view = $view; } public function showLoginPage(Request $request, Response $response): Response { if (!empty($_SESSION['username'])) { // Already logged in, redirect to dashboard return $response ->withHeader('Location', '/') ->withStatus(303); } $renderData = [ ]; return $this->view->render($response, 'login.html.twig', $renderData); } public function authenticateUser(Request $request, Response $response): Response { $params = (array)$request->getParsedBody(); if (empty($params['username']) || empty($params['password'])) { throw new HttpBadRequestException($request, 'Missing parameters'); } // TODO: only for testing, obviously if ($params['username'] === 'lexi' && $params['password'] === 'testpw') { $_SESSION['username'] = $params['username']; return $response ->withHeader('Location', '/') ->withStatus(303); } else { return $this->view->render($response, 'login.html.twig', ['error' => 'Wrong username or password!']); } } public function logoutUser(Request $request, Response $response): Response { session_destroy(); return $response ->withHeader('Location', '/login') ->withStatus(303); } }