I think I have a fairly run of the mill application that does authentication. At the point where a user is attempting to login I need slim/csrf and slim/flash. Both of these depend on
$_SESSION, but it isn’t treated as a dependency (ie: I can’t pass it in). Now, I get that it’s
$_SESSION is a PHP superglobal, but it’s still a dependency the way I look at it, because the modules won’t function with out it and I have to start it.
So, right now, I being lazy and I create a session every time no matter what. I don’t like the fact that sessions are being created for anonymous users just browsing around. I’d like to be able to pass in
$this->session to both (or anything else that depends on a session) and let the DI container create the session prior to entry and independent of who needs it.
What am I missing?