ddspringle
commented
5 years ago Always happy to help!
Session management is more closely related to overall security principles than specific to user management.
There are often times when I have the need to build applications that have more complicated access control requirements that make use of more than one table (e.g. admins, users, staff, executives, etc.) for authentication. Centrally managed sessions are a much better option for these situations than service-specific ones.
I'm new to OO and I'm digesting your code to learn best practices. I appreciate your patience and all of your experience.
Why is the user session management functionality in the securityService controller rather than UserService? Flip of the coin or is there a rationale?