egytalk-sveltekit/www/public/api/auth.php

37 lines
983 B
PHP

<?php
/**
* Autentiserar användare.
* Om inget postat så kontrolleras om sessionsvariabeln lever (=)
*
* @param $_POST['username'] användarnamn vid inloggning
* @param $_POST['pwd'] lösenord
* @return {"auth": true/false, "userdata": {uid, firstname, surname}/null}
*/
session_start();
include('../../model/DbEgyTalk.php');
$db = new DbEgyTalk();
$result['auth'] = false;
$result['userdata'] = null;
$statusCode = 401;
// Om redan inloggad skicka data
if (isset($_SESSION['uid'])) {
$user = $db->getUserFromUid($_SESSION['uid']);
} else if (isset($_POST['username'], $_POST['pwd'])) {
$user = $db->auth($_POST['username'], $_POST['pwd']);
}
if (isset($user) && !empty($user)) {
$result['auth'] = true;
$result['userdata'] = $user;
session_regenerate_id();
$_SESSION['uid'] = $user['uid'];
$statusCode = 200;
}
http_response_code($statusCode);
header('Content-Type: application/json');
echo json_encode($result, JSON_UNESCAPED_UNICODE);