Create login logic

2024-05-16 02:03:39 -07:00 · 2024-05-16 02:03:39 -07:00 · ad4b7fc4e7
commit ad4b7fc4e7
parent 68e0312c84
9 changed files with 188 additions and 14 deletions
--- a/php/Login.php
+++ b/php/Login.php
@ -6,11 +6,85 @@ if(!defined("COMMON"))
 $js = getJsonizedInput();

 // Read login parameters
-$username = $js["username"];
+$first = $js['first'];
+$last = $js['last'];
 $password = $js["password"];

 // Password is hashed
 // Compare against hash in database + : md5(salt)
 $DB = get_DB();

+$clientKey = $js['clientKey'];
+if($clientKey == CLIENTPSK) {
+    // PSK Matches, authorized application
+
+    $res = $DB->query("SELECT * FROM `UserAccounts` INNER JOIN `auth` ON `UserAccounts`.`PrincipalID` = `auth`.`UUID` WHERE `FirstName` = '$first' AND `LastName` = '$last';");
+/*
+ *
+    return User(
+        ID: UUID.parse(map['id'] as String),
+        FirstName: map['first'] as String,
+        LastName: map['last'] as String,
+        createdAt: map['rezzed'] as int,
+        userTitle: map['title'] as String);
+    return S2CLoginResponsePacket(
+        loggedIn: map['login'] as bool,
+        reason: map['reason'] as String,
+        user: User.parseJson(json.encode(map['user'])));
+ */
+    $id = NULLKEY;
+    $first = "";
+    $last = "";
+    $rezday = 0;
+    $title = "";
+    $login = false;
+    $reason = "Invalid password";
+    $active = false;
+
+    if($res->num_rows > 0) {
+        $row = $res->fetch_assoc();
+        $pwSalt = $row['passwordSalt'];
+        $pwHash = $row['passwordHash'];
+
+        if(md5($password.":" . $pwSalt) == $pwHash) {
+            // Login Success
+            $_SESSION['login'] = "1";
+            $id = $row['UUID'];
+            $first = $row['FirstName'];
+            $last = $row['LastName'];
+            $rezday = $row['createdAt'];
+            $title = $row['UserTitle'];
+            $active = $row['active'] == 1;
+
+            $reason = "success";
+            $login=true;
+        }
+    }
+    else {
+        $reason = "No such user";
+    }
+
+    die(json_encode(
+        array(
+            "login" => $login,
+            "reason" => $reason,
+            "type" => "S2CLoginResponse",
+            "user" => array(
+                "id" => $id,
+                "first" => $first,
+                "last" => $last,
+                "title" => $title,
+                "rez" => $rezday,
+                "active" => $active
+            )
+        )
+    ));
+} else {
+    die(json_encode(array(
+        "login" => false,
+        "reason" => "Unauthorized",
+        "type" => "S2CLoginResponse"
+    )));
+}
+
 ?>