add: user login with password

2023-01-12 15:04:15 +01:00 · 2023-01-12 15:04:15 +01:00 · f25b2a72f7
commit f25b2a72f7
parent 7b5672d36b
2 changed files with 21 additions and 11 deletions
--- a/User.php
+++ b/User.php
@ -2,6 +2,7 @@
 require_once("BancaDati/BancaDati.php");
 use BancaDati\BancaDati;
 class User {
+    public string $id;
    public string $username;
    public string $email;
    public string $token;
@ -9,7 +10,7 @@ class User {
    private BancaDati $db;

    public function __construct() {
-        $db = new BancaDati();
+        $this->db = new BancaDati();
        return $this;
    }

@ -17,12 +18,24 @@ class User {
        return true;
    }
    public function loginWithUsername(string $username, string $password) : string {
-        $userObject = $this->db->select("utente", ["username" => $username]);
-        var_dump($userObject);
+        $userObject = $this->db->select("utente", ["nomeUtente" => $username]);
+
        if(!$userObject){
            return false;
        }
-        return "token";
+        $this->id = $userObject["id"];
+        $this->username = $userObject["nomeUtente"];
+        $this->email = $userObject["email"];
+        $this->password = $userObject["parolaDordine"];
+        $this->token = $this->db->createUUID();
+
+        if($this->password != $password){
+            return false; // ungültiges password
+        }
+
+        $this->db->update("utente", $this->id, ["gettone" => $this->token]);
+
+        return $this->token;
    }
    public function loginWithToken(string $token){

--- a/index.php
+++ b/index.php
@ -41,15 +41,12 @@ $app->post("/login", function( array $req, Response $res) use ($db) {
    $password = $req["body"]["password"];

    $user = $db->select("utente", ["nomeUtente" => $username]);
-    var_dump($user);
-    return;
    $user = new User();
-    $user->loginWithUsername($username, $password);
-    return;
+    $usertoken = $user->loginWithUsername($username, $password);

-    if(isset($user)){
-        setcookie($user->token, "TOKEN");
-        $res->send("Login successful", 200);
+    if($usertoken){
+        setcookie("TOKEN", $usertoken, time()+3600); // 1h
+        $res->send("Login successful" . "token: " . $usertoken, 200);
    }else{
        $res->send("Login failed", 403);
    }