Hello.
The Guard class validates storage on construction. This forces to start session globally and makes impossible to have routes without session.
I use a middleware to start the session and i apply it only to some routes.

Why don't you pass in an empty array to start, then on your routes where you need it to be session bound you can use the setStorage method with $_SESSION

Yes, that works too.

With all due respect, why would we want to validate storage at construction?

I'm doing the same exact thing as manrix (session start at the middleware level).

Passing an empty array on construction, then using setStorage after the session has been created feels like a hack.

Thanks :)

@cocochepeau then don't instantiate Guard in the first place.. Only instantiate it when you need it, should be pretty simple logic to implement as well via DI deferring mechanisms.