52 lines
1.3 KiB
PHP
52 lines
1.3 KiB
PHP
<?php
|
|
// phpcs:ignoreFile
|
|
/**
|
|
* POST /api/auth/login
|
|
*
|
|
* Authenticate user and return JWT tokens.
|
|
*/
|
|
|
|
declare(strict_types=1);
|
|
|
|
$body = api_get_json_body();
|
|
api_require_fields($body, ['username', 'password']);
|
|
|
|
$username = trim((string) $body['username']);
|
|
$password = (string) $body['password'];
|
|
|
|
// Attempt authentication
|
|
$member = auth_attempt_login($username, $password);
|
|
|
|
if ($member === null) {
|
|
api_error('Invalid username or password', 401);
|
|
}
|
|
|
|
// Generate tokens
|
|
$accessToken = jwt_create_access_token($member);
|
|
$refreshData = jwt_create_refresh_token($member);
|
|
|
|
// Store refresh token in database
|
|
$stored = jwt_store_refresh_token(
|
|
$member['username'],
|
|
$refreshData['token_id'],
|
|
$refreshData['expires_at']
|
|
);
|
|
|
|
if (!$stored) {
|
|
// Log but don't fail - access token still works
|
|
error_log('Failed to store refresh token for user: ' . $member['username']);
|
|
}
|
|
|
|
api_success([
|
|
'access_token' => $accessToken,
|
|
'refresh_token' => $refreshData['token'],
|
|
'token_type' => 'Bearer',
|
|
'expires_in' => 900, // 15 minutes in seconds
|
|
'user' => [
|
|
'username' => $member['username'],
|
|
'growerid' => $member['growerid'] ?? null,
|
|
'growername' => $member['growername'] ?? null,
|
|
'email' => $member['email'] ?? null,
|
|
],
|
|
]);
|