Phalcon offers a wealth of built-in classes and interfaces for hardening your application. These classes can be used and extended to fit many scenarios and to create custom solutions. Phalcon Incubator can help with this as it provides alternative classes to the built-in ones. Sometimes these Incubator solutions turn out to be very popular and are then included in the next Phalcon release.
With our first usage of the Incubator, we will implement the Database Access Control List (ACL) class from Incubator to keep our ACL data stored within the database. This is a more realistic usage of an ACL than using the bare-bones ACL class, since it can easily be modified for custom use while also potentially allowing users to modify settings via a web interface.
Next we will implement password hashing with the built-in Phalcon\Security
. This will allow us to use a very simple interface for protected passwords that was designed to evolve to meet our future security needs.
There are a wide...