[Solar-talk] Auth process in closed apps

[Rodrigo Moraes]

Simple question about best practices: in an app where people must be
authenticated to perform or see anything (a classic "admin area", to
be clear), is it correct to put the authenticathion process in
_preAction(), e.g., if($auth == false) { $this->_action = 'login'; } ?
And _preAction() is a nice place to perform general permissions
checkings too?

thanks,
rodrigo