Initial commit
This commit is contained in:
+125
@@ -0,0 +1,125 @@
|
||||
<?php
|
||||
require_once 'config.php';
|
||||
|
||||
$method = $_SERVER['REQUEST_METHOD'];
|
||||
$action = $_GET['action'] ?? '';
|
||||
|
||||
switch ($method) {
|
||||
case 'POST':
|
||||
if ($action === 'register') {
|
||||
register();
|
||||
} elseif ($action === 'login') {
|
||||
login();
|
||||
}
|
||||
break;
|
||||
|
||||
case 'GET':
|
||||
if ($action === 'me') {
|
||||
getCurrentUserInfo();
|
||||
}
|
||||
break;
|
||||
|
||||
default:
|
||||
jsonResponse(['error' => 'Méthode non autorisée'], 405);
|
||||
}
|
||||
|
||||
function register() {
|
||||
$data = getJsonInput();
|
||||
|
||||
if (!isset($data['username']) || !isset($data['email']) || !isset($data['password'])) {
|
||||
jsonResponse(['error' => 'Tous les champs sont requis'], 400);
|
||||
}
|
||||
|
||||
$username = trim($data['username']);
|
||||
$email = trim($data['email']);
|
||||
$password = $data['password'];
|
||||
|
||||
// Validation
|
||||
if (strlen($username) < 3) {
|
||||
jsonResponse(['error' => 'Le nom d\'utilisateur doit contenir au moins 3 caractères'], 400);
|
||||
}
|
||||
|
||||
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||
jsonResponse(['error' => 'Email invalide'], 400);
|
||||
}
|
||||
|
||||
if (strlen($password) < 6) {
|
||||
jsonResponse(['error' => 'Le mot de passe doit contenir au moins 6 caractères'], 400);
|
||||
}
|
||||
|
||||
$db = getDB();
|
||||
|
||||
// Vérifier si l'utilisateur existe déjà
|
||||
$stmt = $db->prepare("SELECT id FROM users WHERE username = ? OR email = ?");
|
||||
$stmt->execute([$username, $email]);
|
||||
|
||||
if ($stmt->fetch()) {
|
||||
jsonResponse(['error' => 'Ce nom d\'utilisateur ou cet email existe déjà'], 409);
|
||||
}
|
||||
|
||||
// Créer l'utilisateur
|
||||
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
|
||||
$stmt = $db->prepare("INSERT INTO users (username, email, password, role) VALUES (?, ?, ?, 'user')");
|
||||
$stmt->execute([$username, $email, $hashedPassword]);
|
||||
|
||||
$userId = $db->lastInsertId();
|
||||
$token = generateToken($userId);
|
||||
|
||||
jsonResponse([
|
||||
'success' => true,
|
||||
'message' => 'Compte créé avec succès',
|
||||
'token' => $token,
|
||||
'user' => [
|
||||
'id' => $userId,
|
||||
'username' => $username,
|
||||
'email' => $email,
|
||||
'role' => 'user',
|
||||
'points' => 0
|
||||
]
|
||||
]);
|
||||
}
|
||||
|
||||
function login() {
|
||||
$data = getJsonInput();
|
||||
|
||||
if (!isset($data['username']) || !isset($data['password'])) {
|
||||
jsonResponse(['error' => 'Nom d\'utilisateur et mot de passe requis'], 400);
|
||||
}
|
||||
|
||||
$username = trim($data['username']);
|
||||
$password = $data['password'];
|
||||
|
||||
$db = getDB();
|
||||
$stmt = $db->prepare("SELECT id, username, email, password, role, points FROM users WHERE username = ?");
|
||||
$stmt->execute([$username]);
|
||||
$user = $stmt->fetch();
|
||||
|
||||
if (!$user || !password_verify($password, $user['password'])) {
|
||||
jsonResponse(['error' => 'Identifiants incorrects'], 401);
|
||||
}
|
||||
|
||||
$token = generateToken($user['id']);
|
||||
|
||||
jsonResponse([
|
||||
'success' => true,
|
||||
'message' => 'Connexion réussie',
|
||||
'token' => $token,
|
||||
'user' => [
|
||||
'id' => $user['id'],
|
||||
'username' => $user['username'],
|
||||
'email' => $user['email'],
|
||||
'role' => $user['role'],
|
||||
'points' => (int)$user['points']
|
||||
]
|
||||
]);
|
||||
}
|
||||
|
||||
function getCurrentUserInfo() {
|
||||
$user = requireAuth();
|
||||
|
||||
jsonResponse([
|
||||
'success' => true,
|
||||
'user' => $user
|
||||
]);
|
||||
}
|
||||
?>
|
||||
Reference in New Issue
Block a user