Witam serdecznie forumowiczów. Mam problem z logowaniem. Za każym razem czy podam prawidłowy email i hasło lub nieprawidłowe nie mogę się zalogować i zwraca mi ze dane są nieprawidłowe " Invalid credentials" .. Kod logowania wstawiam poniżej :
Metoda z klasy User.php :
``function emailExists(){
// query to check if email exists
$query = "SELECT id, firstname, lastname, password
FROM " . $this->table_name . "
WHERE email = ?
LIMIT 0,1";
// prepare the query
$stmt = $this->conn->prepare( $query );
// sanitize
$this->email=htmlspecialchars(strip_tags($this->email));
// bind given email value
$stmt->bindParam(1, $this->email);
// execute the query
$stmt->execute();
// get number of rows
$num = $stmt->rowCount();
// if email exists, assign values to object properties for easy access and use for php sessions
if($num>0){
// get record details / values
$row = $stmt->fetch(PDO::FETCH_ASSOC);
// assign values to object properties
$this->id = $row['id'];
$this->firstname = $row['firstname'];
$this->lastname = $row['lastname'];
$this->password = $row['password'];
// return true because email exists in the database
return true;
}
// return false if email does not exist in the database
return false;
}``
Plik Login:
ini_set("display_errors", 1);
// include vendor
require 'C:\xampp\htdocs\rest-api-authentication-example\vendor\autoload.php';
use \Firebase\JWT\JWT;
//include headers
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: POST");
header("Content-type: application/json; charset=utf-8");
// including files
include_once 'C:\xampp\htdocs\rest-api-authentication-example\api\config\database.php';
include_once 'C:\xampp\htdocs\rest-api-authentication-example\objects\user.php';
//objects
$database = new Database();
$db = $database->getConnection();
// instantiate product object
$user_obj = new User($db);
if($_SERVER['REQUEST_METHOD'] === "GET"){
$data = json_decode(file_get_contents("php://input"));
if(!empty($data->email) && !empty($data->password)){
$email = $data->email;
//$password = $data->password;
$data = $user_obj->emailExists();
if(!empty($data)){
$firstname = $data['firstname'];
$email = $data['email'];
$password = $data['password'];
if(password_verify($data->password, $password)){ // normal password, hashed password
$iss = "localhost";
$iat = time();
$nbf = $iat + 10;
$exp = $iat + 180;
$aud = "users";
$user_arr_data = array(
"id" => $data['id'],
"name" => $data['firstname'],
"email" => $data['email']
);
$secret_key = "owt125";
$payload_info = array(
"iss"=> $iss,
"iat"=> $iat,
"nbf"=> $nbf,
"exp"=> $exp,
"aud"=> $aud,
"data"=> $user_arr_data
);
$jwt = JWT::encode($payload_info, $secret_key, 'HS512');
http_response_code(200);
echo json_encode(array(
"status" => 1,
"jwt" => $jwt,
"message" => "User logged in successfully"
));
}else{
http_response_code(404);
echo json_encode(array(
"status" => 0,
"message" => "Invalid credentials"
));
}
}else{
http_response_code(404);
echo json_encode(array(
"status" => 0,
"message" => "Invalid credentials"
));
}
}else{
http_response_code(404);
echo json_encode(array(
"status" => 0,
"message" => "All data needed"
));
}
}```