diff options
| author | ilotterytea <iltsu@alright.party> | 2025-12-11 00:18:06 +0500 |
|---|---|---|
| committer | ilotterytea <iltsu@alright.party> | 2025-12-11 00:18:06 +0500 |
| commit | 6527c452e1a48f52afea00ad82507fe8a02bd5ea (patch) | |
| tree | 6388e7cff157ef975b73c61c34435a70238fed89 /account | |
| parent | 211c6949f9b90939020924a023d5ef75a8bea5b0 (diff) | |
feat: return token if the request accepts json
Diffstat (limited to 'account')
| -rw-r--r-- | account/login/index.php | 29 |
1 files changed, 18 insertions, 11 deletions
diff --git a/account/login/index.php b/account/login/index.php index 14f7c4e..fd0d386 100644 --- a/account/login/index.php +++ b/account/login/index.php @@ -1,7 +1,7 @@ <?php include "{$_SERVER['DOCUMENT_ROOT']}/lib/accounts.php"; -if (authorize_user()) { +if (authorize_user() && !CLIENT_REQUIRES_JSON) { header("Location: /account"); exit; } @@ -25,19 +25,26 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") { $stmt = $db->prepare("SELECT secret_key, password FROM users WHERE username = ? AND password IS NOT NULL"); $stmt->execute([$username]); - if ($row = $stmt->fetch()) { - if (password_verify($password, $row["password"])) { - setcookie("secret_key", $row["secret_key"], $remember ? (time() + CONFIG['account']['maxcookielifetime']) : 0, "/"); - header("Location: /account"); - exit; - } else { - generate_alert("/account/login", "Passwords do not match!", 403); - exit; - } - } else { + $row = $stmt->fetch(PDO::FETCH_ASSOC) ?: null; + if (!$row || !password_verify($password, $row["password"])) { generate_alert("/account/login", "User not found or is not accessable", 404); exit; } + + if (CLIENT_REQUIRES_JSON) { + json_response([ + "status_code" => 200, + "message" => null, + "data" => [ + 'secret_key' => $row["secret_key"] + ] + ]); + } else { + setcookie("secret_key", $row["secret_key"], $remember ? (time() + CONFIG['account']['maxcookielifetime']) : 0, "/"); + header("Location: /account"); + } + + exit(); } ?> |