public function findByUsername($username) { $statement = $this->db->prepare("\n SELECT * FROM users WHERE username = ?\n "); $statement->execute([$username]); $data = $statement->fetch(); $user = null; if ($statement->rowCount() > 0) { $data['roles'] = RoleService::getUserRoles($data['id']); $user = new User($data); } return $user; }
/** * @param LoginBindingModel $model * @throws \Exception * @POST */ public function login(LoginBindingModel $model) { $username = $model->getUsername(); $password = $model->getPassword(); $user = $this->eshopData->getUsersRepository()->findByUsername($username); if ($user === false || !password_verify($password, $user->getPassword())) { throw new \Exception('Invalid credentials'); } if ($user->getIsBanned()) { throw new \Exception("This account is banned"); } Session::put('userId', $user->getId()); Session::put('roles', implode(', ', RoleService::getUserRoles($user->getId()))); RouteService::redirect('account', 'profile', true); }