I'm analyzing how Zend_Rest and Tonic work. There is no authentication implemented so I would like to add my own. My only problem is that they use Reflection and the when you call a method, you have to add the authentication call each time.
I was thinking to add the authentication check in the constructor but then you can't actually stop the method being called.
Anybody had this problem and came up with a good solution?
Why not extend Zend_Rest? You could then add a method to handle authentication when you deem it prudent. If you overload an existing Zend_Rest method, you can always instantiate the parent method at the end of your method so you don't have to recreate the entire method.
You can add the authentication code in a Zend front controller plugin. Depending on the authentication result you can redirect it to some other internal action. All your authentication rules will be at one place.
I have not found Zend_Rest to be easy to work with. I create custom resources in a routes.ini file and then handle them in the appropriate controller.
