67 lines
2.2 KiB
PHP
67 lines
2.2 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
require_once __DIR__ . '/../includes/bootstrap.php';
|
|
|
|
dbnToolsRequireMethod('POST');
|
|
$input = dbnToolsJsonInput(2048);
|
|
|
|
$email = strtolower(trim((string)($input['email'] ?? '')));
|
|
$password = (string)($input['password'] ?? '');
|
|
|
|
if ($email === '') {
|
|
dbnToolsError('Email is required.', 422, 'missing_email');
|
|
}
|
|
if ($password === '') {
|
|
dbnToolsError('Password is required.', 422, 'missing_password');
|
|
}
|
|
|
|
try {
|
|
$db = dbnToolsDb();
|
|
$client = dbnToolsFetchClient($db);
|
|
if (!$client || empty($client['is_active'])) {
|
|
dbnToolsError('Do Better Norge Caveau workspace is not active.', 503, 'client_unavailable');
|
|
}
|
|
|
|
$user = dbnToolsFetchActiveClientUser($email, (int)$client['id'], $db);
|
|
} catch (DbnToolsHttpException $e) {
|
|
dbnToolsError($e->getMessage(), $e->status, $e->errorCode, $e->extra);
|
|
} catch (Throwable $e) {
|
|
error_log('DBN tools login error: ' . $e->getMessage());
|
|
dbnToolsError('Caveau authentication is not available.', 503, 'auth_unavailable');
|
|
}
|
|
|
|
if (!$user || !password_verify($password, (string)$user['password_hash'])) {
|
|
dbnToolsError('Email or password was not accepted.', 401, 'invalid_credentials');
|
|
}
|
|
|
|
$packageAccess = dbnToolsCanUsePackage((int)$client['id'], dbnToolsRequiredPackageSlug(), $db);
|
|
if (empty($packageAccess['ok'])) {
|
|
dbnToolsError(
|
|
(string)$packageAccess['message'],
|
|
(int)$packageAccess['status'],
|
|
(string)$packageAccess['code']
|
|
);
|
|
}
|
|
|
|
session_regenerate_id(true);
|
|
$_SESSION['dbn_tools_authenticated'] = true;
|
|
$_SESSION['dbn_tools_authenticated_at'] = time();
|
|
$_SESSION['dbn_tools_anon_id'] = $_SESSION['dbn_tools_anon_id'] ?? bin2hex(random_bytes(16));
|
|
$_SESSION['dbn_tools_client_id'] = (int)$client['id'];
|
|
$_SESSION['dbn_tools_client_slug'] = (string)$client['slug'];
|
|
$_SESSION['dbn_tools_user_id'] = (int)$user['id'];
|
|
$_SESSION['dbn_tools_user_email'] = (string)$user['email'];
|
|
$_SESSION['dbn_tools_user_role'] = (string)$user['role'];
|
|
$_SESSION['dbn_tools_package_slug'] = dbnToolsRequiredPackageSlug();
|
|
|
|
dbnToolsRespond([
|
|
'ok' => true,
|
|
'authenticated' => true,
|
|
'session' => dbnToolsAnonymousSessionId(),
|
|
'user' => [
|
|
'email' => (string)$user['email'],
|
|
'role' => (string)$user['role'],
|
|
],
|
|
]);
|