Get Current User

[masidiq]

Hi,

How to get the current user who is requested?

$app->get('/bank/list',function () {
$currentUser = ????? <---- any some method for get current user?
$sql = "SELECT * FROM bank WHERE userId = ." currentUser;
$stmt = getDB()->query($sql);
$result = $stmt->fetchAll(PDO::FETCH_OBJ);
echo json_encode($result);
}
);

sorry for bad english

Thx

[tuupola]

From the $_SERVER["PHP_AUTH_USER'"] superglobal.

http://php.net/manual/en/features.http-auth.php

[conrad10781]

@tuupola , great project!

Provided this is to be used in a Slim application, I personally prefer:

$request->getServerParams()["PHP_AUTH_USER"]

As you at least get it through the application in a sense. I prefer to avoid interacting with any superglobals within a framework as they normally have some functionality to either sanitize or expand on the functionality.

I've put together a PR ( #52 ) for review with further details on why I believe the middleware should set the authenticated user as an attribute on the request. This also includes an update to the README with clear examples.

This is what we use internally, and it helps a great deal with with other development/middlewares, specifically ACL. If nothing else, it ensures the user authenticated by your middleware is what you're accessing. In the (unlikely) event another middleware modifies the superglobal.