rogatec/AuthController.php

## AuthController.php
<?php

namespace Authentication\Controller;

use Employee\Model\EmployeeTable;
use Main\Form\LoginForm;
use Zend\Authentication\Adapter\DbTable\CredentialTreatmentAdapter;
use Zend\Authentication\AuthenticationService;
use Zend\Db\Sql\Select;
use Zend\Mvc\Controller\AbstractActionController;
use Zend\Mvc\Plugin\FlashMessenger\FlashMessenger;

class AuthController extends AbstractActionController
{
    /**
     * @var AuthenticationService
     */
    private $authService;

    /**
     * @var EmployeeTable
     */
    private $employeeTable;

    /**
     * AuthController constructor.
     *
     * @param AuthenticationService $authService
     * @param EmployeeTable $employeeTable
     */
    public function __construct(AuthenticationService $authService, EmployeeTable $employeeTable)
    {
        $this->authService = $authService;
        $this->employeeTable = $employeeTable;
    }

    /**
     * @return ViewModel
     */
    public function loginAction()
    {
        $form = new LoginForm();
        $request = $this->getRequest();

        if (!$request->isPost()) {
            return ['form' => $form];
        }

        $form->setData($request->getPost());
        if (!$form->isValid()) {
            $this->flashMessenger()->addMessage("your error message", FlashMessenger::NAMESPACE_ERROR);

            return ['form' => $form];
        }

        /** @var Employee $employeeObject */
        $employeeObject = $this->employeeTable->getEmployeeByLogin($request->getPost('system_name'), $request->getPost('password'));
        if (!$employeeObject) {
            $this->flashMessenger()->addMessage("your error message", FlashMessenger::NAMESPACE_ERROR);

            return ['form' => $form];
        }

        if ($this->authenticate($employeeObject)) {
            return $this->redirect()->toRoute('main');
        }

        $this->flashMessenger()->addMessage("your error message", FlashMessenger::NAMESPACE_ERROR);

        return ['form' => $form];
    }

    public function logoutAction()
    {
        $this->authService->clearIdentity();

        return $this->redirect()->toRoute('login');
    }

    /**
     * @param $employeeObject
     *
     * @return array
     */
    private function authenticate($employeeObject)
    {
        /** @var CredentialTreatmentAdapter $adapter */
        $adapter = $this->authService->getAdapter();
        $select = $adapter->getDbSelect();
        $select->join(['R' => 'role'], 'role_id = R.id', ['role' => 'description'], Select::JOIN_LEFT);
        $this->authService->setAdapter($adapter);

        $this->authService->getAdapter()->setIdentity($employeeObject->system_name)->setCredential($employeeObject->password);
        $result = $this->authService->authenticate();

        if ($result->isValid()) {
            $resultRow = $this->authService->getAdapter()->getResultRowObject();

            $this->authService->getStorage()->write([
                'id' => $resultRow->id,
                'system_name' => $resultRow->system_name,
                'role' => $resultRow->role,
            ]);

            return true;
        }

        return false;
    }
}

## AuthControllerFactory.php
<?php

namespace Authentication\Factory;

use Employee\Model\EmployeeTable;
use Interop\Container\ContainerInterface;
use Interop\Container\Exception\ContainerException;
use Authentication\Controller\AuthController;
use Zend\Authentication\AuthenticationService;
use Zend\ServiceManager\Exception\ServiceNotCreatedException;
use Zend\ServiceManager\Exception\ServiceNotFoundException;
use Zend\ServiceManager\Factory\FactoryInterface;

class AuthControllerFactory implements FactoryInterface
{
    /**
     * Create an object
     *
     * @param  ContainerInterface $container
     * @param  string $requestedName
     * @param  null|array $options
     *
     * @return object
     * @throws ServiceNotFoundException if unable to resolve the service.
     * @throws ServiceNotCreatedException if an exception is raised when
     *     creating a service.
     * @throws ContainerException if any other error occurs
     */
    public function __invoke(ContainerInterface $container, $requestedName, array $options = null)
    {
        return new AuthController($container->get(AuthenticationService::class), $container->get(EmployeeTable::class));
    }
}

