By MVC standards its best to split controllers by function groups.
Auth Controller
handles authentication/registration/deletion. Sets session vars for logins which all other controllers check first thing.
function register(){
}
function logout(){
}
function edit(){
}
function login(){
}
Admin Controller
handles all administrative tasks
User Controller
handles all user tasks. Maybe editing profiles, or posting to a personal blog?
Front Controller
handles all public facing tasks, displaying non auth based pages etc.
Unrelated, CodeIgniter Example
I use this methodology in my CI projects. This information will vary from Yii framework but it gives you a glimpse of a proper MVC setup.
I have core controllers such as:
application/core/FRONT_Controller.php
this controller extends CI_Controller and handles all the setup of my pub facing pages. All of my public facing controllers extend FRONT_Controller instead of CI_Controller.
application/core/USER_Controller.php
this controller handles all of my users authentication.
application/core/ADMIN_Controller.php
this controller does preliminary checks, again all of my admin based controllers extend this controller so the authentication fires off right away... IE:
if (!$this->tank_auth->is_logged_in()){
redirect(site_url('/user/login/'));
}else{
$this->data['user'] = array(
'user_id' => $this->tank_auth->get_user_id(),
'username' => $this->tank_auth->get_username(),
'emailAddress' => $this->tank_auth->get_email(),
'firstname' => $this->tank_auth->get_firstname(),
'lastname' => $this->tank_auth->get_lastname(),
'userlevel' => $this->tank_auth->get_userlevel(),
'avatar' => $this->tank_auth->get_avatar(),
'last_login' => $this->tank_auth->get_last_login()
);
}
application/controllers/blog.php:
class Categories extends ADMIN_Controller{
function __construct(){
parent::__construct();
} #end constructor function