diff options
author | Daniel Weipert <code@drogueronin.de> | 2023-12-02 14:14:34 +0100 |
---|---|---|
committer | Daniel Weipert <code@drogueronin.de> | 2023-12-02 14:14:34 +0100 |
commit | e5a243a52b910e35b10b26c06aa8978356b86769 (patch) | |
tree | 74ddb82add2f3ea200e9fd11cfedb6c0cace09be /src/Controller/Login.php | |
parent | fa9096c0ab521aae45cab6c48a54290d14a221b9 (diff) |
login and events
Diffstat (limited to 'src/Controller/Login.php')
-rw-r--r-- | src/Controller/Login.php | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/src/Controller/Login.php b/src/Controller/Login.php new file mode 100644 index 0000000..0f360ae --- /dev/null +++ b/src/Controller/Login.php @@ -0,0 +1,53 @@ +<?php + +namespace App\Controller; + +use App\DB; +use App\View; +use Symfony\Component\HttpFoundation\RedirectResponse; +use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\Routing\Annotation\Route; + +class Login +{ + #[Route(path: '/login', methods: ['GET'])] + public function form(Request $request): Response + { + return new Response(View::render('login.twig')); + } + + #[Route(path: '/login', methods: ['POST'])] + public function login(Request $request): Response + { + $email = $request->get('email'); + $user = DB::query('select id,username,password from users where email=:email', ['email' => $email])->fetch(); + + if (empty($user)) { + $password = password_hash($request->get('password'), PASSWORD_DEFAULT); + DB::query('insert into users (username, password, email) values (:username, :password, :email)', ['username' => $email, 'password' => $password, 'email' => $email]); + } else { + $password = $user['password']; + } + + if (password_verify($request->get('password'), $password)) { + $_SESSION['user'] = [ + 'id' => $user['id'], + 'username' => $user['username'], + ]; + + return new RedirectResponse('/villages'); + } + + return new RedirectResponse('/login'); + } + + #[Route(path: '/logout', methods: ['GET'])] + public function logout(Request $request): Response + { + session_unset(); + session_destroy(); + + return new RedirectResponse('/login'); + } +} |