Hi!
I try to understand why, when I change the controller and the action manually in the url, the session auth object ($auth = $this->session->get('auth');) becomes null ?
Scenario :
I log into the app I'm redirect to /index/index (But, in the url bar, it keeps saying /session/index) I change back manually to /index/index And I'm redirect to /session/index again :(
Any reason why ?
This the code of my DI :
$di->set('session', function() {
$session = new \Phalcon\Session\Adapter\Files();
$session->start();
return $session;
});
This the code of my login function :
private function _registerSession(User $user) {
$role = new Role();
foreach ($user->userrole as $ur) {
/* @var $r Role */
foreach ($ur->role as $r) {
$role = $r;
}
}
$this->session->set('auth', array(
'UserID' => $user->UserID,
'Name' => $user->Firstname . " " . $user->Lastname,
'Role' => $role
));
}
This is the code where the security is checked from the INVO application :
public function beforeDispatch(Event $event, Dispatcher $dispatcher) {
$auth = $this->session->get('auth');
if (!isset($auth)) {
$role = 'Guests';
} else {
$role = $auth["Role"];
}
$controller = $dispatcher->getControllerName();
$action = $dispatcher->getActionName();
$acl = $this->getAcl();
$allowed = $acl->isAllowed($role, $controller, $action);
if ($allowed != Acl::ALLOW) {
//$this->flash->error("You don't have access to this module");
$dispatcher->forward(
array(
'controller' => 'session',
'action' => 'index'
)
);
return false;
}
}
Thank you for your feedback.
Daniel