'Méthode non autorisée'], 405); } function register() { $data = getJsonInput(); if (!isset($data['username']) || !isset($data['email']) || !isset($data['password'])) { jsonResponse(['error' => 'Tous les champs sont requis'], 400); } $username = trim($data['username']); $email = trim($data['email']); $password = $data['password']; // Validation if (strlen($username) < 3) { jsonResponse(['error' => 'Le nom d\'utilisateur doit contenir au moins 3 caractères'], 400); } if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { jsonResponse(['error' => 'Email invalide'], 400); } if (strlen($password) < 6) { jsonResponse(['error' => 'Le mot de passe doit contenir au moins 6 caractères'], 400); } $db = getDB(); // Vérifier si l'utilisateur existe déjà $stmt = $db->prepare("SELECT id FROM users WHERE username = ? OR email = ?"); $stmt->execute([$username, $email]); if ($stmt->fetch()) { jsonResponse(['error' => 'Ce nom d\'utilisateur ou cet email existe déjà'], 409); } // Créer l'utilisateur $hashedPassword = password_hash($password, PASSWORD_DEFAULT); $stmt = $db->prepare("INSERT INTO users (username, email, password, role) VALUES (?, ?, ?, 'user')"); $stmt->execute([$username, $email, $hashedPassword]); $userId = $db->lastInsertId(); $token = generateToken($userId); jsonResponse([ 'success' => true, 'message' => 'Compte créé avec succès', 'token' => $token, 'user' => [ 'id' => $userId, 'username' => $username, 'email' => $email, 'role' => 'user', 'points' => 0 ] ]); } function login() { $data = getJsonInput(); if (!isset($data['username']) || !isset($data['password'])) { jsonResponse(['error' => 'Nom d\'utilisateur et mot de passe requis'], 400); } $username = trim($data['username']); $password = $data['password']; $db = getDB(); $stmt = $db->prepare("SELECT id, username, email, password, role, points FROM users WHERE username = ?"); $stmt->execute([$username]); $user = $stmt->fetch(); if (!$user || !password_verify($password, $user['password'])) { jsonResponse(['error' => 'Identifiants incorrects'], 401); } $token = generateToken($user['id']); jsonResponse([ 'success' => true, 'message' => 'Connexion réussie', 'token' => $token, 'user' => [ 'id' => $user['id'], 'username' => $user['username'], 'email' => $user['email'], 'role' => $user['role'], 'points' => (int)$user['points'] ] ]); } function getCurrentUserInfo() { $user = requireAuth(); jsonResponse([ 'success' => true, 'user' => $user ]); } ?>