itskp-odense/Backend/controller/login.php

51 lines
1.7 KiB
PHP

<?php
require_once "../../bootstrap.php";
use Backend\Model\User;
use Illuminate\Support\Str;
session_start();
if (isset($_POST['loginsubmit'])) {
$username = $_POST["username"];
$password = $_POST["password"];
$user = User::query()->firstWhere('name', $username);
if ($user) {
$hashedPassword = $user->password;
if (password_verify($password, $hashedPassword)) {
$token = Str::random(100);
$password = User::firstWhere('id', '=', $user->id);
$password->remember_token = $token;
if ($password->save()) {
$_SESSION['token'] = $token;
$_SESSION['name'] = $username;
$_SESSION['id'] = $user->id;
if($user->permission === 1){
$_SESSION['permission'] = $token;
}
header('location: ../../Frontend/admin.php?login=success');
exit();
http_response_code(200);
} else {
session_destroy();
http_response_code(500);
header('location: ../../login.php?error=couldNotSaveToken');
}
} else {
session_destroy();
http_response_code(401);
header('location: ../../login.php?message=wrongPassword');
//echo json_encode(["message" => "Wrong password"]);
}
} else {
session_destroy();
http_response_code(401);
header('location: ../../login.php?message=userWasNotFound');
//echo json_encode(["message" => "User was not found"]);
}
} else {
http_response_code(400);
header('location: ../../login.php?message=badMethod');
}