clqms-be/app/Controllers/Auth.php

<?php

namespace App\Controllers;

use CodeIgniter\API\ResponseTrait;
use CodeIgniter\Controller;
use \Firebase\JWT\JWT;

class Auth extends Controller {
    use ResponseTrait;

    public function __construct() {
        $this->db = \Config\Database::connect();
    }

    public function login() {
        $username = $this->request->getVar('username');
        $password = $this->request->getVar('password');
        $key = getenv('JWT_SECRET');

        if (!$username) {
            return $this->fail('Username required.', 400);
        }
        
        $sql = "select * from users where username=".$this->db->escape($username);
        $query = $this->db->query($sql);
        $row = $query->getRowArray();

        if (!$row) {
            return $this->fail('User not found.', 401); // Use 401 for authentication failures
        }
        
        if (!password_verify($password, $row['password'])) {
            return $this->fail('Invalid password.', 401);
        }
        
        // JWT payload
        $payload = [
            'username' => $row['username'],
            'exp' => time() + 3600
        ];

        try {
            $jwt = JWT::encode($payload, $key, 'HS256');
        } catch (Exception $e) {
            return $this->fail('Error generating JWT: ' . $e->getMessage(), 500);
        }

        // Update last_login
        //$this->userModel->update($user['id'], ['lastlogin' => date('Y-m-d H:i:s')]);

        $response = [
            'message' => 'Login successful',
            'token'   => $jwt,
        ];
        return $this->respond($response);
    }

    public function change_pass() {
        $db = \Config\Database::connect();
        $username = $this->request->getJsonVar('username');
        $password = $this->request->getJsonVar('password');
        $password = password_hash($password, PASSWORD_DEFAULT);

        $master = $this->request->getJsonVar('master');
        $masterkey = getenv('masterkey');
        
        if($master != $masterkey) {
            return $this->fail('Invalid master key.', 401);
        }
        
        $sql = "update users set password='$password' where username='$username'";
        $query = $db->query($sql);
        $response = [
            'message' => "Password Changed for $username"
        ];
        return $this->respond($response);
    }

    public function register() {
        $username = $this->request->getJsonVar('username');
        $password = $this->request->getJsonVar('password');
        $password = password_hash($password, PASSWORD_DEFAULT);

        $master = $this->request->getJsonVar('master');
        $masterkey = getenv('masterkey');
        
        if($master != $masterkey) {
            return $this->fail('Invalid master key.', 401);
        }
        
        $sql = "insert into users(username, password) values('$username', '$password')";
        $this->db->query($sql);
        $response = [
            'message' => "user $username created"
        ];
        return $this->respondCreated($response);
    }

    public function checkAuth() {
        $authorizationHeader = $this->request->getHeader('Authorization');

        if (!$authorizationHeader) {
            return $this->fail('Authorization header is missing', 401);
        }

        $authHeaderValue = $authorizationHeader->getValue();

        if (empty($authHeaderValue)) {
             return $this->fail('Authorization header is empty', 401);
        }

        // Extract the token from the "Bearer <token>" format
        if (strpos($authHeaderValue, 'Bearer ') === 0) {
            $token = substr($authHeaderValue, 7);
        } else {
            $token = $authHeaderValue; // Assume the header contains only the token
        }


        try {
            $decoded = JWT::decode($token, $this->key, ['HS256']); // Use the Key object
            // You can now access user data from $decoded
            $response = [
                'message' => 'Authentication successful',
                'user'    => $decoded, //  return the decoded token
            ];
            return $this->respond($response);

        } catch (Exception $e) {
            return $this->fail('Invalid token: ' . $e->getMessage(), 401);
        }
    }

}
auth done 2025-06-26 14:09:25 +07:00			`<?php`

			`namespace App\Controllers;`

			`use CodeIgniter\API\ResponseTrait;`
			`use CodeIgniter\Controller;`
			`use \Firebase\JWT\JWT;`