## AuthenticationServiceFactory.php
<?php

namespace Authentication\Factory;

use Authentication\Storage\AuthStorage;
use Interop\Container\ContainerInterface;
use Interop\Container\Exception\ContainerException;
use Zend\Authentication\Adapter\DbTable\CredentialTreatmentAdapter;
use Zend\Authentication\AuthenticationService;
use Zend\Db\Adapter\AdapterInterface;
use Zend\ServiceManager\Exception\ServiceNotCreatedException;
use Zend\ServiceManager\Exception\ServiceNotFoundException;
use Zend\ServiceManager\Factory\FactoryInterface;

class AuthenticationServiceFactory implements FactoryInterface
{
    /**
     * Create an object
     *
     * @param  ContainerInterface $container
     * @param  string $requestedName
     * @param  null|array $options
     *
     * @return object
     * @throws ServiceNotFoundException if unable to resolve the service.
     * @throws ServiceNotCreatedException if an exception is raised when
     *     creating a service.
     * @throws ContainerException if any other error occurs
     */
    public function __invoke(ContainerInterface $container, $requestedName, array $options = null)
    {
        $dbAdapter = $container->get(AdapterInterface::class);

        $authAdapter = new CredentialTreatmentAdapter($dbAdapter, 'employee', 'system_name', 'password');

        return new AuthenticationService($container->get(AuthStorage::class), $authAdapter);
    }
}

## AuthStorage.php
<?php

namespace Authentication\Storage;

use Zend\Authentication\Storage\Session;
use Zend\Authentication\Storage\StorageInterface;

class AuthStorage implements StorageInterface
{
    const NAME = 'your_session_name';

    /**
     * @var StorageInterface
     */
    private $storage;

    /**
     * @var mixed
     */
    private $resolvedIdentity;

    /**
     * Returns true if and only if storage is empty
     *
     * @throws \Zend\Authentication\Exception\ExceptionInterface If it is impossible to determine whether storage is empty
     * @return bool
     */
    public function isEmpty()
    {
        if ($this->getStorage()->isEmpty()) {
            return true;
        }
        $identity = $this->getStorage()->read();
        if ($identity === null) {
            $this->clear();

            return true;
        }

        return false;
    }

    /**
     * Returns the contents of storage
     *
     * Behavior is undefined when storage is empty.
     *
     * @throws \Zend\Authentication\Exception\ExceptionInterface If reading contents from storage is impossible
     * @return mixed
     */
    public function read()
    {
        if ($this->resolvedIdentity !== null) {
            return $this->resolvedIdentity;
        }

        $identity = $this->getStorage()->read();

        if ($identity) {
            $this->resolvedIdentity = $identity;
        } else {
            $this->resolvedIdentity = null;
        }

        return $this->resolvedIdentity;
    }

    /**
     * Writes $contents to storage
     *
     * @param  mixed $contents
     *
     * @throws \Zend\Authentication\Exception\ExceptionInterface If writing $contents to storage is impossible
     * @return void
     */
    public function write($contents)
    {
        $this->resolvedIdentity = null;
        $this->getStorage()->write($contents);
    }

    /**
     * Clears contents from storage
     *
     * @throws \Zend\Authentication\Exception\ExceptionInterface If clearing contents from storage is impossible
     * @return void
     */
    public function clear()
    {
        $this->resolvedIdentity = null;
        $this->getStorage()->clear();
    }

    /**
     * @param StorageInterface $storage
     *
     * @return AuthStorage $this
     */
    public function setStorage(StorageInterface $storage)
    {
        $this->storage = $storage;

        return $this;
    }

    /**
     * @return StorageInterface
     */
    public function getStorage()
    {
        if ($this->storage === null) {
            $this->setStorage(new Session(self::NAME));
        }

        return $this->storage;
    }
}

## config.module.php
<?php

use Authentication\Controller\AuthController;
use Zend\Router\Http\Literal;

return [
    'router' => [
        'routes' => [
            'login' => [
                'type' => Literal::class,
                'options' => [
                    'route' => '/login',
                    'defaults' => [
                        'controller' => AuthController::class,
                        'action' => 'login',
                    ],
                ],
            ],
            'logout' => [
                'type' => Literal::class,
                'options' => [
                    'route' => '/logout',
                    'defaults' => [
                        'controller' => AuthController::class,
                        'action' => 'logout',
                    ],
                ],
            ],
        ],
    ],
    'controllers' => [
        'factories' => [
            \Authentication\Controller\AuthController::class => \Authentication\Factory\AuthControllerFactory::class,
        ],
    ],
    'service_manager' => [
        'factories' => [
            \Authentication\Storage\AuthStorage::class => \Zend\ServiceManager\Factory\InvokableFactory::class,
            \Zend\Authentication\AuthenticationService::class => \Authentication\Factory\AuthenticationServiceFactory::class,
        ],
    ],

