feat: core utilities - CSRF, auth, encryption, PHPMailer
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Gestoría LP
42
includes/auth.php
Normal file
42
includes/auth.php
Normal file
@@ -0,0 +1,42 @@
|
||||
<?php
|
||||
require_once __DIR__ . '/db.php';
|
||||
|
||||
function authStart(): void {
|
||||
if (session_status() === PHP_SESSION_NONE) {
|
||||
session_start();
|
||||
}
|
||||
}
|
||||
|
||||
function authCheck(): bool {
|
||||
authStart();
|
||||
return !empty($_SESSION['user_id']);
|
||||
}
|
||||
|
||||
function authRequire(): void {
|
||||
if (!authCheck()) {
|
||||
header('Location: login.php');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
function authLogin(string $username, string $password): bool {
|
||||
$db = getDB();
|
||||
$stmt = $db->prepare('SELECT id, password_hash FROM usuarios WHERE username = ?');
|
||||
$stmt->execute([$username]);
|
||||
$user = $stmt->fetch();
|
||||
|
||||
if ($user && password_verify($password, $user['password_hash'])) {
|
||||
authStart();
|
||||
session_regenerate_id(true);
|
||||
$_SESSION['user_id'] = $user['id'];
|
||||
$_SESSION['username'] = $username;
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
function authLogout(): void {
|
||||
authStart();
|
||||
$_SESSION = [];
|
||||
session_destroy();
|
||||
}
|
||||
Reference in New Issue
Block a user