Ecobuddy/api/login.php

<?php
/**
 * Login API endpoint
 * 
 * This endpoint handles user authentication and returns a JWT token
 * if the credentials are valid.
 */

require_once('../Models/User.php');

// Set content type to JSON
header('Content-Type: application/json');

// Only allow POST requests
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    http_response_code(405);
    echo json_encode(['error' => 'Method not allowed']);
    exit;
}

// Get JSON request body
$json = file_get_contents('php://input');
$data = json_decode($json, true);

// Validate request data
if (!$data || !isset($data['username']) || !isset($data['password'])) {
    http_response_code(400);
    echo json_encode(['error' => 'Invalid request data']);
    exit;
}

// Authenticate user
$user = new User();
$token = $user->Authenticate($data['username'], $data['password']);

if ($token) {
    // Authentication successful
    echo json_encode([
        'success' => true,
        'token' => $token,
        'user' => [
            'id' => $user->getUserId(),
            'username' => $user->getUsername(),
            'accessLevel' => $user->getAccessLevel()
        ]
    ]);
} else {
    // Authentication failed
    http_response_code(401);
    echo json_encode(['error' => 'Invalid credentials']);
}