    'view_manager' => [
        'template_path_stack' => [
            'Authentication' => __DIR__ . '/../view',
        ],
    ],
];

## global.php
<?php
// located at $PROJECT_ROOT/config/autoload
use Zend\Db\Adapter\AdapterAbstractServiceFactory;

/**
 * configurations across all modules - specify sensitive data and personal settings in your local.php
 */
return [
    'session_validators' => [
        \Zend\Session\Validator\RemoteAddr::class,
        \Zend\Session\Validator\HttpUserAgent::class,
    ],
    'session_config' => [
        'remember_me_seconds' => 604800, // one week
        'use_cookies' => true,
        'cookie_lifetime' => 604800, // one week
        'name' => 'your_session_name',
    ],
    'session_storage' => [
        'type' => \Zend\Session\Storage\SessionArrayStorage::class,
    ],
];

## module.config.php
<?php

namespace Main;

use Main\Factory\SessionManagerFactory;
use Zend\Session\SessionManager;

return [
    'service_manager' => [
        'factories' => [
            SessionManager::class => SessionManagerFactory::class,
        ],
    ],
];

## Module.php
<?php

namespace Main;

use Zend\Authentication\AuthenticationService;
use Zend\Http\Request;
use Zend\Mvc\MvcEvent;
use Zend\Session\Container;
use Zend\Session\SessionManager;
use Zend\Session\Validator\HttpUserAgent;
use Zend\Session\Validator\RemoteAddr;

class Module
{
    /**
     * @var AuthenticationService
     */
    private $auth;

    public function getConfig()
    {
        return include __DIR__ . '/../config/module.config.php';
    }

    public function onBootstrap(MvcEvent $mvcEvent)
    {
        $this->bootstrapSession($mvcEvent);

        $this->auth = $mvcEvent->getApplication()->getServiceManager()->get(AuthenticationService::class);

        // store user and role in global viewmodel
        if ($this->auth->hasIdentity()) {
            // for e.g. store your auth identity into ViewModel
            $mvcEvent->getViewModel()->setVariable('authIdentity', $this->auth->getIdentity());
            // extend functionality with acl to checkPermission if user has rights to the given route
            // ...
        } else {
            // redirect if auth fails for example back to /login
            // ..
        }
    }
    /**
     * @param MvcEvent $e
     */
    private function bootstrapSession($e)
    {
        /** @var SessionManager $session */
        $session = $e->getApplication()->getServiceManager()->get(SessionManager::class);
        $session->start();

        $container = new Container('your_session_name', $session);

        if (isset($container->init)) {
            return;
        }

        /** @var Request $request */
        $request = $e->getRequest();

        $session->regenerateId(true);
        $container->init = 1;
        $container->remoteAddr = $request->getServer()->get('REMOTE_ADDR');
        $container->httpUserAgent = $request->getServer()->get('HTTP_USER_AGENT');

        $config = $e->getApplication()->getServiceManager()->get('config');
        if (!isset($config['session'])) {
            return;
        }

        if (!isset($config['session_validators'])) {
            return;
        }

        $chain = $session->getValidatorChain();

        foreach ($config['session_validators'] as $validator) {
            switch ($validator) {
                case HttpUserAgent::class:
                    $validator = new $validator($container->httpUserAgent);
                    break;
                case RemoteAddr::class:
                    $validator = new $validator($container->remoteAddr);
                    break;
                default:
                    $validator = new $validator();
            }

            $chain->attach('session.validate', [$validator, 'isValid']);
        }
    }
}

## SessionManagerFactory.php
<?php

namespace Main\Factory;

use Interop\Container\ContainerInterface;
use Interop\Container\Exception\ContainerException;
use Zend\ServiceManager\Exception\ServiceNotCreatedException;
use Zend\ServiceManager\Exception\ServiceNotFoundException;
use Zend\ServiceManager\Factory\FactoryInterface;
use Zend\Session\Config\SessionConfig;
use Zend\Session\Container;
use Zend\Session\SessionManager;

