admin 1
This commit is contained in:
Hamza-Ayed
@@ -1,57 +1,56 @@
|
||||
<?php
|
||||
require_once __DIR__ . '/../connect.php';
|
||||
require_once __DIR__ . '/../core/bootstrap.php';
|
||||
|
||||
// Get email and password from the request
|
||||
$email = filterRequest('email');
|
||||
$fingerprint = filterRequest('fingerprint');
|
||||
$password = filterRequest('password');
|
||||
$audience = filterRequest('aud') ?? 'service';
|
||||
|
||||
// Check if email and password are provided
|
||||
if (empty($email) || empty($password)) {
|
||||
echo json_encode([
|
||||
"status" => "failure",
|
||||
"message" => "Email and password are required."
|
||||
]);
|
||||
if (empty($fingerprint) || empty($password)) {
|
||||
jsonError("Fingerprint and password are required.");
|
||||
exit();
|
||||
}
|
||||
|
||||
// SQL to check for user with provided email
|
||||
$sql = "SELECT * FROM `users` WHERE `email` = :email";
|
||||
try {
|
||||
$con = Database::get('main');
|
||||
|
||||
// البحث بالبصمة للموظف
|
||||
$sql = "SELECT * FROM `users` WHERE `fingerprint` = :fp AND `user_type` = 'service' LIMIT 1";
|
||||
$stmt = $con->prepare($sql);
|
||||
$stmt->execute([':fp' => $fingerprint]);
|
||||
$user = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
$stmt = $con->prepare($sql);
|
||||
$stmt->bindParam(':email', $email);
|
||||
$stmt->execute();
|
||||
if ($user) {
|
||||
// التحقق من كلمة المرور
|
||||
if (password_verify($password, $user['password'])) {
|
||||
|
||||
// فك تشفير البيانات للعرض في التطبيق
|
||||
$user['first_name'] = $encryptionHelper->decryptData($user['first_name']) ?: $user['first_name'];
|
||||
$user['last_name'] = $encryptionHelper->decryptData($user['last_name']) ?: $user['last_name'];
|
||||
$user['email'] = $encryptionHelper->decryptData($user['email']) ?: $user['email'];
|
||||
$user['phone'] = $encryptionHelper->decryptData($user['phone']) ?: $user['phone'];
|
||||
|
||||
$user = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
unset($user['password']);
|
||||
|
||||
header('Content-Type: application/json'); // Ensure the response is JSON
|
||||
// توليد التوكن
|
||||
$jwtService = new JwtService($redis);
|
||||
$role = 'service';
|
||||
$jwt = $jwtService->generateAccessToken($user['id'], $role, $audience);
|
||||
|
||||
if ($user) {
|
||||
// Verify the password
|
||||
if ($password=== $user['password']) {
|
||||
// Password is correct
|
||||
unset($user['password']); // Remove password from the response
|
||||
echo json_encode([
|
||||
"status" => "success",
|
||||
"message" => "Login successful",
|
||||
"data" => $user
|
||||
]);
|
||||
printSuccess([
|
||||
"message" => "Login successful",
|
||||
"data" => $user,
|
||||
"jwt" => $jwt,
|
||||
"expires_in" => 3600
|
||||
]);
|
||||
} else {
|
||||
jsonError("Incorrect password");
|
||||
}
|
||||
} else {
|
||||
// Password is incorrect
|
||||
echo json_encode([
|
||||
"status" => "failure",
|
||||
"message" => "Incorrect password",
|
||||
"password"=>$password,
|
||||
"password1"=>$user['password'],
|
||||
]);
|
||||
jsonError("الجهاز غير مسجل لموظف خدمة.");
|
||||
}
|
||||
} else {
|
||||
// User not found
|
||||
echo json_encode([
|
||||
"status" => "failure",
|
||||
"message" => "User not found"
|
||||
]);
|
||||
} catch (Exception $e) {
|
||||
error_log("[ServiceApp Login Error] " . $e->getMessage());
|
||||
jsonError("Server error: " . $e->getMessage());
|
||||
}
|
||||
|
||||
$stmt = null; // Close the statement
|
||||
$con = null; // Close the connection
|
||||
exit(); // Ensure no further output
|
||||
exit();
|
||||
Reference in New Issue
Block a user