diff options
| author | ilotterytea <iltsu@alright.party> | 2025-08-21 19:56:09 +0500 |
|---|---|---|
| committer | ilotterytea <iltsu@alright.party> | 2025-08-21 19:56:09 +0500 |
| commit | 649f386b9c1a08e12669c6c3acdb57928587cf27 (patch) | |
| tree | 4dfb501d90271a2764d0e922e3c9277ef46d9bb5 | |
| parent | 86d7d3102489db9f592eea283161a3ed1c91ed76 (diff) | |
| -rw-r--r-- | auth/validate.php | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/auth/validate.php b/auth/validate.php new file mode 100644 index 0000000..c1cc149 --- /dev/null +++ b/auth/validate.php @@ -0,0 +1,25 @@ +<?php +include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/config.php'; +include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/alert.php'; + +if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $token = $_POST['access_token'] ?? null; + + if (!isset($token)) { + exit(create_alert('/', 400, 'No access token provided.', null)); + } + + $hash = hash('sha256', $token); + + $db = new PDO(DB_URL, DB_USER, DB_PASS); + + $stmt = $db->prepare('SELECT user_id FROM tokens WHERE `hash` = ?'); + $stmt->execute([$hash]); + $token = $stmt->fetch(PDO::FETCH_ASSOC) ?: null; + + if (!$token) { + exit(create_alert('/', 401, 'Incorrect token.', null)); + } + + exit(create_alert('/', 200, null, ['id' => $token['user_id']])); +}
\ No newline at end of file |