views/user/authenticate.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

<?php

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    header('Allow: POST');
    http_response_code(405);
    header('Content-Type: text/plain');
    echo $_SERVER['REQUEST_METHOD'] . " request not allowed!";
    exit;
}

try {
    $token = Database\Cookie::fromDBtoken($TOKEN);
    if (strtotime($token->Expires) < strtotime('now')) {
        $token->delete();

        http_response_code(410);
        header('Content-Type: text/plain');
        exit;
    }
    $user = Database\Cookie::fromDB($TOKEN);

    http_response_code(200);
    header('Content-Type: text/plain');
    echo $user->Username;
}
catch(Exception $e) {
    http_response_code(401);
    header('Content-Type: text/plain');
    echo 'Bad token!';
}

exit;