Adding Session Data to your authentication system using ZF 3

If you have been following the tutorial on ZF3 authentication, you already have the user email stored in session as this is the default behavior of the Zend/Authentication module provided by Zend platform.

The Zend authentication module & session management

We will overview a little how is handled the session system within the authentication module of Zend. Note that the module documentation is based on ZF2 but it can also apply for Zend 3.

We won’t discuss about all features but rather concentrate on what interests us. Let’s start with the adapter which talks to the authentication service from the module API, if you remember the adapter class, there is one method called authenticate() as follow :

public function authenticate()
    {// ...
        return new Result( 
                ['Authenticated successfully.']);

The result which is returned to the authentication service will store the identity in session as stated here :

By default, Zend\Authentication provides persistent storage of the identity from a successful authentication attempt using the PHP session. Upon a successful authentication attempt, Zend\Authentication\AuthenticationService::authenticate() stores the identity from the authentication result into persistent storage.

Instead of the email here, you can choose to store any type of identity so it can be retrieved later using the following command :


The above command is available once you’ve installed the Identity Controller plugin and View Helper.

Note that you can use any mixed variable as a replacement of $this->email, see this Result constructor :

__construct(integer $code, mixed $identity, array $messages = array())


Besides the authentication module, let’s see how we can also add a session variable.

Set up session variable independently

There is one page where everything is explained about sessions and Zend 3, you can have a look to the book on Github.

I’ve implemented the code as shown using the container with a factory.

Starting from the module.config.php of my module with the session container namespace :


'session_containers' =>

[ 'MyBaseContainer' ],


I’ve created a service factory to handle the container as follow:

<?php namespace MyBase\Service\Factory; use Interop\Container\ContainerInterface; use MyBase\Service\ExerciceManager; /** * This is the factory class for ExerciceManager service. The purpose of the factory is to instantiate the service and pass it dependencies (inject dependencies). */ class ExerciceManagerFactory { /** * This method creates the ExerciceManager service and returns its instance. */ public function __invoke(ContainerInterface $container, $requestedName, array $options = null) { $entityManager = $container->get('doctrine.entitymanager.orm_default');
	// The $container variable is the service manager.
	$sessionContainer = $container->get('MyBaseContainer');
	return new ExerciceManager($entityManager,$sessionContainer);


As commented, the purpose of the factory is to inject dependencies to the service.

You may name your class as you wish (just replace ExerciceManager with whatever you are coding for).

Now the service manager part which deals with the session container :

<?php namespace MyBase\Service; /** * This service is responsible for checking Exercice and adding a new Database */ class ExerciceManager { /** * Doctrine entity manager. * @var Doctrine\ORM\EntityManager */ private $entityManager; /** * Doctrine entity manager. * @var Doctrine\ORM\EntityManager */ private $sessionContainer; /** * Constructs the service. */ public function __construct($entityManager,$sessionContainer) { $this->entityManager = $entityManager;
		$this->sessionContainer = $sessionContainer;
	public function setExercice($year)
		$this->sessionContainer->exercice = $year;		

As an example of use, I’ve created a setter function to define a new session variable in the container.

You may also add a getter method to retrieve this information.


That’s all with sessions management using Zend 3, if you have any question or comment, feel free to hit me.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Want more information?

Related links will be displayed within articles for you to pick up another good spot to get more details about software development, deployment & monitoring.

Stay tuned by following us on Youtube.

%d bloggers like this: