echoResponse(201, $response);
}
});
$app->post('/login', function () use($app) {
$r = json_decode($app->request->getBody());
verifyRequiredParams(array('email', 'password'), $r->user);
$response = array();
try {
$dbHost = $app->config('db_host');
$dbName = $app->config('db_name');
$dbUser = $app->config('db_user');
$dbPass = $app->config('db_password');
$db = new UserDB($dbHost, $dbName, $dbUser, $dbPass);
$password = $r->user->password;
$email = $r->user->email;
$user = $db->fetchByEmail($email);
if ($user) {
//if(PasswordHash::check($user->password, $password)){
if (password_verify($password, $user->password)) {
$response = array('status' => true, 'message' => 'Logged in successfully!', 'user' => array('id' => $user->id, 'name' => $user->name, 'email' => $user->email, 'createdAt' => $user->created));
$session = new Session();
$session->set('id', $user->id);
$session->set('email', $user->email);
$session->set('name', $user->name);
} else {
$response = array('status' => false, 'message' => 'Login failed. Incorrect credentials.');
}
} else {
$response = array('status' => false, 'message' => 'No such user is registered.');
}
} catch (PDOException $e) {
