$app->post('/login', function () use($app) { // check for required params verify_required_params(array('email', 'password')); // reading post params $email = $app->request()->post('email'); $password = $app->request()->post('password'); $response = array('request' => 'login'); // Sanitize data $email = filter_var($email, FILTER_SANITIZE_EMAIL); $password = filter_var($password, FILTER_SANITIZE_STRING); // Validate data if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $response['error'] = true; $response['msg'] = 'Input data not valid.'; echoRespnse(401, $response); $app->stop(); } $db = new DbHandler(); // check for correct email and password if ($db_uid = $db->checkUserExisits($email)) { if ($db->userLogin($email, $password)) { $response['error'] = false; $response['login'] = true; $response['msg'] = 'User logged in.'; echoRespnse(200, $response); $app->stop(); } else { $response['error'] = true; $response['msg'] = 'Password wrong.'; echoRespnse(401, $response); $app->stop();