2021-06-01 09:29:56 +00:00
|
|
|
<?php
|
|
|
|
|
require_once "../../bootstrap.php";
|
|
|
|
|
|
2021-06-02 07:01:51 +00:00
|
|
|
use Backend\Model\User;
|
2021-06-01 09:29:56 +00:00
|
|
|
use Illuminate\Support\Str;
|
|
|
|
|
|
|
|
|
|
session_start();
|
|
|
|
|
if (isset($_POST['loginsubmit'])) {
|
|
|
|
|
$username = $_POST["username"];
|
|
|
|
|
$password = $_POST["password"];
|
|
|
|
|
$user = User::query()->firstWhere('name', $username);
|
|
|
|
|
if ($user) {
|
|
|
|
|
$hashedPassword = $user->password;
|
|
|
|
|
if (password_verify($password, $hashedPassword)) {
|
|
|
|
|
$token = Str::random(100);
|
|
|
|
|
$password = User::firstWhere('id', '=', $user->id);
|
|
|
|
|
$password->remember_token = $token;
|
|
|
|
|
if ($password->save()) {
|
|
|
|
|
$_SESSION['token'] = $token;
|
|
|
|
|
$_SESSION['name'] = $username;
|
2021-06-08 13:07:04 +00:00
|
|
|
header('location: ../../admin.php?login=success');
|
2021-06-01 09:29:56 +00:00
|
|
|
exit();
|
|
|
|
|
http_response_code(200);
|
|
|
|
|
} else {
|
|
|
|
|
session_destroy();
|
|
|
|
|
http_response_code(500);
|
2021-06-08 13:07:04 +00:00
|
|
|
header('location: ../../login.php?error=couldNotSaveToken');
|
2021-06-01 09:29:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
session_destroy();
|
|
|
|
|
http_response_code(401);
|
2021-06-08 13:07:04 +00:00
|
|
|
header('location: ../../login.php?message=wrongPassword');
|
2021-06-07 12:27:43 +00:00
|
|
|
//echo json_encode(["message" => "Wrong password"]);
|
2021-06-01 09:29:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
session_destroy();
|
|
|
|
|
http_response_code(401);
|
2021-06-08 13:07:04 +00:00
|
|
|
header('location: ../../login.php?message=userWasNotFound');
|
2021-06-07 12:27:43 +00:00
|
|
|
//echo json_encode(["message" => "User was not found"]);
|
2021-06-01 09:29:56 +00:00
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
http_response_code(400);
|
2021-06-08 13:07:04 +00:00
|
|
|
header('location: ../../login.php?message=badMethod');
|
2021-06-01 09:29:56 +00:00
|
|
|
}
|
