* but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Lesser General Public License for more details. * * You should have received a copy of the * GNU Lesser General Public License along with OpenLSS. * If not, see <http://www.gnu.org/licenses/>. */ use LSS\Account\Client; use LSS\Account\ClientSession; use LSS\Tpl; use LSS\Url; if (post('login')) { try { //get the client member $client = Client::fetchByEmail(post('email')); if (!$client) { throw new Exception('Client member doesnt exist'); } //check password if (!bcrypt_check(post('password'), $client['password'])) { throw new Exception('Password is invalid'); } //generate token and setup session $token = ClientSession::tokenCreate($client['client_id'], server('REMOTE_ADDR'), server('HTTP_USER_AGENT')); ClientSession::startSession($token); //update last login Client::updateLastLogin($client['client_id']); //redirect request if (session('login_referrer') && strpos(session('login_referrer'), Url::login()) === false) { redirect(session('login_referrer'));