60 lines
1.5 KiB
PHP
60 lines
1.5 KiB
PHP
<?php
|
|
header('Access-Control-Allow-Origin: *');
|
|
header('Access-Control-Allow-Methods: POST, GET, OPTIONS');
|
|
header('Access-Control-Allow-Headers: Content-Type, Authorization');
|
|
header('Access-Control-Max-Age: 86400');
|
|
header('Content-Type: application/json');
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
|
|
http_response_code(200);
|
|
exit();
|
|
}
|
|
|
|
session_start();
|
|
include 'Connection.php';
|
|
|
|
$input = json_decode(file_get_contents('php://input'), true);
|
|
$username = $input['username'] ?? '';
|
|
$password = $input['password'] ?? '';
|
|
|
|
$stmt = $conn->prepare("SELECT id, password FROM users WHERE username = ?");
|
|
$stmt->bind_param("s", $username);
|
|
$stmt->execute();
|
|
$stmt->store_result();
|
|
|
|
if ($stmt->num_rows === 0) {
|
|
echo json_encode([
|
|
"success" => false,
|
|
"message" => "Username Not Found"
|
|
]);
|
|
$stmt->close();
|
|
$conn->close();
|
|
exit;
|
|
}
|
|
|
|
$stmt->bind_result($userId, $hashedPassword);
|
|
$stmt->fetch();
|
|
|
|
if (password_verify($password, $hashedPassword)) {
|
|
|
|
$_SESSION['user_id'] = $userId;
|
|
$_SESSION['username'] = $username;
|
|
|
|
echo json_encode([
|
|
"success" => true,
|
|
"message" => "Login successful",
|
|
"username" => $username,
|
|
"token" => bin2hex(random_bytes(32))
|
|
]);
|
|
|
|
} else {
|
|
|
|
echo json_encode([
|
|
"success" => false,
|
|
"message" => "Incorrect password"
|
|
]);
|
|
}
|
|
|
|
$stmt->close();
|
|
$conn->close();
|
|
?>
|