Auth in the Vokuro (Auth Component) is very different of INVO's variant (Security Plugin). I would like to hear your advice! Which option is the best for you? What variant(s) do you use in your projects? Can you show me the code?:)
Defintely ACL using phalcon 2.1.x with some new things in it.
Well, if you're creating API, you can do it in before events handler. For instance, if your API require HMAC based auth which should be present in every HTTP request (header).
Thanks a lot! You have very helped me. Good luck!