class SessionManagerFactory implements FactoryInterface
{
    /**
     * Create an object
     *
     * @param  ContainerInterface $container
     * @param  string $requestedName
     * @param  null|array $options
     *
     * @return object
     * @throws ServiceNotFoundException if unable to resolve the service.
     * @throws ServiceNotCreatedException if an exception is raised when
     *     creating a service.
     * @throws ContainerException if any other error occurs
     */
    public function __invoke(ContainerInterface $container, $requestedName, array $options = null)
    {
        $config = $container->get('config');
        if (!isset($config['session_config'])) {
            $sessionManager = new SessionManager();
            Container::setDefaultManager($sessionManager);

            return $sessionManager;
        }

        // create session config if exists in global configuration
        $sessionConfig = null;
        if (isset($config['session_config'])) {
            $sessionConfig = new SessionConfig();
            $sessionConfig->setOptions($config['session_config']);
        }

        // create session storage if exists in global configuration
        $sessionStorage = null;
        if (isset($config['session_storage'])) {
            $class = $config['session_storage']['type'];
            $sessionStorage = new $class('hpv');
        }

        // optional get a save handler and store it into SessionManager (currently null)

        $sessionManager = new SessionManager(
            $sessionConfig,
            $sessionStorage,
            null
        );

        Container::setDefaultManager($sessionManager);

        return $sessionManager;
    }
}
	<?php

	namespace Authentication\Controller;

	use Employee\Model\EmployeeTable;
	use Main\Form\LoginForm;
	use Zend\Authentication\Adapter\DbTable\CredentialTreatmentAdapter;
	use Zend\Authentication\AuthenticationService;
	use Zend\Db\Sql\Select;
	use Zend\Mvc\Controller\AbstractActionController;
	use Zend\Mvc\Plugin\FlashMessenger\FlashMessenger;

	class AuthController extends AbstractActionController
	{
	/**
	* @var AuthenticationService
	*/
	private $authService;

	/**
	* @var EmployeeTable
	*/
	private $employeeTable;

	/**
	* AuthController constructor.
	*
	* @param AuthenticationService $authService
	* @param EmployeeTable $employeeTable
	*/
	public function __construct(AuthenticationService $authService, EmployeeTable $employeeTable)
	{
	$this->authService = $authService;
	$this->employeeTable = $employeeTable;
	}

	/**
	* @return ViewModel
	*/
	public function loginAction()
	{
	$form = new LoginForm();
	$request = $this->getRequest();

	if (!$request->isPost()) {
	return ['form' => $form];
	}

	$form->setData($request->getPost());
	if (!$form->isValid()) {
	$this->flashMessenger()->addMessage("your error message", FlashMessenger::NAMESPACE_ERROR);

	return ['form' => $form];
	}

	/** @var Employee $employeeObject */
	$employeeObject = $this->employeeTable->getEmployeeByLogin($request->getPost('system_name'), $request->getPost('password'));
	if (!$employeeObject) {
	$this->flashMessenger()->addMessage("your error message", FlashMessenger::NAMESPACE_ERROR);

	return ['form' => $form];
	}

	if ($this->authenticate($employeeObject)) {
	return $this->redirect()->toRoute('main');
	}

	$this->flashMessenger()->addMessage("your error message", FlashMessenger::NAMESPACE_ERROR);

	return ['form' => $form];
	}

	public function logoutAction()
	{
	$this->authService->clearIdentity();

	return $this->redirect()->toRoute('login');
	}

	/**
	* @param $employeeObject
	*
	* @return array
	*/
	private function authenticate($employeeObject)
	{
	/** @var CredentialTreatmentAdapter $adapter */
	$adapter = $this->authService->getAdapter();
	$select = $adapter->getDbSelect();
	$select->join(['R' => 'role'], 'role_id = R.id', ['role' => 'description'], Select::JOIN_LEFT);
	$this->authService->setAdapter($adapter);

	$this->authService->getAdapter()->setIdentity($employeeObject->system_name)->setCredential($employeeObject->password);
	$result = $this->authService->authenticate();

	if ($result->isValid()) {
	$resultRow = $this->authService->getAdapter()->getResultRowObject();

