54 lines
1.5 KiB
PHP
54 lines
1.5 KiB
PHP
<?php
|
|
|
|
class AuthController {
|
|
|
|
|
|
public function showLoginForm($f3){
|
|
// store session errors or messages, then clear
|
|
$f3->set('error', $f3->get('SESSION.login_error'));
|
|
$f3->clear('SESSION.login_error');
|
|
|
|
// this can be in our controller base
|
|
$f3->set('content', '../ui/views/login.html');
|
|
echo \Template::instance()->render('../ui/templates/layout.html');
|
|
$f3->clear('error');
|
|
}
|
|
|
|
public function login($f3){
|
|
$username = $f3->get('POST.username');
|
|
$password = $f3->get('POST.password');
|
|
|
|
$db = $f3->get('DB');
|
|
// query for user
|
|
$result = $db->exec(
|
|
'SELECT id, username, password, role FROM users WHERE username =? LIMIT 1', $username
|
|
);
|
|
|
|
// verifiy password
|
|
if($result){
|
|
$user = $result[0]; // first row
|
|
if(password_verify($password, $user['password'])){
|
|
// valid
|
|
$f3->set('SESSION.user', [
|
|
'id'=> $user['id'],
|
|
'username' => $user['username']
|
|
]);
|
|
|
|
$f3->reroute('/dashboard');
|
|
} else {
|
|
$f3->set('SESSION.login_error', 'Invalid password');
|
|
}
|
|
} else {
|
|
// if here, login failed.
|
|
$f3->set('SESSION.login_error', 'Invalid username');
|
|
}
|
|
$f3->reroute('/login');
|
|
|
|
}
|
|
|
|
public function logout($f3){
|
|
$f3->clear('SESSION');
|
|
$f3->reroute('/');
|
|
}
|
|
|
|
} |