<?php $app->get('/session', function () { $db = new DbHelper(); $session = $db->getSession(); $response["ID"] = $session['ID']; $response["email"] = $session['email']; $response["nickname"] = $session['nickname']; echoResponse(200, $response); }); $app->post('/login', function () use($app) { require_once 'passwordHash.php'; $db = new DbHelper(); $r = json_decode($app->request->getBody()); verifyRequiredParams(array('email', 'password'), $r->user); $response = array(); $password = $r->user->password; $email = $r->user->email; $columns = "ID,nickname,password,email,created"; $table = "user"; $limit = "1"; $where = array("email" => "{$email}"); $orwhere = array("nickname" => "{$email}"); $result = $db->select($table, $columns, $where, $orwhere, $limit); $user = $result['data'][0]; //$user = $db->getOneRecord("select ID,nickname,password,email,created from user where nickname='$email' or email='$email'"); if ($user != NULL) { if (passwordHash::check_password($user['password'], $password)) { $response['status'] = "success"; $response['message'] = 'Logged in successfully.'; $response['nickname'] = $user['nickname'];