	$this->authService->getStorage()->write([
	'id' => $resultRow->id,
	'system_name' => $resultRow->system_name,
	'role' => $resultRow->role,
	]);

	return true;
	}

	return false;
	}
	}
	<?php

	namespace Authentication\Factory;

	use Employee\Model\EmployeeTable;
	use Interop\Container\ContainerInterface;
	use Interop\Container\Exception\ContainerException;
	use Authentication\Controller\AuthController;
	use Zend\Authentication\AuthenticationService;
	use Zend\ServiceManager\Exception\ServiceNotCreatedException;
	use Zend\ServiceManager\Exception\ServiceNotFoundException;
	use Zend\ServiceManager\Factory\FactoryInterface;

	class AuthControllerFactory implements FactoryInterface
	{
	/**
	* Create an object
	*
	* @param ContainerInterface $container
	* @param string $requestedName
	* @param null\|array $options
	*
	* @return object
	* @throws ServiceNotFoundException if unable to resolve the service.
	* @throws ServiceNotCreatedException if an exception is raised when
	* creating a service.
	* @throws ContainerException if any other error occurs
	*/
	public function __invoke(ContainerInterface $container, $requestedName, array $options = null)
	{
	return new AuthController($container->get(AuthenticationService::class), $container->get(EmployeeTable::class));
	}
	}
	<?php

	namespace Authentication\Factory;

	use Authentication\Storage\AuthStorage;
	use Interop\Container\ContainerInterface;
	use Interop\Container\Exception\ContainerException;
	use Zend\Authentication\Adapter\DbTable\CredentialTreatmentAdapter;
	use Zend\Authentication\AuthenticationService;
	use Zend\Db\Adapter\AdapterInterface;
	use Zend\ServiceManager\Exception\ServiceNotCreatedException;
	use Zend\ServiceManager\Exception\ServiceNotFoundException;
	use Zend\ServiceManager\Factory\FactoryInterface;

	class AuthenticationServiceFactory implements FactoryInterface
	{
	/**
	* Create an object
	*
	* @param ContainerInterface $container
	* @param string $requestedName
	* @param null\|array $options
	*
	* @return object
	* @throws ServiceNotFoundException if unable to resolve the service.
	* @throws ServiceNotCreatedException if an exception is raised when
	* creating a service.
	* @throws ContainerException if any other error occurs
	*/
	public function __invoke(ContainerInterface $container, $requestedName, array $options = null)
	{
	$dbAdapter = $container->get(AdapterInterface::class);

	$authAdapter = new CredentialTreatmentAdapter($dbAdapter, 'employee', 'system_name', 'password');

	return new AuthenticationService($container->get(AuthStorage::class), $authAdapter);
	}
	}
	<?php

	namespace Authentication\Storage;

	use Zend\Authentication\Storage\Session;
	use Zend\Authentication\Storage\StorageInterface;

	class AuthStorage implements StorageInterface
	{
	const NAME = 'your_session_name';

	/**
	* @var StorageInterface
	*/
	private $storage;

	/**
	* @var mixed
	*/
	private $resolvedIdentity;

	/**
	* Returns true if and only if storage is empty
	*
	* @throws \Zend\Authentication\Exception\ExceptionInterface If it is impossible to determine whether storage is empty
	* @return bool
	*/
	public function isEmpty()
	{
	if ($this->getStorage()->isEmpty()) {
	return true;
	}
	$identity = $this->getStorage()->read();
	if ($identity === null) {
	$this->clear();

	return true;
	}

	return false;
	}

	/**
	* Returns the contents of storage
	*
	* Behavior is undefined when storage is empty.
	*
	* @throws \Zend\Authentication\Exception\ExceptionInterface If reading contents from storage is impossible
	* @return mixed
	*/
	public function read()
	{
	if ($this->resolvedIdentity !== null) {
	return $this->resolvedIdentity;
	}

	$identity = $this->getStorage()->read();

	if ($identity) {
	$this->resolvedIdentity = $identity;
	} else {
	$this->resolvedIdentity = null;
	}

	return $this->resolvedIdentity;
	}

	/**
	* Writes $contents to storage
	*
	* @param mixed $contents
	*
	* @throws \Zend\Authentication\Exception\ExceptionInterface If writing $contents to storage is impossible
	* @return void
	*/
	public function write($contents)
	{
	$this->resolvedIdentity = null;
	$this->getStorage()->write($contents);
	}

	/**
	* Clears contents from storage
	*
	* @throws \Zend\Authentication\Exception\ExceptionInterface If clearing contents from storage is impossible
	* @return void
	*/
	public function clear()
	{
	$this->resolvedIdentity = null;
	$this->getStorage()->clear();
	}

