So last week four developers sat together on a regular Hackday to see what's needed to hook up Magento into Symfony. To make this short the outcome is a Magento bundle for Symfony2.

When we met in the morning we weren't even sure what exactly to try out but soon agreed on implementing a Symfony authentication which uses the Magento customer database.

Autoloader and Login

Starting our hacking, the first problem appeared quickly with incompatible class loaders: Unfortunately, the Magento class loader isn't designed for missing class files, so every time Symfony tries to check for existence of a class which doesn't exist there will be a fatal error. As we knew this problem from other projects a patch was already at hand.

Everything went quite smoothly then as integrating Magento into another project is basically just including the file app/Mage.php and then calling Mage::app(). Done.

Implementing the authentication itself seemed easy too as there is this simple method call in Magento which we added to our bundle within minutes to try out the login:

Mage::getSingleton('customer/session')->login($username, $password);

Session issues

But that's where things got ugly: The sessions didn't sync between Magento and Symfony. Integrating Magento without synced sessions doesn't really make any sense as the user will loose his cart as soon as he browses from Magento to Symfony.

After a few hours of debugging and digging into both session handlers of Magento and Symfony the problem was found inside the __destruct methods. So here's what happens:

  1. Symfony stores everything you save in the session inside SymfonyComponentHttpFoundationSession.
  2. During destruction phase inside Magento Mage_Core_Model_Resource_Session::__destruct() calls session_write_close() and saves the session content to the database (depending on your Magento configuration).
  3. Next SymfonyComponentHttpFoundationSession::__destruct() writes its own session information with the key _symfony2 into the session storage ā€“ too late!

The solution was to add a kernel.response event listener and call SymfonyComponentHttpFoundationSession::save() so the Symfony session content gets into the session storage before Magento saves it to the database.

Promising results

After solving the ugly session problem the only thing left was implementing an security provider for Symfony which authenticates the user against the Magento customer database. The result is a proof-of-concept Symfony Bundle which already provides some useful features to Symfony:

  • Login for Magento customers.
  • Synchronized session to access the shopping cart.
  • Full access to Magento products inside Symfony.

Integrating Magento into Symfony has been proven certainly possible and we had fun learning more about the session handlers of both Magento and Symfony.

At the moment there's no specific project at Liip planning to use this bundle, so contribution is welcome on GitHub: github.com/liip/LiipMagentoBundle