Added authentication functionality and simple role based model

login.php

@@ -0,0 +1,44 @@
+<?php
+require 'db.php';
+require 'auth.php';
+
+header('Content-Type: application/json');
+
+$data = json_decode(file_get_contents('php://input'), true);
+$email = strtolower(trim($data['email'] ?? ''));
+$password = strval($data['password'] ?? '');
+
+$stmt = $pdo->prepare("
+    SELECT u.id, u.email, u.password_hash,
+           r.name AS role_name,
+           r.can_manage_settings
+    FROM users u
+    JOIN roles r ON r.id = u.role_id
+    WHERE u.email = ?
+    LIMIT 1
+");
+$stmt->execute([$email]);
+$user = $stmt->fetch(PDO::FETCH_ASSOC);
+
+if (!$user || !password_verify($password, $user['password_hash'])) {
+    http_response_code(401);
+    echo json_encode(['success' => false, 'error' => 'Invalid credentials']);
+    exit;
+}
+
+$_SESSION['user'] = [
+    'id' => intval($user['id']),
+    'email' => $user['email'],
+    'role' => $user['role_name'],
+    'can_manage_settings' => intval($user['can_manage_settings']),
+];
+
+echo json_encode([
+    'success' => true,
+    'user' => [
+        'id' => $_SESSION['user']['id'],
+        'email' => $_SESSION['user']['email'],
+        'role' => $_SESSION['user']['role'],
+        'can_manage_settings' => $_SESSION['user']['can_manage_settings'],
+    ]
+]);