summaryrefslogtreecommitdiff
path: root/src/Controller/Login.php
diff options
context:
space:
mode:
authorDaniel Weipert <code@drogueronin.de>2023-12-02 14:14:34 +0100
committerDaniel Weipert <code@drogueronin.de>2023-12-02 14:14:34 +0100
commite5a243a52b910e35b10b26c06aa8978356b86769 (patch)
tree74ddb82add2f3ea200e9fd11cfedb6c0cace09be /src/Controller/Login.php
parentfa9096c0ab521aae45cab6c48a54290d14a221b9 (diff)
login and events
Diffstat (limited to 'src/Controller/Login.php')
-rw-r--r--src/Controller/Login.php53
1 files changed, 53 insertions, 0 deletions
diff --git a/src/Controller/Login.php b/src/Controller/Login.php
new file mode 100644
index 0000000..0f360ae
--- /dev/null
+++ b/src/Controller/Login.php
@@ -0,0 +1,53 @@
+<?php
+
+namespace App\Controller;
+
+use App\DB;
+use App\View;
+use Symfony\Component\HttpFoundation\RedirectResponse;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Annotation\Route;
+
+class Login
+{
+ #[Route(path: '/login', methods: ['GET'])]
+ public function form(Request $request): Response
+ {
+ return new Response(View::render('login.twig'));
+ }
+
+ #[Route(path: '/login', methods: ['POST'])]
+ public function login(Request $request): Response
+ {
+ $email = $request->get('email');
+ $user = DB::query('select id,username,password from users where email=:email', ['email' => $email])->fetch();
+
+ if (empty($user)) {
+ $password = password_hash($request->get('password'), PASSWORD_DEFAULT);
+ DB::query('insert into users (username, password, email) values (:username, :password, :email)', ['username' => $email, 'password' => $password, 'email' => $email]);
+ } else {
+ $password = $user['password'];
+ }
+
+ if (password_verify($request->get('password'), $password)) {
+ $_SESSION['user'] = [
+ 'id' => $user['id'],
+ 'username' => $user['username'],
+ ];
+
+ return new RedirectResponse('/villages');
+ }
+
+ return new RedirectResponse('/login');
+ }
+
+ #[Route(path: '/logout', methods: ['GET'])]
+ public function logout(Request $request): Response
+ {
+ session_unset();
+ session_destroy();
+
+ return new RedirectResponse('/login');
+ }
+}