	/**
	* @param StorageInterface $storage
	*
	* @return AuthStorage $this
	*/
	public function setStorage(StorageInterface $storage)
	{
	$this->storage = $storage;

	return $this;
	}

	/**
	* @return StorageInterface
	*/
	public function getStorage()
	{
	if ($this->storage === null) {
	$this->setStorage(new Session(self::NAME));
	}

	return $this->storage;
	}
	}
	<?php

	use Authentication\Controller\AuthController;
	use Zend\Router\Http\Literal;

	return [
	'router' => [
	'routes' => [
	'login' => [
	'type' => Literal::class,
	'options' => [
	'route' => '/login',
	'defaults' => [
	'controller' => AuthController::class,
	'action' => 'login',
	],
	],
	],
	'logout' => [
	'type' => Literal::class,
	'options' => [
	'route' => '/logout',
	'defaults' => [
	'controller' => AuthController::class,
	'action' => 'logout',
	],
	],
	],
	],
	],
	'controllers' => [
	'factories' => [
	\Authentication\Controller\AuthController::class => \Authentication\Factory\AuthControllerFactory::class,
	],
	],
	'service_manager' => [
	'factories' => [
	\Authentication\Storage\AuthStorage::class => \Zend\ServiceManager\Factory\InvokableFactory::class,
	\Zend\Authentication\AuthenticationService::class => \Authentication\Factory\AuthenticationServiceFactory::class,
	],
	],

	'view_manager' => [
	'template_path_stack' => [
	'Authentication' => __DIR__ . '/../view',
	],
	],
	];
	<?php
	// located at $PROJECT_ROOT/config/autoload
	use Zend\Db\Adapter\AdapterAbstractServiceFactory;

	/**
	* configurations across all modules - specify sensitive data and personal settings in your local.php
	*/
	return [
	'session_validators' => [
	\Zend\Session\Validator\RemoteAddr::class,
	\Zend\Session\Validator\HttpUserAgent::class,
	],
	'session_config' => [
	'remember_me_seconds' => 604800, // one week
	'use_cookies' => true,
	'cookie_lifetime' => 604800, // one week
	'name' => 'your_session_name',
	],
	'session_storage' => [
	'type' => \Zend\Session\Storage\SessionArrayStorage::class,
	],
	];
	<?php

	namespace Main;

	use Main\Factory\SessionManagerFactory;
	use Zend\Session\SessionManager;

	return [
	'service_manager' => [
	'factories' => [
	SessionManager::class => SessionManagerFactory::class,
	],
	],
	];
	<?php

	namespace Main\Factory;

	use Interop\Container\ContainerInterface;
	use Interop\Container\Exception\ContainerException;
	use Zend\ServiceManager\Exception\ServiceNotCreatedException;
	use Zend\ServiceManager\Exception\ServiceNotFoundException;
	use Zend\ServiceManager\Factory\FactoryInterface;
	use Zend\Session\Config\SessionConfig;
	use Zend\Session\Container;
	use Zend\Session\SessionManager;

	class SessionManagerFactory implements FactoryInterface
	{
	/**
	* Create an object
	*
	* @param ContainerInterface $container
	* @param string $requestedName
	* @param null\|array $options
	*
	* @return object
	* @throws ServiceNotFoundException if unable to resolve the service.
	* @throws ServiceNotCreatedException if an exception is raised when
	* creating a service.
	* @throws ContainerException if any other error occurs
	*/
	public function __invoke(ContainerInterface $container, $requestedName, array $options = null)
	{
	$config = $container->get('config');
	if (!isset($config['session_config'])) {
	$sessionManager = new SessionManager();
	Container::setDefaultManager($sessionManager);

	return $sessionManager;
	}

	// create session config if exists in global configuration
	$sessionConfig = null;
	if (isset($config['session_config'])) {
	$sessionConfig = new SessionConfig();
	$sessionConfig->setOptions($config['session_config']);
	}

	// create session storage if exists in global configuration
	$sessionStorage = null;
	if (isset($config['session_storage'])) {
	$class = $config['session_storage']['type'];
	$sessionStorage = new $class('hpv');
	}

	// optional get a save handler and store it into SessionManager (currently null)

	$sessionManager = new SessionManager(
	$sessionConfig,
	$sessionStorage,
	null
	);

	Container::setDefaultManager($sessionManager);

	return $sessionManager;
	}
	}