<?php
$app->get('/user/login', function () use($app) {
$c = array();
$app->render('pages/login.html', $c);
})->name('login');
$app->get('/user/logout', function () use($app) {
$c = array();
unset($_SESSION['loggedIn']);
$app->redirect($app->urlFor('index'));
})->name('logout');
/*
* POST
* TODO: Login route (This is insecure!, salt, use a proper password mechanism i.e. BCrypt)
*/
$app->post('/user/login', function () use($app) {
$c = array();
$username = $app->request()->post('username');
$password = $app->request()->post('password');
$valid_user = models\User::where('username', '=', $username)->where('password', '=', sha1($password))->count();
if ($valid_user > 0) {
$_SESSION['loggedIn'] = true;
}
$app->redirect($app->urlFor('index'));
});
