55 lines
1.5 KiB
PHP
55 lines
1.5 KiB
PHP
<?php
|
|
|
|
namespace Api\Controllers;
|
|
|
|
use Api\Core\Response;
|
|
use Api\Core\Auth;
|
|
|
|
class AuthController {
|
|
public function login() {
|
|
$data = json_decode(file_get_contents('php://input'), true);
|
|
$email = $data['email'] ?? '';
|
|
$password = $data['password'] ?? '';
|
|
|
|
if (!$email || !$password) {
|
|
Response::error('Email and password required');
|
|
}
|
|
|
|
$db = db();
|
|
$stmt = $db->prepare("SELECT * FROM users WHERE email = :email");
|
|
$stmt->execute(['email' => $email]);
|
|
$user = $stmt->fetch();
|
|
|
|
if ($user && password_verify($password, $user['password'])) {
|
|
$token = Auth::generateToken([
|
|
'user_id' => $user['id'],
|
|
'role' => $user['role'],
|
|
'school_id' => $user['school_id'],
|
|
'email' => $user['email']
|
|
]);
|
|
|
|
Response::json([
|
|
'token' => $token,
|
|
'user' => [
|
|
'id' => $user['id'],
|
|
'email' => $user['email'],
|
|
'role' => $user['role'],
|
|
'name' => $user['name'] ?? ''
|
|
]
|
|
]);
|
|
} else {
|
|
Response::error('Invalid credentials', 401);
|
|
}
|
|
}
|
|
|
|
public function me() {
|
|
$token = Auth::getBearerToken();
|
|
if (!$token) Response::error('No token provided', 401);
|
|
|
|
$payload = Auth::verifyToken($token);
|
|
if (!$payload) Response::error('Invalid or expired token', 401);
|
|
|
|
Response::json(['user' => $payload]);
|
|
}
|
|
}
|