$app->post('/login', function () use($app) {
// check for required params
$toVerify = array('username', 'password');
R::verifyRequiredParams($toVerify);
$app->add(new \Slim\Middleware\ContentTypes());
$response = array();
$code = 500;
$body = $app->request()->getBody();
$request = json_decode($body, true);
$username = $request['username'];
$password = $request['password'];
$oUser = new User();
// check for correct email and password
if ($oUser->checkLogin($username, $password)) {
// get the user by username
$user = $oUser->getUserByUsername($username);
if ($user != NULL) {
$loginId = $user['LoginID'];
$response['error'] = false;
$response['login_id'] = $user['LoginID'];
$response['username'] = $user['username'];
$response['group_id'] = $user['GroupID'];
$response['locale'] = $user['locale'];
$public_key = $oUser->generateKeys($loginId, $username, $password);
// field in DB is NULL by default, so let's check if they have been already created before.
if ($public_key != NULL) {
$response['public_key'] = $public_key;
$code = 200;
} else {
$response['public_key'] = "could not create or read keys";
$code = 500;
<?php
/**
* Created by PhpStorm.
* User: Kondziu
* Date: 2016-02-06
* Time: 15:30
*/
require_once '/../models/user.php';
use models\User;
$user = $request->get('login');
$password = $request->get('password');
$user = User::getUserByUsername($user);
if (isset($user)) {
if (password_verify($password, $user->password)) {
$_SESSION['user'] = $user->login;
$_SESSION['admin'] = $user->admin;
$_SESSION['loggedIn'] = true;
header('Location: ' . str_replace('/login', '/', $request->getUri()));
} else {
$_SESSION['loggedIn'] = false;
header('Location: ' . str_replace('/login', '/', $request->getUri()));
}
}
die;
