Skip to content

Instantly share code, notes, and snippets.

@lion328
Created September 25, 2016 08:26
Show Gist options
  • Save lion328/dd5690e607d6980d871795dc88a8dc78 to your computer and use it in GitHub Desktop.
Save lion328/dd5690e607d6980d871795dc88a8dc78 to your computer and use it in GitHub Desktop.
Simple AuthMe login API
<?php
// ---- CONFIGURATION -------------------------------
define('DB_HOST', '127.0.0.1');
define('DB_USERNAME', 'root');
define('DB_PASSWORD', '');
define('DB_NAME', 'minecraft');
define('DB_TABLE', 'authme');
// ---- PASSWORD COMPARISON FUNCTION ----------------
function passwordCompare($rawHash, $password)
{
$parts = explode('$', $rawHash);
if (count($parts) === 4)
{
$hash = hash('sha256', $password);
$hash = hash('sha256', $hash . $parts[2]);
return $hash === $parts[3];
}
return FALSE;
}
// --------------------------------------------------
header('Content-Type: text/plain');
$username = isset($_POST['username']) ? $_POST['username'] : NULL;
$password = isset($_POST['password']) ? $_POST['password'] : NULL;
if (empty($username) || empty($password))
{
die('false:EMPTY_REQUEST');
}
try
{
$database = new PDO('mysql:dbname=' . DB_NAME . ';host=' . DB_HOST, DB_USERNAME, DB_PASSWORD);
}
catch (PDOException $e)
{
die('false:ERROR_DATABASE_CONNECT');
}
$statement = $database->prepare('SELECT password FROM ' . DB_TABLE . ' WHERE username = :username');
$state = $statement->execute(array('username' => $username));
if ($state === FALSE)
{
die('false:ERROR_DATABASE_QUERY');
}
$result = $statement->fetchAll(PDO::FETCH_ASSOC);
if ($result === FALSE)
{
die('false:ERROR_DATABASE_FETCH');
}
if (count($result) === 0)
{
die('false');
}
if (passwordCompare($result[0]['password'], $password) === TRUE)
{
die('true');
}
die('false');
@ThePixade
Copy link

Hello I have a error and i need help please

false:EMPTY_REQUEST

From where it come ?

@lion328
Copy link
Author

lion328 commented Oct 21, 2016

@ThePixade It need POST request with "username" and "password" as parameters and not empty

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment