/**
* Check Password
*
* Check that the password supplied to this method equates to the same password hash that is stored in the
* database for the user identified by the current (this) model instance.
*
* @access public
* @param string $password
* @return boolean
*/
public function password($password)
{
$phpass = new \Phpass\Hash();
return $phpass->checkPassword($password, $this->password);
}
private function _handleLogin()
{
$errors = array();
if (empty($_POST['username'])) {
$errors['username'] = '******';
}
if (empty($_POST['password'])) {
$errors['password'] = '******';
}
if (empty($errors)) {
$existing = $this->userDAO->selectByUsername($_POST['username']);
if (!empty($existing)) {
$hasher = new \Phpass\Hash();
if ($hasher->checkPassword($_POST['password'], $existing['password'])) {
$_SESSION['user'] = $existing;
$this->redirect('backbone.html');
} else {
$_SESSION['error'] = 'Unknown username / password';
}
} else {
$_SESSION['error'] = 'Unknown username / password';
}
} else {
$_SESSION['error'] = 'Unknown username / password';
}
$this->set('errors', $errors);
}
<?php
$userDAO = new UserDAO();
$app->post('/login/?', function () use($app, $userDAO) {
header("Content-Type: application/json");
$post = $app->request->post();
if (empty($post)) {
$post = (array) json_decode($app->request()->getBody());
}
if (!empty($post['email']) && !empty($post['password'])) {
$user = $userDAO->selectByEmail($post['email']);
if (!empty($user)) {
$hasher = new \Phpass\Hash();
if ($hasher->checkPassword($post['password'], $user['password'])) {
$user = $userDAO->selectById($user['id']);
$user["loggedIn"] = true;
$_SESSION['user'] = $user;
echo json_encode($user, JSON_NUMERIC_CHECK);
} else {
echo '{"error":"Fout wachtwoord."}';
}
} else {
echo '{"error":"Foute gebruiker."}';
}
} else {
echo '{"error":"Vul alles in..."}';
}
});
