Add login endpoint and update Android login to username/password #17
Binary file not shown.
@@ -101,5 +101,6 @@ $router->put('/api/servers/:id', [ApiController::class, 'serverUpdate']);
|
||||
$router->delete('/api/servers/:id', [ApiController::class, 'serverDelete']);
|
||||
$router->get('/api/servers/:id/metrics', [ApiController::class, 'serverMetrics']);
|
||||
$router->post('/api/servers/:id/execute', [ApiController::class, 'executeCommand']);
|
||||
$router->post('/api/auth/login', [ApiController::class, 'login']);
|
||||
$router->get('/api/users', [ApiController::class, 'users']);
|
||||
$router->get('/api/refresh-metrics', [ApiController::class, 'refreshAllMetrics']);
|
||||
|
||||
@@ -6,13 +6,13 @@ namespace ServerManager\Controllers;
|
||||
|
||||
use ServerManager\Core\App;
|
||||
use ServerManager\Core\Session;
|
||||
use ServerManager\Core\Validator;
|
||||
use ServerManager\Models\Server;
|
||||
use ServerManager\Models\User;
|
||||
use ServerManager\Services\MonitoringService;
|
||||
use ServerManager\Services\SSHService;
|
||||
use ServerManager\Services\AuditService;
|
||||
use ServerManager\Models\CommandHistory;
|
||||
use ServerManager\Core\Validator;
|
||||
|
||||
class ApiController
|
||||
{
|
||||
@@ -305,4 +305,59 @@ class ApiController
|
||||
'data' => $results,
|
||||
]);
|
||||
}
|
||||
|
||||
public function login(): void
|
||||
{
|
||||
$input = json_decode(file_get_contents('php://input'), true) ?? $_POST;
|
||||
|
||||
$validator = new Validator();
|
||||
$rules = [
|
||||
'username' => 'required',
|
||||
'password' => 'required|min:6',
|
||||
];
|
||||
|
||||
if (!$validator->validate($input, $rules)) {
|
||||
$this->view->json([
|
||||
'success' => false,
|
||||
'error' => $validator->getFirstError(),
|
||||
], 400);
|
||||
return;
|
||||
}
|
||||
|
||||
$userModel = new User();
|
||||
$user = $userModel->authenticate($input['username'], $input['password']);
|
||||
|
||||
if (!$user) {
|
||||
$auditService = new AuditService();
|
||||
$auditService->logLogin($input['username'], false, 'Invalid credentials');
|
||||
$this->view->json([
|
||||
'success' => false,
|
||||
'error' => 'Invalid username or password.',
|
||||
], 401);
|
||||
return;
|
||||
}
|
||||
|
||||
$token = $user['api_token'];
|
||||
if (empty($token)) {
|
||||
$security = new \ServerManager\Core\Security();
|
||||
$token = $security->generateApiToken();
|
||||
$userModel->update((int) $user['id'], ['api_token' => $token]);
|
||||
}
|
||||
|
||||
$auditService = new AuditService();
|
||||
$auditService->logLogin($input['username'], true);
|
||||
|
||||
$this->view->json([
|
||||
'success' => true,
|
||||
'data' => [
|
||||
'token' => $token,
|
||||
'user' => [
|
||||
'id' => (int) $user['id'],
|
||||
'username' => $user['username'],
|
||||
'email' => $user['email'],
|
||||
'role' => $user['role'],
|
||||
],
|
||||
],
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user