57 lines
1.9 KiB
PHP
57 lines
1.9 KiB
PHP
<?php
|
|
require 'db.php';
|
|
require 'vendor/autoload.php';
|
|
session_start();
|
|
|
|
$message = '';
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$stmt = $pdo->prepare("SELECT * FROM users WHERE email = ?");
|
|
$stmt->execute([$_POST['email']]);
|
|
$user = $stmt->fetch();
|
|
|
|
if ($user && password_verify($_POST['password'], $user['password_hash'])) {
|
|
$_SESSION['user_id'] = $user['id'];
|
|
$_SESSION['totp_secret'] = $user['totp_secret'];
|
|
$_SESSION['2fa_verified'] = false;
|
|
$_SESSION['user_role'] = $user['user_role'] ?? 'Client';
|
|
header('Location: verify_2fa.php');
|
|
exit;
|
|
} else {
|
|
$message = "Invalid credentials.";
|
|
}
|
|
}
|
|
?>
|
|
|
|
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<title>Login - SuperArc</title>
|
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
|
<!-- Bootstrap 5 CDN -->
|
|
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
|
|
</head>
|
|
<body class="bg-light d-flex align-items-center justify-content-center vh-100">
|
|
|
|
<div class="card shadow p-4" style="width: 100%; max-width: 400px;">
|
|
<h3 class="text-center mb-3">Login</h3>
|
|
<?php if ($message): ?>
|
|
<div class="alert alert-danger" role="alert"><?= htmlspecialchars($message) ?></div>
|
|
<?php endif; ?>
|
|
<form method="POST">
|
|
<div class="mb-3">
|
|
<label for="email" class="form-label">Email address</label>
|
|
<input name="email" type="email" class="form-control" id="email" required autofocus>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="password" class="form-label">Password</label>
|
|
<input name="password" type="password" class="form-control" id="password" required>
|
|
</div>
|
|
<button type="submit" class="btn btn-primary w-100">Sign In</button>
|
|
</form>
|
|
</div>
|
|
|
|
</body>
|
|
</html>
|