summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--auth/validate.php25
1 files changed, 25 insertions, 0 deletions
diff --git a/auth/validate.php b/auth/validate.php
new file mode 100644
index 0000000..c1cc149
--- /dev/null
+++ b/auth/validate.php
@@ -0,0 +1,25 @@
+<?php
+include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/config.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/alert.php';
+
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+ $token = $_POST['access_token'] ?? null;
+
+ if (!isset($token)) {
+ exit(create_alert('/', 400, 'No access token provided.', null));
+ }
+
+ $hash = hash('sha256', $token);
+
+ $db = new PDO(DB_URL, DB_USER, DB_PASS);
+
+ $stmt = $db->prepare('SELECT user_id FROM tokens WHERE `hash` = ?');
+ $stmt->execute([$hash]);
+ $token = $stmt->fetch(PDO::FETCH_ASSOC) ?: null;
+
+ if (!$token) {
+ exit(create_alert('/', 401, 'Incorrect token.', null));
+ }
+
+ exit(create_alert('/', 200, null, ['id' => $token['user_id']]));
+} \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-11 03:39:34 +0000