37 lines
983 B
PHP
37 lines
983 B
PHP
<?php
|
|
/**
|
|
* Autentiserar användare.
|
|
* Om inget postat så kontrolleras om sessionsvariabeln lever (=)
|
|
*
|
|
* @param $_POST['username'] användarnamn vid inloggning
|
|
* @param $_POST['pwd'] lösenord
|
|
* @return {"auth": true/false, "userdata": {uid, firstname, surname}/null}
|
|
*/
|
|
session_start();
|
|
|
|
include('../../model/DbEgyTalk.php');
|
|
$db = new DbEgyTalk();
|
|
|
|
$result['auth'] = false;
|
|
$result['userdata'] = null;
|
|
$statusCode = 401;
|
|
|
|
// Om redan inloggad skicka data
|
|
if (isset($_SESSION['uid'])) {
|
|
$user = $db->getUserFromUid($_SESSION['uid']);
|
|
} else if (isset($_POST['username'], $_POST['pwd'])) {
|
|
$user = $db->auth($_POST['username'], $_POST['pwd']);
|
|
}
|
|
|
|
if (isset($user) && !empty($user)) {
|
|
$result['auth'] = true;
|
|
$result['userdata'] = $user;
|
|
session_regenerate_id();
|
|
$_SESSION['uid'] = $user['uid'];
|
|
$statusCode = 200;
|
|
}
|
|
|
|
http_response_code($statusCode);
|
|
header('Content-Type: application/json');
|
|
echo json_encode($result, JSON_UNESCAPED_UNICODE);
|