diff options
| author | hitlerrip <git@hitler.rip> | 2025-07-29 19:44:31 +0200 |
|---|---|---|
| committer | hitlerrip <git@hitler.rip> | 2025-07-29 19:44:31 +0200 |
| commit | 551b95fa58bf62b4a0780e09b9cba434eae52786 (patch) | |
| tree | 2691f6ff652f514cf94e6c860d5ce942925f1c7a /backend | |
| parent | 3c0ebfbbcd9d41b936ede928af05db9f15733d1a (diff) | |
| download | hitler-clicker-551b95fa58bf62b4a0780e09b9cba434eae52786.tar.gz hitler-clicker-551b95fa58bf62b4a0780e09b9cba434eae52786.tar.bz2 hitler-clicker-551b95fa58bf62b4a0780e09b9cba434eae52786.zip | |
basic auth
added basic authentication apis
Diffstat (limited to 'backend')
| -rw-r--r-- | backend/auth.php | 49 | ||||
| -rw-r--r-- | backend/join.php | 46 |
2 files changed, 95 insertions, 0 deletions
diff --git a/backend/auth.php b/backend/auth.php new file mode 100644 index 0000000..cf646d8 --- /dev/null +++ b/backend/auth.php @@ -0,0 +1,49 @@ +<?php +header('Content-Type: application/json; charset=UTF-8'); + +try { + $pdo = new PDO("mysql:host=127.0.0.1;dbname=hitlerclicker", "root", "aA1234Aa"); +} catch(PDOException $e) { + die('{ "status": "database offline" }'); +}; + +$wrkarr = []; +$ifarr = [ "name", "password" ]; +$postjson = json_decode(file_get_contents('php://input'), true); +foreach ($ifarr as $i): + if (isset($postjson[$i])): + $newarr = [ + "$i" => "$postjson[$i]", + ]; + $wrkarr = array_merge($wrkarr, $newarr); + endif; +endforeach; + +if (!isset($wrkarr["name"]) || trim($wrkarr["name"]) == ""): + die('{ "status": "login (name) was not provided.\ncould not attempt to log in." }'); +elseif (!isset($wrkarr["password"]) || trim($wrkarr["password"]) == ""): + die('{ "status": "password was not provided.\ncould not attempt to log in." }'); +else: + + $query = $pdo->prepare("SELECT name, password FROM users WHERE name LIKE ?"); + $query -> execute([$wrkarr["name"]]); + $found = $query->fetch(PDO::FETCH_ASSOC); + if ($found): + + if (!password_verify($wrkarr["password"], $found["password"])): + die('{ "status": "wrong password." }'); + else: + + die('{ "status": "success" }'); + + endif; + + else: + die('{ "status": "name does not exist in the database." }'); + endif; + +endif; + +echo '{ "status": "online" }'; + +?> diff --git a/backend/join.php b/backend/join.php new file mode 100644 index 0000000..2290f26 --- /dev/null +++ b/backend/join.php @@ -0,0 +1,46 @@ +<?php +header('Content-Type: application/json; charset=UTF-8'); + +try { + $pdo = new PDO("mysql:host=127.0.0.1;dbname=hitlerclicker", "root", "aA1234Aa"); +} catch(PDOException $e) { + die('{ "status": "database offline" }'); +}; + +$wrkarr = []; +$ifarr = [ "name", "password" ]; +$postjson = json_decode(file_get_contents('php://input'), true); +foreach ($ifarr as $i): + if (isset($postjson[$i])): + $newarr = [ + "$i" => "$postjson[$i]", + ]; + $wrkarr = array_merge($wrkarr, $newarr); + endif; +endforeach; + +if (!isset($wrkarr["name"]) || trim($wrkarr["name"]) == ""): + die('{ "status": "login (name) was not provided.\ncould not attempt to join." }'); +elseif (!isset($wrkarr["password"]) || trim($wrkarr["password"]) == ""): + die('{ "status": "password was not provided.\ncould not attempt to join." }'); +else: + + $query = $pdo->prepare("SELECT name, password FROM users WHERE name LIKE ?"); + $query -> execute([$wrkarr["name"]]); + $found = $query->fetch(PDO::FETCH_ASSOC); + if ($found) { + die('{ "status": "name already exists in the database." }'); + } + + $query = $pdo->prepare("INSERT INTO users (name, password) VALUES (:name, :password)"); + $query->execute([ + "name" => filter_var($wrkarr["name"]), + "password" => password_hash($wrkarr["password"], PASSWORD_DEFAULT), + ]); + die('{ "status": "success" }'); + +endif; + +echo '{ "status": "online" }'; + +?> |