diff options
| -rw-r--r-- | README.md | 12 | ||||
| -rw-r--r-- | backend/auth.php | 49 | ||||
| -rw-r--r-- | backend/join.php | 46 |
3 files changed, 107 insertions, 0 deletions
@@ -23,3 +23,15 @@ php -S localhost:8000 # start frontend # coming soon... ``` + +You send requests to the API like this: + +```sh +curl -X POST -d '{ "key": "value" }' http://localhost:8000/yourapifile.php +``` + +`index.php` automatically creates the required database tables if they do not already exist, so just request that API to have everything set up for you. + +## To-Do + +- add name and password change diff --git a/backend/auth.php b/backend/auth.php new file mode 100644 index 0000000..cf646d8 --- /dev/null +++ b/backend/auth.php @@ -0,0 +1,49 @@ +<?php +header('Content-Type: application/json; charset=UTF-8'); + +try { + $pdo = new PDO("mysql:host=127.0.0.1;dbname=hitlerclicker", "root", "aA1234Aa"); +} catch(PDOException $e) { + die('{ "status": "database offline" }'); +}; + +$wrkarr = []; +$ifarr = [ "name", "password" ]; +$postjson = json_decode(file_get_contents('php://input'), true); +foreach ($ifarr as $i): + if (isset($postjson[$i])): + $newarr = [ + "$i" => "$postjson[$i]", + ]; + $wrkarr = array_merge($wrkarr, $newarr); + endif; +endforeach; + +if (!isset($wrkarr["name"]) || trim($wrkarr["name"]) == ""): + die('{ "status": "login (name) was not provided.\ncould not attempt to log in." }'); +elseif (!isset($wrkarr["password"]) || trim($wrkarr["password"]) == ""): + die('{ "status": "password was not provided.\ncould not attempt to log in." }'); +else: + + $query = $pdo->prepare("SELECT name, password FROM users WHERE name LIKE ?"); + $query -> execute([$wrkarr["name"]]); + $found = $query->fetch(PDO::FETCH_ASSOC); + if ($found): + + if (!password_verify($wrkarr["password"], $found["password"])): + die('{ "status": "wrong password." }'); + else: + + die('{ "status": "success" }'); + + endif; + + else: + die('{ "status": "name does not exist in the database." }'); + endif; + +endif; + +echo '{ "status": "online" }'; + +?> diff --git a/backend/join.php b/backend/join.php new file mode 100644 index 0000000..2290f26 --- /dev/null +++ b/backend/join.php @@ -0,0 +1,46 @@ +<?php +header('Content-Type: application/json; charset=UTF-8'); + +try { + $pdo = new PDO("mysql:host=127.0.0.1;dbname=hitlerclicker", "root", "aA1234Aa"); +} catch(PDOException $e) { + die('{ "status": "database offline" }'); +}; + +$wrkarr = []; +$ifarr = [ "name", "password" ]; +$postjson = json_decode(file_get_contents('php://input'), true); +foreach ($ifarr as $i): + if (isset($postjson[$i])): + $newarr = [ + "$i" => "$postjson[$i]", + ]; + $wrkarr = array_merge($wrkarr, $newarr); + endif; +endforeach; + +if (!isset($wrkarr["name"]) || trim($wrkarr["name"]) == ""): + die('{ "status": "login (name) was not provided.\ncould not attempt to join." }'); +elseif (!isset($wrkarr["password"]) || trim($wrkarr["password"]) == ""): + die('{ "status": "password was not provided.\ncould not attempt to join." }'); +else: + + $query = $pdo->prepare("SELECT name, password FROM users WHERE name LIKE ?"); + $query -> execute([$wrkarr["name"]]); + $found = $query->fetch(PDO::FETCH_ASSOC); + if ($found) { + die('{ "status": "name already exists in the database." }'); + } + + $query = $pdo->prepare("INSERT INTO users (name, password) VALUES (:name, :password)"); + $query->execute([ + "name" => filter_var($wrkarr["name"]), + "password" => password_hash($wrkarr["password"], PASSWORD_DEFAULT), + ]); + die('{ "status": "success" }'); + +endif; + +echo '{ "status": "online" }'; + +?> |