Files

41 lines
1.2 KiB
PHP

<?php
require_once 'config.php';
require_once 'vendor/autoload.php';
use Firebase\JWT\JWT;
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST');
header('Access-Control-Allow-Headers: Content-Type');
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$body = json_decode(file_get_contents('php://input'), true);
$username = $body['username'] ?? '';
$password = $body['password'] ?? '';
$db = get_db();
$stmt = $db->prepare("SELECT * FROM users WHERE username = ? AND password = ?");
$stmt->bind_param("ss", $username, $password);
$stmt->execute();
$result = $stmt->get_result();
$user = $result->fetch_assoc();
$db->close();
if ($user) {
$payload = [
'sub' => $username,
'iat' => time(),
'exp' => time() + 900
];
$token = JWT::encode($payload, JWT_SECRET, 'HS256');
echo json_encode(['token' => $token]);
} else {
http_response_code(401);
echo json_encode(['message' => 'Identifiants incorrects']);
}
} else {
http_response_code(405);
echo json_encode(['message' => 'Méthode non autorisée']);
}
?>