113 lines
3.5 KiB
PHP
113 lines
3.5 KiB
PHP
<?php
|
|
require_once('Models/AuthService.php');
|
|
require_once('Models/UserDataSet.php');
|
|
require_once('Models/User.php');
|
|
|
|
// Enable CORS
|
|
header('Access-Control-Allow-Origin: *');
|
|
header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
|
|
header('Access-Control-Allow-Headers: Content-Type, Authorization');
|
|
header('Content-Type: application/json');
|
|
|
|
// Handle OPTIONS request
|
|
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
|
|
http_response_code(200);
|
|
exit;
|
|
}
|
|
|
|
try {
|
|
$auth = new AuthService();
|
|
$userDataSet = new UserDataSet();
|
|
|
|
// Handle POST request for login
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$data = json_decode(file_get_contents('php://input'), true);
|
|
|
|
// Handle token refresh
|
|
if (isset($data['action']) && $data['action'] === 'refresh') {
|
|
if (!isset($data['refreshToken'])) {
|
|
http_response_code(400);
|
|
echo json_encode(['error' => 'Refresh token is required']);
|
|
exit;
|
|
}
|
|
|
|
$refreshToken = $data['refreshToken'];
|
|
$newToken = $auth->refreshToken($refreshToken);
|
|
|
|
if (!$newToken) {
|
|
http_response_code(401);
|
|
echo json_encode(['error' => 'Invalid or expired refresh token']);
|
|
exit;
|
|
}
|
|
|
|
echo json_encode([
|
|
'success' => true,
|
|
'token' => $newToken
|
|
]);
|
|
exit;
|
|
}
|
|
|
|
// Handle login
|
|
if (!isset($data['username']) || !isset($data['password'])) {
|
|
http_response_code(400);
|
|
echo json_encode(['error' => 'Username and password are required']);
|
|
exit;
|
|
}
|
|
|
|
// Authenticate user
|
|
$user = new User();
|
|
$token = $user->Authenticate($data['username'], $data['password']);
|
|
|
|
if ($token) {
|
|
// Generate refresh token
|
|
$refreshToken = $auth->generateRefreshToken([
|
|
'id' => $user->getUserId(),
|
|
'username' => $user->getUsername(),
|
|
'accessLevel' => $user->getAccessLevel()
|
|
]);
|
|
|
|
echo json_encode([
|
|
'success' => true,
|
|
'token' => $token,
|
|
'refreshToken' => $refreshToken,
|
|
'user' => [
|
|
'id' => $user->getUserId(),
|
|
'username' => $user->getUsername(),
|
|
'accessLevel' => $user->getAccessLevel()
|
|
]
|
|
]);
|
|
} else {
|
|
http_response_code(401);
|
|
echo json_encode(['error' => 'Invalid credentials']);
|
|
}
|
|
exit;
|
|
}
|
|
|
|
// Handle GET request for token validation
|
|
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
|
|
$auth = User::checkAuth(false);
|
|
|
|
if ($auth) {
|
|
echo json_encode([
|
|
'valid' => true,
|
|
'user' => [
|
|
'id' => $auth['uid'],
|
|
'username' => $auth['username'],
|
|
'accessLevel' => $auth['accessLevel']
|
|
]
|
|
]);
|
|
} else {
|
|
http_response_code(401);
|
|
echo json_encode(['valid' => false, 'error' => 'Invalid or expired token']);
|
|
}
|
|
exit;
|
|
}
|
|
|
|
http_response_code(405);
|
|
echo json_encode(['error' => 'Method not allowed']);
|
|
|
|
} catch (Exception $e) {
|
|
error_log('Auth error: ' . $e->getMessage());
|
|
http_response_code(500);
|
|
echo json_encode(['error' => 'Server error', 'message' => $e->getMessage()]);
|
|
}
|