Added username to accounts
This commit is contained in:
Garcia-Gomez
33
login.php
33
login.php
@@ -5,19 +5,32 @@ require 'auth.php';
|
||||
header('Content-Type: application/json');
|
||||
|
||||
$data = json_decode(file_get_contents('php://input'), true);
|
||||
$email = strtolower(trim($data['email'] ?? ''));
|
||||
|
||||
// Keep front-end field name "email" for compatibility; it can now be email OR username
|
||||
$identifierRaw = trim($data['email'] ?? '');
|
||||
$identifier = strtolower($identifierRaw);
|
||||
$password = strval($data['password'] ?? '');
|
||||
|
||||
$stmt = $pdo->prepare("
|
||||
SELECT u.id, u.email, u.password_hash,
|
||||
if ($identifier === '') {
|
||||
http_response_code(400);
|
||||
echo json_encode(['success' => false, 'error' => 'Email or username is required']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$isEmail = filter_var($identifier, FILTER_VALIDATE_EMAIL) !== false;
|
||||
|
||||
$sql = "
|
||||
SELECT u.id, u.email, u.username, u.password_hash,
|
||||
r.name AS role_name,
|
||||
r.can_manage_settings
|
||||
FROM users u
|
||||
JOIN roles r ON r.id = u.role_id
|
||||
WHERE u.email = ?
|
||||
WHERE " . ($isEmail ? "u.email = ?" : "u.username = ?") . "
|
||||
LIMIT 1
|
||||
");
|
||||
$stmt->execute([$email]);
|
||||
";
|
||||
|
||||
$stmt = $pdo->prepare($sql);
|
||||
$stmt->execute([$identifier]);
|
||||
$user = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
if (!$user || !password_verify($password, $user['password_hash'])) {
|
||||
@@ -27,10 +40,11 @@ if (!$user || !password_verify($password, $user['password_hash'])) {
|
||||
}
|
||||
|
||||
$_SESSION['user'] = [
|
||||
'id' => intval($user['id']),
|
||||
'id' => (int)$user['id'],
|
||||
'email' => $user['email'],
|
||||
'username' => $user['username'], // NEW
|
||||
'role' => $user['role_name'],
|
||||
'can_manage_settings' => intval($user['can_manage_settings']),
|
||||
'can_manage_settings' => (int)$user['can_manage_settings'],
|
||||
];
|
||||
|
||||
// Set active profile for this session (default profile if available)
|
||||
@@ -39,14 +53,12 @@ $stmt->execute([$_SESSION['user']['id']]);
|
||||
$profileId = $stmt->fetchColumn();
|
||||
|
||||
if (!$profileId) {
|
||||
// Fallback to first profile
|
||||
$stmt = $pdo->prepare("SELECT id FROM profiles WHERE user_id = ? ORDER BY id ASC LIMIT 1");
|
||||
$stmt->execute([$_SESSION['user']['id']]);
|
||||
$profileId = $stmt->fetchColumn();
|
||||
}
|
||||
|
||||
if (!$profileId) {
|
||||
// Last-resort: create a default profile if none exist (useful for new users)
|
||||
$stmt = $pdo->prepare("INSERT INTO profiles (user_id, name, is_default) VALUES (?, 'Default', 1)");
|
||||
$stmt->execute([$_SESSION['user']['id']]);
|
||||
$profileId = $pdo->lastInsertId();
|
||||
@@ -59,6 +71,7 @@ echo json_encode([
|
||||
'user' => [
|
||||
'id' => $_SESSION['user']['id'],
|
||||
'email' => $_SESSION['user']['email'],
|
||||
'username' => $_SESSION['user']['username'], // NEW
|
||||
'role' => $_SESSION['user']['role'],
|
||||
'can_manage_settings' => $_SESSION['user']['can_manage_settings'],
|
||||
],
|
||||
|
||||
Reference in New Issue
Block a user