From a8a338599b3d891ee72a48a5f01f25c1ded31f21 Mon Sep 17 00:00:00 2001
From: ilotterytea <iltsu@alright.party>
Date: Sun, 26 Oct 2025 18:07:02 +0500
Subject: feat: authenticate users

---
 database.sql  | 10 ++++++++++
 lib/users.php | 32 ++++++++++++++++++++++++++++++++
 2 files changed, 42 insertions(+)
 create mode 100644 lib/users.php

diff --git a/database.sql b/database.sql
index 4ca7639..42a6b50 100644
--- a/database.sql
+++ b/database.sql
@@ -5,6 +5,16 @@ CREATE TABLE IF NOT EXISTS users (
     joined_at TIMESTAMP NOT NULL DEFAULT UTC_TIMESTAMP
 );
 
+CREATE TABLE IF NOT EXISTS user_connections (
+    id BIGINT PRIMARY KEY AUTO_INCREMENT,
+    user_id BIGINT NOT NULL REFERENCES users(id),
+    user_alias_id TEXT NOT NULL,
+    user_alias_name TEXT NOT NULL,
+    platform TEXT NOT NULL,
+    connected_at TIMESTAMP NOT NULL DEFAULT UTC_TIMESTAMP,
+    UNIQUE (platform, user_id)
+);
+
 CREATE TABLE IF NOT EXISTS sounds (
     id BIGINT PRIMARY KEY AUTO_INCREMENT,
     code TEXT NOT NULL,
diff --git a/lib/users.php b/lib/users.php
new file mode 100644
index 0000000..e454a72
--- /dev/null
+++ b/lib/users.php
@@ -0,0 +1,32 @@
+<?php
+include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/config.php';
+
+function authenticate_user(): bool
+{
+    session_start();
+    if (!isset($_COOKIE['SECRET_TINYSOUNDS_KEY'])) {
+        unset($_SESSION['user']);
+        return false;
+    }
+
+    $db = new PDO(DB_URL, DB_USER, DB_PASS);
+
+    $stmt = $db->prepare('SELECT * FROM users WHERE token = ?');
+    $stmt->execute([$_COOKIE['SECRET_TINYSOUNDS_KEY']]);
+
+    $user = $stmt->fetch(PDO::FETCH_ASSOC) ?: null;
+
+    if (!$user) {
+        unset($_COOKIE['SECRET_TINYSOUNDS_KEY']);
+        unset($_SESSION['user']);
+        return false;
+    }
+
+    $stmt = $db->prepare('SELECT * FROM user_connections WHERE user_id = ?');
+    $stmt->execute([$user['id']]);
+
+    $user['connections'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    $_SESSION['user'] = $user;
+    return true;
+}
\ No newline at end of file
-- 
cgit v1.2.3