Exemplo n.º 1
0
 public function __invoke($request, $response, $next)
 {
     if (isset($_SESSION['loggedin'])) {
         if ($_SESSION['loggedin'] == true) {
             $response = $next($request, $response);
             return $response;
         }
     }
     $response = err_auth_error($response, "You must login for this feature!");
     return $response;
 }
Exemplo n.º 2
0
         $salt = $account->getSalt();
         $hashedPassword = $account->getPassword();
     } else {
         session_destroy();
         return err_auth_error($response, "Incorrect credentials (username)");
     }
     if (hash('sha512', $password . $salt) == $hashedPassword) {
         session_unset();
         session_regenerate_id(true);
         $_SESSION['Username'] = $account->getUsername();
         $_SESSION['Id'] = $account->getId();
         $_SESSION['loggedin'] = true;
         return success($response, "Logged in");
     } else {
         session_destroy();
         return err_auth_error($response, "Incorrect credentials (password)");
     }
 });
 $app->options('/logout', function ($request, $response, $args) {
     $response = $response->withHeader("Allow", "GET,OPTIONS");
     $response = $response->withHeader("Access-Control-Allow-Methods", "GET,OPTIONS");
     return $response;
 });
 $app->get('/logout', function ($request, $response, $args) {
     $_SESSION['loggedin'] = false;
     return success($response, "Logged out");
 });
 $app->options('/register', function ($request, $response, $args) {
     $response = $response->withHeader("Allow", "POST,OPTIONS");
     $response = $response->withHeader("Access-Control-Allow-Methods", "POST,OPTIONS");
     return $response;