Where to place the login/authentication related actions in MVC_问答_开发者

Where to place the login/authentication related actions in MVC

开发者 https://www.devze.com 2022-12-23 07:14 出处：网络

I\'ve searched around and found that when implementing an authentication module in MVC architecture some people opt开发者_如何学JAVA to place the login related actions in the User controller while oth

I've searched around and found that when implementing an authentication module in MVC architecture some people opt开发者_如何学JAVA to place the login related actions in the User controller while others place it in a controller dedicated to authentication only.

In pseudo-java-like code:

class UserController extends Controller {

    public login() {
        //...
    }
}

Accessed with http://mydomain.com/user/login.

vs.

class AuthController extends Controller {

    public login() {
        //...
    }
}

Accessed with http://mydomain.com/auth/login.

I would like to know which approach is better, and why. That is, if there's really any difference at all.

Thanks in advance.

IMO:

The stuff handling the actual login should be in a controller, like the UserController you suggested.
Persistent authentication (e.g. checking whether a user is logged in) could just be some functions in the UserModel, which you call from any controller.

Depending on the situation, you may want some kind of global function that redirects to the login page if the user is not logged in.

I prefer the first approach, with the simple reasoning that the authentication is an action pertaining to the user. And in general, I prefer my controllers to reflect the real-life entities my logic deals.