			`class Auth extends Controller {`
			`use ResponseTrait;`

			`public function __construct() {`
			`$this->db = \Config\Database::connect();`
			`}`

			`public function login() {`
			`$username = $this->request->getVar('username');`
			`$password = $this->request->getVar('password');`
			`$key = getenv('JWT_SECRET');`

			`if (!$username) {`
			`return $this->fail('Username required.', 400);`
			`}`

			`$sql = "select * from users where username=".$this->db->escape($username);`
			`$query = $this->db->query($sql);`
			`$row = $query->getRowArray();`

			`if (!$row) {`
			`return $this->fail('User not found.', 401); // Use 401 for authentication failures`
			`}`

			`if (!password_verify($password, $row['password'])) {`
			`return $this->fail('Invalid password.', 401);`
			`}`

			`// JWT payload`
			`$payload = [`
			`'username' => $row['username'],`
			`'exp' => time() + 3600`
			`];`

			`try {`
			`$jwt = JWT::encode($payload, $key, 'HS256');`
			`} catch (Exception $e) {`
			`return $this->fail('Error generating JWT: ' . $e->getMessage(), 500);`
			`}`

			`// Update last_login`
			`//$this->userModel->update($user['id'], ['lastlogin' => date('Y-m-d H:i:s')]);`

			`$response = [`
			`'message' => 'Login successful',`
			`'token' => $jwt,`
			`];`
			`return $this->respond($response);`
			`}`

			`public function change_pass() {`
			`$db = \Config\Database::connect();`
			`$username = $this->request->getJsonVar('username');`
			`$password = $this->request->getJsonVar('password');`
			`$password = password_hash($password, PASSWORD_DEFAULT);`

			`$master = $this->request->getJsonVar('master');`
			`$masterkey = getenv('masterkey');`

			`if($master != $masterkey) {`
			`return $this->fail('Invalid master key.', 401);`
			`}`

			`$sql = "update users set password='$password' where username='$username'";`
			`$query = $db->query($sql);`
			`$response = [`
			`'message' => "Password Changed for $username"`
			`];`
			`return $this->respond($response);`
			`}`

			`public function register() {`
			`$username = $this->request->getJsonVar('username');`
			`$password = $this->request->getJsonVar('password');`
			`$password = password_hash($password, PASSWORD_DEFAULT);`

			`$master = $this->request->getJsonVar('master');`
			`$masterkey = getenv('masterkey');`

			`if($master != $masterkey) {`
			`return $this->fail('Invalid master key.', 401);`
			`}`

			`$sql = "insert into users(username, password) values('$username', '$password')";`
			`$this->db->query($sql);`
			`$response = [`
			`'message' => "user $username created"`
			`];`
			`return $this->respondCreated($response);`
			`}`

			`public function checkAuth() {`
			`$authorizationHeader = $this->request->getHeader('Authorization');`

			`if (!$authorizationHeader) {`
			`return $this->fail('Authorization header is missing', 401);`
			`}`

			`$authHeaderValue = $authorizationHeader->getValue();`

			`if (empty($authHeaderValue)) {`
			`return $this->fail('Authorization header is empty', 401);`
			`}`

			`// Extract the token from the "Bearer <token>" format`
			`if (strpos($authHeaderValue, 'Bearer ') === 0) {`
			`$token = substr($authHeaderValue, 7);`
			`} else {`
			`$token = $authHeaderValue; // Assume the header contains only the token`
			`}`


			`try {`
			`$decoded = JWT::decode($token, $this->key, ['HS256']); // Use the Key object`
			`// You can now access user data from $decoded`
			`$response = [`
			`'message' => 'Authentication successful',`
			`'user' => $decoded, // return the decoded token`
			`];`
			`return $this->respond($response);`

			`} catch (Exception $e) {`
			`return $this->fail('Invalid token: ' . $e->getMessage(), 401);`
			`}`
			`}`

			`}`