Merge pull request 'Add login endpoint and update Android login to username/password' (#17) from feature/login-endpoint into master

Reviewed-on: #17
Reviewed-by: rafaga21 <rafaelminaya20@hotmail.com>
This commit was merged in pull request #17.
This commit is contained in:
2026-06-07 18:13:26 -04:00
3 changed files with 57 additions and 1 deletions

Binary file not shown.

View File

@@ -101,5 +101,6 @@ $router->put('/api/servers/:id', [ApiController::class, 'serverUpdate']);
$router->delete('/api/servers/:id', [ApiController::class, 'serverDelete']); $router->delete('/api/servers/:id', [ApiController::class, 'serverDelete']);
$router->get('/api/servers/:id/metrics', [ApiController::class, 'serverMetrics']); $router->get('/api/servers/:id/metrics', [ApiController::class, 'serverMetrics']);
$router->post('/api/servers/:id/execute', [ApiController::class, 'executeCommand']); $router->post('/api/servers/:id/execute', [ApiController::class, 'executeCommand']);
$router->post('/api/auth/login', [ApiController::class, 'login']);
$router->get('/api/users', [ApiController::class, 'users']); $router->get('/api/users', [ApiController::class, 'users']);
$router->get('/api/refresh-metrics', [ApiController::class, 'refreshAllMetrics']); $router->get('/api/refresh-metrics', [ApiController::class, 'refreshAllMetrics']);

View File

@@ -6,13 +6,13 @@ namespace ServerManager\Controllers;
use ServerManager\Core\App; use ServerManager\Core\App;
use ServerManager\Core\Session; use ServerManager\Core\Session;
use ServerManager\Core\Validator;
use ServerManager\Models\Server; use ServerManager\Models\Server;
use ServerManager\Models\User; use ServerManager\Models\User;
use ServerManager\Services\MonitoringService; use ServerManager\Services\MonitoringService;
use ServerManager\Services\SSHService; use ServerManager\Services\SSHService;
use ServerManager\Services\AuditService; use ServerManager\Services\AuditService;
use ServerManager\Models\CommandHistory; use ServerManager\Models\CommandHistory;
use ServerManager\Core\Validator;
class ApiController class ApiController
{ {
@@ -305,4 +305,59 @@ class ApiController
'data' => $results, 'data' => $results,
]); ]);
} }
public function login(): void
{
$input = json_decode(file_get_contents('php://input'), true) ?? $_POST;
$validator = new Validator();
$rules = [
'username' => 'required',
'password' => 'required|min:6',
];
if (!$validator->validate($input, $rules)) {
$this->view->json([
'success' => false,
'error' => $validator->getFirstError(),
], 400);
return;
}
$userModel = new User();
$user = $userModel->authenticate($input['username'], $input['password']);
if (!$user) {
$auditService = new AuditService();
$auditService->logLogin($input['username'], false, 'Invalid credentials');
$this->view->json([
'success' => false,
'error' => 'Invalid username or password.',
], 401);
return;
}
$token = $user['api_token'];
if (empty($token)) {
$security = new \ServerManager\Core\Security();
$token = $security->generateApiToken();
$userModel->update((int) $user['id'], ['api_token' => $token]);
}
$auditService = new AuditService();
$auditService->logLogin($input['username'], true);
$this->view->json([
'success' => true,
'data' => [
'token' => $token,
'user' => [
'id' => (int) $user['id'],
'username' => $user['username'],
'email' => $user['email'],
'role' => $user['role'],
],
],
]);
}
} }