echoResponse(201, $response); } }); $app->post('/login', function () use($app) { $r = json_decode($app->request->getBody()); verifyRequiredParams(array('email', 'password'), $r->user); $response = array(); try { $dbHost = $app->config('db_host'); $dbName = $app->config('db_name'); $dbUser = $app->config('db_user'); $dbPass = $app->config('db_password'); $db = new UserDB($dbHost, $dbName, $dbUser, $dbPass); $password = $r->user->password; $email = $r->user->email; $user = $db->fetchByEmail($email); if ($user) { //if(PasswordHash::check($user->password, $password)){ if (password_verify($password, $user->password)) { $response = array('status' => true, 'message' => 'Logged in successfully!', 'user' => array('id' => $user->id, 'name' => $user->name, 'email' => $user->email, 'createdAt' => $user->created)); $session = new Session(); $session->set('id', $user->id); $session->set('email', $user->email); $session->set('name', $user->name); } else { $response = array('status' => false, 'message' => 'Login failed. Incorrect credentials.'); } } else { $response = array('status' => false, 'message' => 'No such user is registered.'); } } catch (PDOException $e) {