Login workflow and example for Expressive 3


I started a new project with Expressive 3. I need authentication with a login page, users in a database, … basic things at this time.

I found only one example of login process that @samsonasik made (https://samsonasik.wordpress.com/2018/01/12/create-login-functionality-in-expressive-3/) but i cannot apply all to expressive 3 final version.

It use things like that in handle… $response = $handler->handle($request);

Is someone can explain me the flow or have a up to date example that work with the current expressive version?


I’ve updated the post to use latest compatible expressive components.

Thanks for your update @samsonasik ! But i still have problem (password_verify in UserRepository /PdoDatabase line 68 return false) and have a question for you…

In the table “users” the password is hashed, so when a user try login, enter his username and password (raw) in the form…

Where is the treatment for “hashing” the password entered to be compared with the hash in the database?


In the user repository Zend\Expressive\Authentication\UserRepository\PdoDatabase:

See also: http://php.net/manual/en/function.password-verify.php

My mistake… i didn’t understood well the password_verify function… i thought it compare only value…
I just created a new hash with password_hash(), add in database and now all is fine for this step!

Thanks @samsonasik and @froschdesign!

I updated my zend expressive blog posts about authentication and authorization with latest zend-expressive-authentication/authorization ^1.0 compatible components:

Hi, I am following https://samsonasik.wordpress.com/2018/01/12/create-login-functionality-in-expressive-3/ for authentication. however I got Zend \ ServiceManager \ Exception \ ServiceNotCreatedException (2054) Service with name "Zend\Expressive\Authentication\UserRepository\PdoDatabase" could not be created. Reason: SQLSTATE[HY000] [2054] The server requested authentication method unknown to the client

That seems related to your database settings, see https://stackoverflow.com/questions/52364415/the-server-requested-authentication-method-unknown-to-the-client-php