At the moment, HttpCache is completely public and only vary on the ETag, not on a user based information.
To make the cache vary on the user hash (like it was the case in legacy), we need to rely on a custom Http request header (e.g. X-User-Hash).
To make this possible, we need to calculate and store this user hash somehow at login time, in a cookie for instance. Thus, the reverse proxy (Symfony one or Varnish) can extract it and set the custom request header in a very easy way.
- In user/login legacy module, compute the user hash when the user is logged in.
- Trigger an user/login ezpEvent (filter type to be able to pass the computed user hash)
- From Symfony, attach a listener to this event and make it set the cookie
- In Symfony reverse proxy (HttpCache), catch the cookie if present and set the value in X-User-Hash request header before the lookup action.