From c1ea348200bcf34535cdcc5200cd3d9b4055c95d Mon Sep 17 00:00:00 2001
From: ghost <noreply@localhost>
Date: Wed, 29 Dec 2021 01:07:39 +0200
Subject: [PATCH] add session-based aouth

---
 src/application/controller/login.php    | 5 +++++
 src/application/controller/logout.php   | 8 ++++++++
 src/application/controller/register.php | 4 ++++
 src/bootstrap.php                       | 8 ++++++++
 4 files changed, 25 insertions(+)
 create mode 100644 src/application/controller/logout.php

diff --git a/src/application/controller/login.php b/src/application/controller/login.php
index 58114b0..8144059 100644
--- a/src/application/controller/login.php
+++ b/src/application/controller/login.php
@@ -61,8 +61,13 @@ if (isset($_POST) && $_POST) {
         // @TODO
 
         // Auth
+        if (!session_id()) {
+
+          $_SESSION['username'] = $userName;
+        }
 
         // Redirect
+        header('Location: ' . PROJECT_HOST, true, 302);
 
       } else {
 
diff --git a/src/application/controller/logout.php b/src/application/controller/logout.php
new file mode 100644
index 0000000..f0712dd
--- /dev/null
+++ b/src/application/controller/logout.php
@@ -0,0 +1,8 @@
+
+<?php
+
+if (isset($_SESSION['username'])) {
+    session_destroy();
+}
+
+header('Location: ' . PROJECT_HOST, true, 302);
\ No newline at end of file
diff --git a/src/application/controller/register.php b/src/application/controller/register.php
index 60d5e63..00bf3d3 100644
--- a/src/application/controller/register.php
+++ b/src/application/controller/register.php
@@ -1,3 +1,7 @@
 <?php
 
+if (isset($_SESSION['username'])) {
+    header('Location: ' . PROJECT_HOST, true, 302);
+}
+
 require(PROJECT_DIR . '/application/view/register.phtml');
\ No newline at end of file
diff --git a/src/bootstrap.php b/src/bootstrap.php
index 803bc98..6af90bd 100644
--- a/src/bootstrap.php
+++ b/src/bootstrap.php
@@ -41,6 +41,11 @@ $_modelBlock = new ModelBlock(
   DB_PASSWORD
 );
 
+// Start session
+if (!session_id()) {
+     session_start();
+}
+
 // Route
 if (isset($_GET['_route_'])) {
 
@@ -51,6 +56,9 @@ if (isset($_GET['_route_'])) {
       case 'login':
         require(PROJECT_DIR . '/application/controller/login.php');
       break;
+      case 'logout':
+        require(PROJECT_DIR . '/application/controller/logout.php');
+      break;
       case 'register':
         require(PROJECT_DIR . '/application/controller/register.php');
       break;