ZF3: Simple AccessControlClass

<?php
namespace Kvberlin\AccessControl;

use Application\UserModel\UserRepoInterface;
use Zend\Session\Container;
use Zend\Mvc\Controller\AbstractActionController;
// use Zend\Debug\Debug;


class AccessControl implements AccessControlInterface
{

    private $user;
    private $acl;

    /**
     *
     * {@inheritDoc}
     * @see \Kvberlin\AccessControl\AccessControlInterface::getLogin()
     */
    public function getLogin(string $name, string $password){

        $login_user = $this->user->getUserByName($name);
//         Debug::dump($login_user);
        if($login_user->getName()):
            if(md5($password) == $login_user->getPassword()):
                $container = new Container('application');
                $container->username      = $login_user->getName();
                $container->login         = true;
                $container->loginkey      = sha1($login_user->getName().$login_user->getPassword());
            else:
                //TODO Passwort falsch
                return false;
            endif;
        else:
            //TODO Username existiert nicht
            return false;
        endif;
       return true;
    }

    /**
     *
     * {@inheritDoc}
     * @see \Kvberlin\AccessControl\AccessControlInterface::setUserRepo()
     */
    public function setUserRepo(UserRepoInterface $repo){
        $this->user = $repo;
    }

    /**
     *
     * {@inheritDoc}
     * @see \Kvberlin\AccessControl\AccessControlInterface::checkLoginStatus()
     */
    public function checkLoginStatus(string $loginkey){
        $container  = new Container('application');
        $user       = $this->user->getUserByName($container->username);
        $key        = sha1($user->getName().$user->getPassword());
        if($loginkey === $key):
            return true;
        else:
            $this->getLogout();
            return false;
        endif;
    }

    /**
     *
     * {@inheritDoc}
     * @see \Kvberlin\AccessControl\AccessControlInterface::getLogout()
     */
    public function getLogout(){
        $container = new Container('application');
        $container->init          = 0;
        $container->username      = null;
        $container->login         = false;
        $container->offsetUnset('loginkey');
        session_destroy();
        return true;
    }

    /**
     * {@inheritDoc}
     * @see \Kvberlin\AccessControl\AccessControlInterface::setAclList()
     */
    public function setAclList(AccessControlList $acl){
        $this->acl = $acl;
    }
    /**
     * {@inheritDoc}
     * @see \Kvberlin\AccessControl\AccessControlInterface::isAllowed()
     */
    public function isAllowed(string $resource=null, string $privilege){

        return $this->acl->isAllowed($this->getUserRole(),$resource,$privilege);
    }
    /**
     * {@inheritDoc}
     * @see \Kvberlin\AccessControl\AccessControlInterface::getUserRole()
     */
    public function getUserRole(){
        $user  = $this->user->getUserByName($this->getApplicationContainer()->username);
        return $user->getRole();
    }

    /**
     * {@inheritDoc}
     * @see \Kvberlin\AccessControl\AccessControlInterface::getApplicationContainer()
     */
    public function getApplicationContainer(){
        return new Container('application');
    }


    public function checkAccess(string $resource, string $privilege, AbstractActionController $controller){
        if($this->isAllowed($resource,$privilege)):
            return true;
        else:
            $controller->redirect()->toRoute('application',['action' => 'access']);
        endif;
    }


}