ringfinger/backend/classes/controller/UserSessionPostController.php

44 lines
1.2 KiB
PHP

<?php
declare(strict_types=1);
final class UserSessionPostController extends AbstractController
{
protected string $route = '/api/v1/user/session';
protected array $mandatoryAttributes = [
'username',
'password',
];
public function handle(): void
{
parent::handle();
if ($this->response->getStatus() !== ServerStatus::OK) {
return;
}
$json = json_decode($this->requestBody);
$session = new Session();
if ($session->IsLoggedIn()) {
$this->response = new ApiJsonResponse(ServerStatus::BAD_REQUEST);
$this->response->setParameter('success', false);
$this->response->setMessage('You are already logged in!');
return;
}
if (!$session->Login($json->username, $json->password)) {
$this->response = new ApiJsonResponse(ServerStatus::UNAUTHORIZED);
$this->response->setParameter('success', false);
$this->response->setMessage('Login failed!');
return;
}
$this->response = new ApiJsonResponse();
$this->response->setParameter('userId', $session->getUserId());
}
}