#011006: Enhance ezcAuthSessionFilter for performance critical environments
Description:
<koredn> I still do not really see the reason for the session filter at all...
Derick: what do you mean?
<koredn> Do we really want the user to initialize and run the complete auth stuff on each request (This is, what the session filter advocates), or just run the auth stuff once, and let the user handle the session stuff
<koredn> This is performance critical, I think...
Derick: but if the session stuff works, the rest is not run
<koredn> It still requires a bunch of initializations
Derick: i see your points
[...]
<koredn> Hmm, the session stuff needs to be done in nearly every request, once you start using it, perhaps an additional static method like ezcAuthSessionFilter::isValid() would help, that you may call, and use everything else, only if this one fails. Inconsistent API, but maybe fast and would not affect anything we have now
<koredn> My suggestion: For applications, where performance matters more then beautiful code, we could provide an optioonal mechanism, like the described above, so thet the user may do: if (!sesssionFilter::Valid) { /* Auth filter init and stuff */ }. Keep the other way for users who like it clean, of course. Let's introduce such a method to the filter and describe it in the tutorial with the mentioned prerequisites
Alexandru_: this idea sounds good to me
Environment:
Operating System:
PHP Version: (please be specific, like '4.4.3' or '5.1.5')
Database and version:
Browser (and version):
