51 lines
1.7 KiB
PHP
51 lines
1.7 KiB
PHP
<?php
|
|
require_once __DIR__ . '/../../db/config.php';
|
|
|
|
class AuthController {
|
|
|
|
public function login($email, $password) {
|
|
$pdo = db();
|
|
$stmt = $pdo->prepare("SELECT * FROM users WHERE email = ? AND (role = 'admin' OR role = 'editor')");
|
|
$stmt->execute([$email]);
|
|
$user = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
if ($user && password_verify($password, $user['password'])) {
|
|
session_start();
|
|
$_SESSION['user_id'] = $user['id'];
|
|
$_SESSION['user_name'] = $user['name'];
|
|
$_SESSION['role'] = $user['role'];
|
|
return ['success' => true];
|
|
} else {
|
|
// For security, we use a generic error message.
|
|
// Note: The default password 'ChangeMe123!' from the initial seed needs to be hashed correctly.
|
|
// Use scripts/seed_admin.php or a manual hash generation to set it up.
|
|
return ['success' => false, 'message' => 'Credenciais inválidas ou usuário não autorizado.'];
|
|
}
|
|
}
|
|
|
|
public function logout() {
|
|
session_start();
|
|
session_unset();
|
|
session_destroy();
|
|
}
|
|
|
|
public static function checkAuth() {
|
|
if (session_status() === PHP_SESSION_NONE) {
|
|
session_start();
|
|
}
|
|
if (!isset($_SESSION['user_id'])) {
|
|
header("Location: " . BASE_URL . "admin/login.php");
|
|
exit();
|
|
}
|
|
}
|
|
|
|
public static function isAdmin() {
|
|
self::checkAuth();
|
|
if ($_SESSION['role'] !== 'admin') {
|
|
// Redirect to a less privileged page or show an error
|
|
header("Location: " . BASE_URL . "admin/index.php?error=unauthorized");
|
|
exit();
|
|
}
|
|
}
|
|
}
|