/** * Check the validity of user credentials * * @param $username * @param $password * @return bool|null|string */ public function isValid($username, $password) { $userManager = new UserManager(); $message = null; try { $user = $userManager->where('username', '=', $username); if (!empty($user)) { if ($user['password'] === $password) { $message = true; } else { $message = json_encode(['message' => 'Invalid username or password']); } } else { $message = json_encode(['message' => 'User account does not exist']); } } catch (RecordNotFoundException $e) { $message = json_encode(['Error' => "Invalid username or password"]); } return $message; }
$app = new Slim(['templates.path' => 'templates/', 'debug' => true]); // Prepare view $app->view(new \Slim\Views\Twig()); $app->view->parserOptions = array('charset' => 'utf-8', 'cache' => realpath('templates/cache'), 'auto_reload' => true, 'strict_variables' => false, 'autoescape' => true); $app->view->parserExtensions = array(new \Slim\Views\TwigExtension()); //route middleware $authenticator = function () use($app) { $response = $app->response(); $response->header("Content-type", "application/json"); //determine if the user has authorization. $authorization = $app->request->headers->get('Authorization'); if (!is_null($authorization)) { //check token expiry $manager = new UserManager(); try { $user = $manager->where('token', '=', $authorization); if ($user['token_expire'] < date('Y-m-d H:i:s')) { $response->body(json_encode(['status' => 401, 'message' => 'You have no authorization'])); $response->status(401); $app->stop(); return $response; } $app->response->header('Authorization', $authorization); } catch (RecordNotFoundException $e) { $response->body(json_encode(['status' => 401, 'message' => 'You have no authorization'])); $response->status(401); $app->stop(); return $response; } } else { $response->body(json_encode(['status' => 401, 'message' => 'You have no authorization']));