public function loginAction()
 {
     // You can use the auth config data stored in $auth variable
     $auth = $this->app->container["settings"]["auth"];
     // Note: There is no point to check whether the user is authenticated, as there is no authentication
     //       check for this route as defined in the config.yml file under the auth.passthrough parameter.
     $request = $this->app->request;
     $max_exptime = strtotime($auth["maxlifetime"]);
     $default_exptime = strtotime($auth["lifetime"]);
     $exptime = $default_exptime;
     if ($request->isFormData()) {
         $username = $request->post("username");
         $password = $request->post("password");
         $exptime = self::getExpirationTime($request->post("expiration"), $default_exptime, $max_exptime);
     }
     if (preg_match("/^application\\/json/i", $request->getContentType())) {
         $json = json_decode($request->getBody(), true);
         if ($json !== NULL) {
             $username = $json["username"];
             $password = $json["password"];
             $exptime = self::getExpirationTime(isset($json["expiration"]) ? $json["expiration"] : null, $default_exptime, $max_exptime);
         }
     }
     if (empty($username) || empty($password)) {
         $this->renderUnauthorized();
         return;
     }
     /**
      * @var \PDO
      */
     $pdo = $this->app->getPDOConnection();
     $user = $pdo->select()->from("tbl_user")->where("username", "=", $username)->where("password", "=", sha1($password))->where("status", ">", 0)->execute()->fetch();
     if (empty($user)) {
         $this->renderUnauthorized();
         return;
     }
     $pdo->update(array("lastlogin_time" => gmdate("Y-m-d H:i:s")))->table("tbl_user")->where("id", "=", $user["id"])->execute();
     $this->app->setAuthData(Factory::createAuthData($user, $exptime));
     $this->render(200);
 }
示例#2
0
<?php

require_once '../vendor/autoload.php';
$factory = \SlimAPI\Factory::getInstance();